This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json) Hash identifier: QlY8CW6bjD9aCSpfI71C5ylWrTtV0atn3xJRETtlzmk= Subject key identifier: AF:F8:40:22:64:61:5B:D0:15:E5:1E:6B:04:71:5F:39:8B:93:1F:20 Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59 Certificate serial: 019B277748FA10A7DB22B9EF1B91EDBCDCAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft Manifest number: 0CDF Signing time: Tue 16 Dec 2025 14:01:27 +0000 Manifest this update: Tue 16 Dec 2025 14:01:27 +0000 Manifest next update: Wed 17 Dec 2025 14:01:27 +0000 Files and hashes: 1: Y2_roQOUIthtVw1QejxD0nB1Z6Y.roa (hash: stNdekHqHd38daoAs6CHIS4mgM26Z52wdTv8J9OHtKw=) 2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: arbvO7m+Q3qlT+ARSZkqs7n+AZuaHkI39qJsrM3dadg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:77:48:fa:10:a7:db:22:b9:ef:1b:91:ed:bc:dc:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59 Validity Not Before: Dec 16 14:01:27 2025 GMT Not After : Dec 17 14:01:27 2025 GMT Subject: CN=aff8402264615bd015e51e6b04715f398b931f20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e6:3a:ad:ee:69:6d:ab:b9:29:e8:1b:e1:8a: 0c:6b:72:e5:65:5d:e2:a3:88:87:03:96:0a:99:6f: d6:ce:ff:88:11:5b:99:f4:28:51:8f:70:bd:26:cb: ce:3d:9a:3a:c7:a6:91:b8:83:61:30:ac:b8:a5:a6: bf:c0:fd:bc:fd:e8:8f:99:ec:6a:49:d8:44:59:cb: 8f:75:6c:b5:8e:01:5a:e4:a3:9b:7d:92:30:36:db: 02:d1:93:e5:fd:c6:ea:3c:f2:fb:ae:2f:70:99:8b: 78:03:4a:13:e4:66:c0:6c:96:3a:c9:d5:e8:ea:a7: ad:72:10:2c:d3:72:56:af:47:b5:4e:f0:bf:56:9d: 9c:b9:64:f2:0e:87:ea:e9:22:4c:d3:5c:23:c6:3c: 3d:f0:ce:be:10:e0:a9:f7:e6:73:e1:9f:11:04:97: 22:52:23:33:e1:52:2d:76:af:60:2f:3b:37:7b:a6: a6:7a:e5:ae:c3:2f:24:21:a7:88:c6:bc:50:f2:d8: dd:1e:33:16:31:14:10:c7:c3:5e:87:37:85:5c:24: 92:40:d0:09:e4:4d:34:47:c8:ec:18:cb:71:30:a2: f7:56:80:51:1b:16:6d:50:19:35:05:06:b5:9e:e3: 62:12:5f:78:6d:bc:f2:48:93:6c:f0:0f:70:7a:1e: 6f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:F8:40:22:64:61:5B:D0:15:E5:1E:6B:04:71:5F:39:8B:93:1F:20 X509v3 Authority Key Identifier: keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:0f:46:f9:80:41:cf:53:3e:ec:6c:65:c0:ab:bd:28:a9:5d: 34:9b:cf:2c:21:71:ad:91:e1:05:73:19:56:ca:03:1f:1b:4f: 3e:6c:ec:ee:06:1f:89:0f:81:55:c1:74:cc:3d:be:f3:72:b2: 82:24:cb:94:b5:2e:55:cb:3d:fe:cd:7f:37:48:e5:24:96:14: 66:5e:98:84:08:aa:f2:60:dc:40:3b:f3:96:38:9b:d7:44:ff: 16:5a:42:93:76:4b:1c:7b:b1:1f:4a:25:ed:20:04:e3:39:f3: 94:e0:6c:13:74:b5:4a:c5:20:b9:a9:fa:91:6d:00:45:d0:a6: 57:59:25:91:b9:fc:3a:1d:c4:ef:dc:d1:7b:3d:16:0f:5a:4c: 38:51:93:16:bc:31:1c:93:de:fd:a3:b2:35:46:1d:cc:7e:48: 04:d7:e7:7e:7a:a0:03:93:2d:b9:4e:1a:e2:37:85:30:af:17: 17:89:a0:76:a3:c1:97:65:ce:6f:86:c5:13:28:43:96:69:d5: e5:1d:4e:d1:f7:37:6e:8b:92:a9:0a:33:d4:73:08:db:28:85: fd:3c:3c:f5:27:f1:3b:0d:8e:26:30:d3:c5:0c:8c:7a:e6:ba: b7:9c:54:f8:91:43:a5:18:05:81:ad:2e:2a:5e:b3:8d:55:45: ef:2b:8b:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnd0j6EKfbIrnvG5HtvNyrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1 M2RjNTkwHhcNMjUxMjE2MTQwMTI3WhcNMjUxMjE3MTQwMTI3WjAzMTEwLwYDVQQD EyhhZmY4NDAyMjY0NjE1YmQwMTVlNTFlNmIwNDcxNWYzOThiOTMxZjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOY6re5pbau5Kegb4YoMa3LlZV3i o4iHA5YKmW/Wzv+IEVuZ9ChRj3C9JsvOPZo6x6aRuINhMKy4paa/wP28/eiPmexq SdhEWcuPdWy1jgFa5KObfZIwNtsC0ZPl/cbqPPL7ri9wmYt4A0oT5GbAbJY6ydXo 6qetchAs03JWr0e1TvC/Vp2cuWTyDofq6SJM01wjxjw98M6+EOCp9+Zz4Z8RBJci UiMz4VItdq9gLzs3e6ameuWuwy8kIaeIxrxQ8tjdHjMWMRQQx8NehzeFXCSSQNAJ 5E00R8jsGMtxMKL3VoBRGxZtUBk1BQa1nuNiEl94bbzySJNs8A9weh5voQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK/4QCJkYVvQFeUeawRxXzmLkx8gMB8GA1UdIwQY MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQ9G+YBB z1M+7GxlwKu9KKldNJvPLCFxrZHhBXMZVsoDHxtPPmzs7gYfiQ+BVcF0zD2+83Ky giTLlLUuVcs9/s1/N0jlJJYUZl6YhAiq8mDcQDvzljib10T/FlpCk3ZLHHuxH0ol 7SAE4znzlOBsE3S1SsUguan6kW0ARdCmV1klkbn8Oh3E79zRez0WD1pMOFGTFrwx HJPe/aOyNUYdzH5IBNfnfnqgA5MtuU4a4jeFMK8XF4mgdqPBl2XOb4bFEyhDlmnV 5R1O0fc3bouSqQoz1HMI2yiF/Tw89SfxOw2OJjDTxQyMeua6t5xU+JFDpRgFga0u Kl6zjVVF7yuLGg== -----END CERTIFICATE-----Generated at Tue Dec 16 17:12:14 2025 by rpki-client