This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.mft File: oWKOOfRxrdx15xo5G4Ldklx_CB0.mft (raw, json) Hash identifier: eGlwWAdVFQ2W6fH0yBbYWsi7JT+dSUiBAPU6JhDj6SI= Subject key identifier: 67:C0:58:65:12:46:E7:0C:94:FB:55:2A:10:9D:77:76:2F:0A:DB:79 Authority key identifier: A1:62:8E:39:F4:71:AD:DC:75:E7:1A:39:1B:82:DD:92:5C:7F:08:1D Certificate issuer: /CN=a1628e39f471addc75e71a391b82dd925c7f081d Certificate serial: 019AF276BBF4E9741FEE13BF8D47212E807F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWKOOfRxrdx15xo5G4Ldklx_CB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.mft Manifest number: 1334 Signing time: Sat 06 Dec 2025 07:00:58 +0000 Manifest this update: Sat 06 Dec 2025 07:00:58 +0000 Manifest next update: Sun 07 Dec 2025 07:00:58 +0000 Files and hashes: 1: 1-rpUgw0W3sKSFdW3yshaE1HCCc0.roa (hash: c/Tt5N/pZWiN2mpptC/U9LHYusWW/dCE4lcNMT3U+WE=) 2: oWKOOfRxrdx15xo5G4Ldklx_CB0.crl (hash: jsIaQbCXT22PHOwyZHKedtGm1QBgiqV13Ew7oEgLt7M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.mft rsync://rpki.ripe.net/repository/DEFAULT/oWKOOfRxrdx15xo5G4Ldklx_CB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:bb:f4:e9:74:1f:ee:13:bf:8d:47:21:2e:80:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1628e39f471addc75e71a391b82dd925c7f081d Validity Not Before: Dec 6 07:00:58 2025 GMT Not After : Dec 7 07:00:58 2025 GMT Subject: CN=67c058651246e70c94fb552a109d77762f0adb79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:52:ae:24:c8:8c:b0:57:0a:df:67:a5:47:2c: 33:da:87:ad:d2:51:4a:56:d2:29:51:31:b3:5e:23: e6:86:e3:4e:4b:18:c6:af:f4:a4:3e:0b:bd:65:27: 63:86:1f:04:c5:73:62:c1:f7:8a:96:c4:8b:14:9d: 61:10:28:7d:11:a5:2c:c0:f8:38:46:a6:e3:e7:de: 53:73:02:33:65:30:f9:ee:8a:85:21:07:30:06:46: 57:70:80:33:98:e0:d1:6a:51:2d:6d:fb:31:dc:ac: 51:12:54:b1:af:fc:7a:03:6d:f4:ea:4b:d1:c1:ac: c4:79:49:c5:dd:34:cf:12:20:b6:b1:4f:19:4f:1b: ac:5c:de:b8:11:b8:71:e8:d2:fd:6a:70:a5:6e:e1: 62:c8:21:f3:39:ac:02:98:71:45:5f:99:76:fb:2e: d7:47:42:82:0a:b2:4e:0c:a4:c7:5f:12:fd:9e:a6: 4f:92:68:9d:cb:12:6c:39:cb:da:a6:ca:e1:57:7c: 57:1e:16:72:ba:4b:43:c8:57:82:86:a3:1f:da:90: 8f:af:a2:bf:2c:ab:18:6d:23:f7:26:97:0b:b9:6a: c9:b8:2c:08:32:50:46:17:21:3f:ac:cb:21:87:3a: 5a:80:fe:84:4e:0d:d7:86:73:cf:5a:46:cd:85:f2: 40:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:C0:58:65:12:46:E7:0C:94:FB:55:2A:10:9D:77:76:2F:0A:DB:79 X509v3 Authority Key Identifier: