This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json) Hash identifier: f1NviS3AUk24rpAW91LN1oaoKIkf7BvWAtL5/XYHQMM= Subject key identifier: AC:3C:3C:16:6F:C8:D1:3A:8C:B2:63:8A:B5:F4:31:17:05:8B:A5:52 Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a Certificate serial: 019B34FBB21432BC1C39F86066A43F4F0265 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft Manifest number: 14D6 Signing time: Fri 19 Dec 2025 05:01:08 +0000 Manifest this update: Fri 19 Dec 2025 05:01:08 +0000 Manifest next update: Sat 20 Dec 2025 05:01:08 +0000 Files and hashes: 1: I773Hp7jzXxFqxtd4A53rVhKUfg.roa (hash: e0xae4ugiNrb+FPmOR6kAe0RGY+82Cc1UMOVTkb0ZXw=) 2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: ki/Ld2n3so6yg10oTY/zzbcnrqjEQ+HyhH/6pMHtnG4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:b2:14:32:bc:1c:39:f8:60:66:a4:3f:4f:02:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a023766c62deb51297155708eccb421c8b04780a Validity Not Before: Dec 19 05:01:08 2025 GMT Not After : Dec 20 05:01:08 2025 GMT Subject: CN=ac3c3c166fc8d13a8cb2638ab5f43117058ba552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:cc:40:22:df:be:94:35:49:12:42:50:2d:7b: 48:03:e8:ff:15:cc:fc:04:ed:6e:06:8e:6a:61:c5: 2e:ca:a2:e4:51:e3:9e:e8:be:6e:11:fa:66:38:1e: 89:e5:59:bf:07:e1:40:bd:ce:64:ed:bf:c5:50:6d: c0:12:ad:0a:48:59:89:28:8b:e6:7a:19:08:83:fc: 4e:52:42:ba:6c:10:53:a2:6a:0f:17:56:37:bd:7f: 17:09:5d:5f:73:f2:fb:0b:81:ca:36:26:6f:70:f5: d0:9c:99:9e:5f:2a:ce:25:c7:31:60:5f:08:f9:9e: e8:b6:7f:90:bb:82:13:46:bd:c8:9c:71:5f:ab:13: 80:b6:15:45:d0:80:82:5d:50:2c:2c:91:ea:10:bc: a9:64:10:ed:40:bc:4a:e0:c9:7f:db:7f:b6:c6:39: 9f:67:48:9d:bd:f3:cc:f2:2d:66:9e:e6:ef:a0:2b: 51:96:b9:d4:1f:46:df:79:c2:75:fb:10:ef:41:62: ce:f9:a2:98:f6:eb:23:eb:57:0c:97:b6:01:c6:30: e1:b9:37:f6:88:5f:45:95:cb:67:56:33:83:a3:c9: 50:31:0e:32:d4:ee:3b:cb:34:fd:2c:d1:7a:69:58: 69:1b:a4:19:5c:33:3f:9d:c9:80:ef:74:e1:7b:48: ce:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:3C:3C:16:6F:C8:D1:3A:8C:B2:63:8A:B5:F4:31:17:05:8B:A5:52 X509v3 Authority Key Identifier: keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:4a:d0:7e:d1:5f:d2:82:7e:93:67:0d:10:2f:0f:25:16:02: 16:89:6a:ae:33:3d:db:fe:68:55:05:3a:76:fe:e6:f5:ab:d6: 45:ff:70:00:0c:85:8a:1b:a0:4b:94:f6:fd:58:f8:ff:eb:a3: 11:e8:c4:1d:44:e4:b9:dd:22:24:d0:6c:c4:ab:d5:f6:09:ac: c9:1f:ff:17:e5:49:d3:49:f8:2c:c6:3e:06:75:79:14:ae:b5: eb:d6:60:50:c4:f9:33:d1:8f:9d:79:71:86:21:55:1e:fb:55: d7:4a:4f:82:76:a4:01:9b:bc:b1:ce:4f:e0:f7:4c:73:02:9c: a9:f3:61:3d:41:0d:b6:2b:6f:53:1a:47:6b:d1:f0:0f:13:1d: fe:cd:80:88:26:a8:c6:9a:be:e8:20:ed:07:22:5f:a9:69:77: c1:b1:a4:d2:a3:59:99:2b:f3:2d:ea:46:c1:cb:a2:3c:33:ed: 28:98:19:19:6c:05:f0:f3:1b:67:32:8c:c4:64:c6:0a:93:af: 41:df:aa:06:a3:47:b1:6d:c5:0c:76:6b:29:14:c3:7d:a4:c9: a8:2f:d9:35:24:2a:42:a6:e0:6c:cd:de:2c:ce:73:25:bc:bf: c6:e4:66:55:34:88:77:9b:39:75:f9:e1:87:70:0e:61:2f:0b: 24:58:f7:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+7IUMrwcOfhgZqQ/TwJlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw NDc4MGEwHhcNMjUxMjE5MDUwMTA4WhcNMjUxMjIwMDUwMTA4WjAzMTEwLwYDVQQD EyhhYzNjM2MxNjZmYzhkMTNhOGNiMjYzOGFiNWY0MzExNzA1OGJhNTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+MxAIt++lDVJEkJQLXtIA+j/Fcz8 BO1uBo5qYcUuyqLkUeOe6L5uEfpmOB6J5Vm/B+FAvc5k7b/FUG3AEq0KSFmJKIvm ehkIg/xOUkK6bBBTomoPF1Y3vX8XCV1fc/L7C4HKNiZvcPXQnJmeXyrOJccxYF8I +Z7otn+Qu4ITRr3InHFfqxOAthVF0ICCXVAsLJHqELypZBDtQLxK4Ml/23+2xjmf Z0idvfPM8i1mnubvoCtRlrnUH0bfecJ1+xDvQWLO+aKY9usj61cMl7YBxjDhuTf2 iF9FlctnVjODo8lQMQ4y1O47yzT9LNF6aVhpG6QZXDM/ncmA73The0jOvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKw8PBZvyNE6jLJjirX0MRcFi6VSMB8GA1UdIwQY MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUrQftFf 0oJ+k2cNEC8PJRYCFolqrjM92/5oVQU6dv7m9avWRf9wAAyFihugS5T2/Vj4/+uj EejEHUTkud0iJNBsxKvV9gmsyR//F+VJ00n4LMY+BnV5FK6169ZgUMT5M9GPnXlx hiFVHvtV10pPgnakAZu8sc5P4PdMcwKcqfNhPUENtitvUxpHa9HwDxMd/s2AiCao xpq+6CDtByJfqWl3wbGk0qNZmSvzLepGwcuiPDPtKJgZGWwF8PMbZzKMxGTGCpOv Qd+qBqNHsW3FDHZrKRTDfaTJqC/ZNSQqQqbgbM3eLM5zJby/xuRmVTSId5s5dfnh h3AOYS8LJFj3AQ== -----END CERTIFICATE-----Generated at Fri Dec 19 09:13:01 2025 by rpki-client