This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json) Hash identifier: Nncf+qTygVLtaAKaIaUdkEKlslelOxjRarcUDn2LBms= Subject key identifier: 2F:0F:23:2E:D6:E7:EE:58:77:F3:0E:14:41:7A:F1:FA:67:9A:3E:87 Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Certificate serial: 019AF208D6F074363C111E3E68CE34C0B785 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft Manifest number: 170D Signing time: Sat 06 Dec 2025 05:00:56 +0000 Manifest this update: Sat 06 Dec 2025 05:00:56 +0000 Manifest next update: Sun 07 Dec 2025 05:00:56 +0000 Files and hashes: 1: KBxZJWrk1-bZEdk3S7yVEPMKVtM.roa (hash: BpbYbbHeyy+1nQHRcRldIZ4LwMax+kHyBfVOH0ykZeU=) 2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: f4WKf6mlLfLItL06eEGK0FZaUHQUPaapNb9CxbslGTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:d6:f0:74:36:3c:11:1e:3e:68:ce:34:c0:b7:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Validity Not Before: Dec 6 05:00:56 2025 GMT Not After : Dec 7 05:00:56 2025 GMT Subject: CN=2f0f232ed6e7ee5877f30e14417af1fa679a3e87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:84:91:ba:6d:56:c6:bc:06:17:36:08:46:6f: e9:51:9b:24:a2:68:9f:8c:d5:75:e4:cf:15:3b:5c: 2f:fd:f0:9f:fb:19:ad:d1:da:39:e9:6f:42:50:e4: e7:4a:d2:e1:ab:f6:10:27:42:d1:01:c3:4b:26:44: 7d:78:31:50:06:2a:80:72:17:e9:bf:e0:8c:c9:d8: 75:34:1d:44:ab:df:0b:80:38:0b:cc:83:71:1e:fa: b4:35:df:1d:7a:1d:63:ea:b2:c7:7b:23:53:74:b3: 8c:de:4a:0b:c3:b2:fb:32:8f:ba:95:6d:6d:81:b2: d1:44:61:1a:8e:b2:ac:26:66:c6:73:36:64:ba:44: a2:8c:45:d4:b6:9c:13:b0:9d:7e:70:2c:05:7f:a4: 82:75:c2:d1:fd:84:d8:c0:52:08:60:0e:59:e8:f5: 77:3e:0a:81:25:bf:84:9f:d8:1e:a6:77:ea:ef:77: 33:19:43:d1:a9:1c:db:94:a9:e7:67:59:30:2b:33: ff:30:eb:1a:56:1b:5f:92:c1:70:ca:23:4b:06:b2: 42:a6:8f:31:89:51:d8:25:fb:29:ff:ca:84:d2:13: 93:d1:f3:a6:79:c0:47:9a:ba:fb:2a:f6:a3:e7:8a: d4:69:ac:bf:14:5b:38:69:7f:3e:e3:a7:49:c5:5c: 59:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:0F:23:2E:D6:E7:EE:58:77:F3:0E:14:41:7A:F1:FA:67:9A:3E:87 X509v3 Authority Key Identifier: keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:c3:6b:f3:3c:14:13:08:15:4f:94:51:05:d2:a8:13:b1:c2: fa:a2:3c:d4:1c:5a:5b:b9:16:34:82:6f:68:df:3a:c2:39:99: a1:9d:d7:ee:44:f3:b1:95:df:67:42:30:47:21:c2:72:4e:a2: 23:99:4a:10:67:36:12:ad:b5:d9:80:66:fb:16:3d:13:cc:2e: 1f:57:c9:df:ab:f0:25:cc:85:f7:20:67:cb:dc:47:58:41:5f: 6f:50:24:3c:b3:8c:99:41:2b:01:b9:4f:44:2d:4c:1c:70:e1: 0f:29:fc:2c:32:d9:d2:9f:7c:82:5f:b3:81:4e:7b:3f:2b:1f: d8:29:d7:5b:8d:de:4a:1e:3a:0f:f6:f2:bb:c5:7a:90:aa:78: c2:04:6a:1e:85:b5:c6:b9:70:de:f1:23:5b:23:16:ce:e5:0c: 17:28:d1:17:91:4a:13:d0:b2:50:72:6d:58:44:6d:38:ce:a1: 0b:84:d8:c2:2c:50:0e:3e:99:21:d3:98:f6:33:bc:75:2d:c8: 67:5a:d0:75:fa:dd:2d:ee:1c:5a:5c:7c:a3:36:42:17:72:48: 4a:f4:8e:55:42:e8:28:39:9e:3a:10:c0:f4:3e:b1:7d:df:a5: 7d:17:c8:f7:6a:09:c4:9d:4c:f9:11:cb:d7:fe:2d:1f:1f:41: a8:0e:da:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCNbwdDY8ER4+aM40wLeFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4 YjQ5OGEwHhcNMjUxMjA2MDUwMDU2WhcNMjUxMjA3MDUwMDU2WjAzMTEwLwYDVQQD EygyZjBmMjMyZWQ2ZTdlZTU4NzdmMzBlMTQ0MTdhZjFmYTY3OWEzZTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYSRum1WxrwGFzYIRm/pUZskomif jNV15M8VO1wv/fCf+xmt0do56W9CUOTnStLhq/YQJ0LRAcNLJkR9eDFQBiqAchfp v+CMydh1NB1Eq98LgDgLzINxHvq0Nd8deh1j6rLHeyNTdLOM3koLw7L7Mo+6lW1t gbLRRGEajrKsJmbGczZkukSijEXUtpwTsJ1+cCwFf6SCdcLR/YTYwFIIYA5Z6PV3 PgqBJb+En9gepnfq73czGUPRqRzblKnnZ1kwKzP/MOsaVhtfksFwyiNLBrJCpo8x iVHYJfsp/8qE0hOT0fOmecBHmrr7Kvaj54rUaay/FFs4aX8+46dJxVxZEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC8PIy7W5+5Yd/MOFEF68fpnmj6HMB8GA1UdIwQY MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsNr8zwU EwgVT5RRBdKoE7HC+qI81BxaW7kWNIJvaN86wjmZoZ3X7kTzsZXfZ0IwRyHCck6i I5lKEGc2Eq212YBm+xY9E8wuH1fJ36vwJcyF9yBny9xHWEFfb1AkPLOMmUErAblP RC1MHHDhDyn8LDLZ0p98gl+zgU57Pysf2CnXW43eSh46D/byu8V6kKp4wgRqHoW1 xrlw3vEjWyMWzuUMFyjRF5FKE9CyUHJtWERtOM6hC4TYwixQDj6ZIdOY9jO8dS3I Z1rQdfrdLe4cWlx8ozZCF3JISvSOVULoKDmeOhDA9D6xfd+lfRfI92oJxJ1M+RHL 1/4tHx9BqA7awQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:12 2025 by rpki-client