This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json) Hash identifier: /SsHu4C3/dTHD7B+rrwgsfsC7CBMFTaEvPbG39SbxxA= Subject key identifier: F8:B4:FE:CC:0F:83:47:56:BF:42:B4:6F:45:46:52:7D:14:AF:37:5D Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a Certificate serial: 019AF1646C981D9114275ABFFFB045C7D9AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft Manifest number: 14B3 Signing time: Sat 06 Dec 2025 02:01:21 +0000 Manifest this update: Sat 06 Dec 2025 02:01:21 +0000 Manifest next update: Sun 07 Dec 2025 02:01:21 +0000 Files and hashes: 1: I773Hp7jzXxFqxtd4A53rVhKUfg.roa (hash: e0xae4ugiNrb+FPmOR6kAe0RGY+82Cc1UMOVTkb0ZXw=) 2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: T3dbLYUcforLykURhymg+h4hysdhtUR2hLji+uvt8eQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:6c:98:1d:91:14:27:5a:bf:ff:b0:45:c7:d9:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a023766c62deb51297155708eccb421c8b04780a Validity Not Before: Dec 6 02:01:21 2025 GMT Not After : Dec 7 02:01:21 2025 GMT Subject: CN=f8b4fecc0f834756bf42b46f4546527d14af375d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c7:2a:76:24:7e:9c:56:9d:de:55:85:98:43: 65:fd:e2:58:a0:7b:3d:74:de:3e:8b:cf:e8:f7:85: b0:ef:53:7c:01:9b:13:ad:ee:fb:5a:8f:75:e3:72: e1:9e:31:6d:a1:2b:5a:61:5e:71:e7:0c:c6:3b:4e: b7:27:41:1c:cf:34:5d:da:02:aa:f2:28:33:81:28: ba:1b:fe:f8:e7:35:b7:7a:7c:81:52:39:d6:7b:07: 6e:5f:c4:a9:0c:83:34:7d:5b:c2:86:1f:35:32:50: 3c:ef:6e:23:7a:f9:11:8a:26:cc:2d:75:eb:21:3f: c3:1d:65:60:b7:37:7f:5e:fe:7b:63:03:56:a1:86: e0:da:df:7d:34:b0:02:81:79:c0:7a:db:0e:b7:fe: 82:8e:f0:51:13:ee:b1:63:d0:b6:b2:c4:36:a2:7a: ac:59:e2:49:f6:36:7d:60:6f:1e:9c:b3:46:2e:ea: e1:f9:e9:20:eb:4c:56:bf:8e:b9:d4:2f:ca:1c:9b: 2a:c6:52:ef:04:3f:9c:2d:3f:8b:21:aa:6c:a3:5b: d8:d7:4e:60:f1:fa:84:20:5f:45:2c:8c:dd:0a:64: 78:c7:08:bd:1c:78:8b:69:ec:6b:1c:84:c3:f1:ed: c4:90:17:97:ad:e3:6c:2b:e7:06:e8:eb:8f:26:a9: da:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:B4:FE:CC:0F:83:47:56:BF:42:B4:6F:45:46:52:7D:14:AF:37:5D X509v3 Authority Key Identifier: keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:50:26:49:99:14:6c:77:a4:d3:68:ae:2f:b9:07:9d:6b:4a: c9:46:69:bb:55:4b:cf:64:c5:f9:86:d9:52:07:40:fc:a8:f9: 1d:51:11:dc:9c:d0:86:75:59:7f:02:dc:89:9f:86:af:c7:3f: 62:55:36:84:d2:77:b4:f2:56:cb:86:62:69:0c:5f:59:08:8a: 70:2b:68:ec:bf:54:43:26:d0:03:92:0c:fb:61:81:d1:eb:82: 41:46:46:df:92:6f:4c:f0:9f:3d:d4:0b:d4:43:aa:25:6f:14: 6f:a9:47:0a:eb:54:bc:76:1f:f4:72:ad:6d:e0:bf:94:69:fd: 62:e7:f7:e4:f6:97:8d:81:84:e9:5d:38:35:78:35:71:e4:3a: 7e:c7:e7:ad:b9:6a:b3:4b:eb:91:8c:19:3f:92:8d:3e:01:61: 7d:5f:e9:f2:83:f3:84:54:cf:30:6a:97:6e:f8:a1:cf:f7:4a: 8b:87:86:12:40:73:ce:72:f3:a4:d6:a7:25:50:db:ee:37:7d: d0:d0:6f:55:93:9e:6b:a5:e4:91:6c:41:1d:49:0d:c1:5e:9a: 5f:cb:e5:7c:4b:b4:91:b5:6c:cd:41:59:f7:65:ed:9b:be:fb: f9:b6:36:cb:65:8d:7e:90:4a:06:8d:32:c8:93:99:e3:ff:69: 86:75:1f:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZGyYHZEUJ1q//7BFx9msMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw NDc4MGEwHhcNMjUxMjA2MDIwMTIxWhcNMjUxMjA3MDIwMTIxWjAzMTEwLwYDVQQD EyhmOGI0ZmVjYzBmODM0NzU2YmY0MmI0NmY0NTQ2NTI3ZDE0YWYzNzVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8cqdiR+nFad3lWFmENl/eJYoHs9 dN4+i8/o94Ww71N8AZsTre77Wo9143LhnjFtoStaYV5x5wzGO063J0EczzRd2gKq 8igzgSi6G/745zW3enyBUjnWewduX8SpDIM0fVvChh81MlA8724jevkRiibMLXXr IT/DHWVgtzd/Xv57YwNWoYbg2t99NLACgXnAetsOt/6CjvBRE+6xY9C2ssQ2onqs WeJJ9jZ9YG8enLNGLurh+ekg60xWv4651C/KHJsqxlLvBD+cLT+LIapso1vY105g 8fqEIF9FLIzdCmR4xwi9HHiLaexrHITD8e3EkBeXreNsK+cG6OuPJqnahwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPi0/swPg0dWv0K0b0VGUn0UrzddMB8GA1UdIwQY MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilAmSZkU bHek02iuL7kHnWtKyUZpu1VLz2TF+YbZUgdA/Kj5HVER3JzQhnVZfwLciZ+Gr8c/ YlU2hNJ3tPJWy4ZiaQxfWQiKcCto7L9UQybQA5IM+2GB0euCQUZG35JvTPCfPdQL 1EOqJW8Ub6lHCutUvHYf9HKtbeC/lGn9Yuf35PaXjYGE6V04NXg1ceQ6fsfnrblq s0vrkYwZP5KNPgFhfV/p8oPzhFTPMGqXbvihz/dKi4eGEkBzznLzpNanJVDb7jd9 0NBvVZOea6XkkWxBHUkNwV6aX8vlfEu0kbVszUFZ92Xtm777+bY2y2WNfpBKBo0y yJOZ4/9phnUfdA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:17:06 2025 by rpki-client