keyid:A1:62:8E:39:F4:71:AD:DC:75:E7:1A:39:1B:82:DD:92:5C:7F:08:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWKOOfRxrdx15xo5G4Ldklx_CB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/389ed2-1b82-45c9-a70a-025a0e6f05ae/1/oWKOOfRxrdx15xo5G4Ldklx_CB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:ef:a1:71:23:33:b6:c0:93:f9:96:4e:7b:88:85:e0:76:c9: f3:ad:f6:ed:4b:12:3f:29:4d:f3:17:69:f9:62:b9:57:02:61: b3:39:66:85:cc:28:da:94:77:99:94:c6:e3:10:cf:7c:c2:f5: c4:96:4e:29:92:8e:09:36:aa:14:e4:88:60:0a:62:04:e2:3e: a9:69:21:75:d1:88:bb:ba:7a:e8:c0:12:09:95:fd:4d:ad:e1: 8c:0a:53:78:5e:3d:bf:d7:6a:cf:2b:f2:19:7f:08:8a:75:ac: be:b6:db:65:c7:16:8e:9c:09:e9:ae:e4:66:e4:81:02:67:09: d1:0a:17:fe:d9:a5:5f:95:8e:f0:a5:30:86:62:de:b9:3f:40: 1a:1a:f4:01:fb:71:31:32:d3:e9:77:4a:44:e7:29:db:e7:d8: b6:2d:a3:3e:70:07:8c:ea:39:c1:7f:1b:30:6d:a8:aa:32:9a: ce:2b:39:e6:34:6e:a9:b9:48:5d:d3:b2:ab:bb:4f:27:65:0c: 28:90:98:4a:55:86:7f:22:c6:90:45:af:86:f4:44:4e:c4:5f: 51:ca:89:ae:2f:48:8c:91:8c:83:58:91:88:50:29:8c:25:48: 83:a1:f8:5c:cb:93:c6:55:48:1d:c2:84:13:9b:93:70:6a:68: 6a:43:b8:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydrv06XQf7hO/jUchLoB/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNjI4ZTM5ZjQ3MWFkZGM3NWU3MWEzOTFiODJkZDkyNWM3 ZjA4MWQwHhcNMjUxMjA2MDcwMDU4WhcNMjUxMjA3MDcwMDU4WjAzMTEwLwYDVQQD Eyg2N2MwNTg2NTEyNDZlNzBjOTRmYjU1MmExMDlkNzc3NjJmMGFkYjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFKuJMiMsFcK32elRywz2oet0lFK VtIpUTGzXiPmhuNOSxjGr/SkPgu9ZSdjhh8ExXNiwfeKlsSLFJ1hECh9EaUswPg4 Rqbj595TcwIzZTD57oqFIQcwBkZXcIAzmODRalEtbfsx3KxRElSxr/x6A2306kvR wazEeUnF3TTPEiC2sU8ZTxusXN64Ebhx6NL9anClbuFiyCHzOawCmHFFX5l2+y7X R0KCCrJODKTHXxL9nqZPkmidyxJsOcvapsrhV3xXHhZyuktDyFeChqMf2pCPr6K/ LKsYbSP3JpcLuWrJuCwIMlBGFyE/rMshhzpagP6ETg3XhnPPWkbNhfJAKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGfAWGUSRucMlPtVKhCdd3YvCtt5MB8GA1UdIwQY MBaAFKFijjn0ca3cdecaORuC3ZJcfwgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1dLT09mUnhyZHgxNXhvNUc0TGRrbHhfQ0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zODllZDItMWI4Mi00NWM5LWE3MGEt MDI1YTBlNmYwNWFlLzEvb1dLT09mUnhyZHgxNXhvNUc0TGRrbHhfQ0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC8zODllZDItMWI4Mi00NWM5LWE3MGEtMDI1YTBlNmYwNWFl LzEvb1dLT09mUnhyZHgxNXhvNUc0TGRrbHhfQ0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl++hcSMz tsCT+ZZOe4iF4HbJ86327UsSPylN8xdp+WK5VwJhszlmhcwo2pR3mZTG4xDPfML1 xJZOKZKOCTaqFOSIYApiBOI+qWkhddGIu7p66MASCZX9Ta3hjApTeF49v9dqzyvy GX8IinWsvrbbZccWjpwJ6a7kZuSBAmcJ0QoX/tmlX5WO8KUwhmLeuT9AGhr0Aftx MTLT6XdKROcp2+fYti2jPnAHjOo5wX8bMG2oqjKazis55jRuqblIXdOyq7tPJ2UM KJCYSlWGfyLGkEWvhvRETsRfUcqJri9IjJGMg1iRiFApjCVIg6H4XMuTxlVIHcKE E5uTcGpoakO4bg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:51:05 2025 by rpki-client