This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json) Hash identifier: kNLJlwQTrUr4/+Dmlx92DcViTDy6ACucBq3IP4m7Q4M= Subject key identifier: 32:17:CB:BE:66:A6:FB:CF:C6:5D:E7:3C:E9:12:7C:72:7E:9D:4A:80 Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb Certificate serial: 019AF12E5C9FCF9D3EC1EE99E68A2336010E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft Manifest number: 11FC Signing time: Sat 06 Dec 2025 01:02:18 +0000 Manifest this update: Sat 06 Dec 2025 01:02:18 +0000 Manifest next update: Sun 07 Dec 2025 01:02:18 +0000 Files and hashes: 1: WsJxTcqQMdNcfxDwYxL96RxQkLE.roa (hash: AzUS2a/hUE19ESDc/skGDA/ldB6bGDxX9L5RO7/taEk=) 2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: ytTWZTl7/vVUqz3wPANuCczOpJfIk02/IWoXVCqyCgo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:5c:9f:cf:9d:3e:c1:ee:99:e6:8a:23:36:01:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb Validity Not Before: Dec 6 01:02:18 2025 GMT Not After : Dec 7 01:02:18 2025 GMT Subject: CN=3217cbbe66a6fbcfc65de73ce9127c727e9d4a80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6a:02:a4:cc:b9:b9:c6:57:83:40:33:00:07: b6:f9:50:60:cf:f2:bc:13:ae:81:63:4f:d4:16:01: f4:05:ad:a1:f8:3d:db:4f:84:59:ea:03:da:ee:6e: 82:99:fd:1e:b2:d1:aa:48:76:26:89:f2:6c:56:36: 6c:d3:cb:18:2c:5f:e4:dc:6d:1c:8b:1d:67:76:df: 0f:e0:72:36:24:18:ba:e3:31:93:f0:37:f3:a7:63: 7d:03:c8:54:be:53:97:ea:81:ba:1b:1b:aa:9d:03: 80:c7:da:f9:7c:6b:16:09:bd:14:1f:ce:88:29:c0: 4d:44:24:43:d3:71:46:cd:93:6e:ae:62:a3:55:8f: a2:10:2f:27:c9:b2:ac:cb:72:8c:29:ae:3a:48:3f: 57:2c:d5:f3:21:2b:09:10:a4:d9:69:c6:04:98:84: 4d:41:93:71:f5:bf:34:7c:32:19:f6:5f:0e:84:bf: ef:94:a4:ef:55:2c:8e:a9:e2:98:07:3a:1f:bc:b5: 57:17:68:fb:bd:b1:57:8d:33:a4:85:a5:52:e8:6f: 4d:b3:24:9a:47:a4:ac:f5:c8:5d:ae:43:ee:ed:12: b3:bf:5c:5c:ad:95:73:15:4e:8d:27:77:ed:b1:85: e6:6b:f3:43:98:f5:62:84:b5:01:98:33:2c:bb:f1: 3a:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:17:CB:BE:66:A6:FB:CF:C6:5D:E7:3C:E9:12:7C:72:7E:9D:4A:80 X509v3 Authority Key Identifier: keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:8e:c1:9b:87:df:66:10:2c:1d:9a:b6:f0:99:28:60:f8:9f: 1b:c5:57:63:28:60:25:7e:ac:c1:b6:f8:53:81:3f:1e:e5:52: a1:a5:55:9b:74:21:77:62:e0:7a:62:b0:18:a8:a9:5d:69:e1: de:5d:78:8b:c6:01:dc:c1:d9:c9:26:f4:73:24:04:18:9b:54: 75:96:41:6d:10:32:6f:d7:28:50:0c:03:40:7b:72:45:cb:c5: e2:eb:2f:8c:5f:29:15:f7:52:29:7d:12:f0:49:96:99:06:ac: a7:9c:ce:be:22:14:1b:bf:48:be:d6:68:94:d5:5d:a6:e0:fb: da:fa:36:ce:c5:82:eb:94:3f:0b:86:08:b7:66:26:dc:00:e0: b4:87:26:0e:e4:63:e5:d5:9d:d7:96:b5:e0:0e:05:f2:a2:0c: 39:70:17:94:ab:e6:15:77:67:ad:62:15:88:fa:3e:70:32:0a: 64:aa:cb:e4:4d:c4:34:1e:8a:7d:06:df:8e:00:f8:f8:bb:a6: 7d:90:56:4c:57:0a:e7:59:f5:cf:e5:81:ba:87:a9:0b:4c:f4: 71:84:9d:62:c0:22:67:7c:81:03:7c:35:19:28:34:91:b2:76: c7:5a:61:5b:e6:ca:6c:31:a5:4a:78:99:d0:3b:b7:b5:b6:53: ae:7a:fa:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLlyfz50+we6Z5oojNgEOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz NTI5Y2IwHhcNMjUxMjA2MDEwMjE4WhcNMjUxMjA3MDEwMjE4WjAzMTEwLwYDVQQD EygzMjE3Y2JiZTY2YTZmYmNmYzY1ZGU3M2NlOTEyN2M3MjdlOWQ0YTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGoCpMy5ucZXg0AzAAe2+VBgz/K8 E66BY0/UFgH0Ba2h+D3bT4RZ6gPa7m6Cmf0estGqSHYmifJsVjZs08sYLF/k3G0c ix1ndt8P4HI2JBi64zGT8Dfzp2N9A8hUvlOX6oG6GxuqnQOAx9r5fGsWCb0UH86I KcBNRCRD03FGzZNurmKjVY+iEC8nybKsy3KMKa46SD9XLNXzISsJEKTZacYEmIRN QZNx9b80fDIZ9l8OhL/vlKTvVSyOqeKYBzofvLVXF2j7vbFXjTOkhaVS6G9NsySa R6Ss9chdrkPu7RKzv1xcrZVzFU6NJ3ftsYXma/NDmPVihLUBmDMsu/E6vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDIXy75mpvvPxl3nPOkSfHJ+nUqAMB8GA1UdIwQY MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5 LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX47Bm4ff ZhAsHZq28JkoYPifG8VXYyhgJX6swbb4U4E/HuVSoaVVm3Qhd2LgemKwGKipXWnh 3l14i8YB3MHZySb0cyQEGJtUdZZBbRAyb9coUAwDQHtyRcvF4usvjF8pFfdSKX0S 8EmWmQasp5zOviIUG79IvtZolNVdpuD72vo2zsWC65Q/C4YIt2Ym3ADgtIcmDuRj 5dWd15a14A4F8qIMOXAXlKvmFXdnrWIViPo+cDIKZKrL5E3ENB6KfQbfjgD4+Lum fZBWTFcK51n1z+WBuoepC0z0cYSdYsAiZ3yBA3w1GSg0kbJ2x1phW+bKbDGlSniZ 0Du3tbZTrnr6pQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:45 2025 by rpki-client