This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json) Hash identifier: 2igua1KWgV1xWhaU7GklHomC3m0kcFX3TN9SAt/M0Dg= Subject key identifier: 5B:A4:92:1C:6B:59:32:DA:09:DF:C8:C2:D4:AA:0C:67:42:A3:D5:38 Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59 Certificate serial: 019B34FB3CE2494A81D5BD68E9D76E6B9BE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft Manifest number: 0CE6 Signing time: Fri 19 Dec 2025 05:00:38 +0000 Manifest this update: Fri 19 Dec 2025 05:00:38 +0000 Manifest next update: Sat 20 Dec 2025 05:00:38 +0000 Files and hashes: 1: Y2_roQOUIthtVw1QejxD0nB1Z6Y.roa (hash: stNdekHqHd38daoAs6CHIS4mgM26Z52wdTv8J9OHtKw=) 2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: v21qn2WsZKKTU0cEtQTToFddZQudBiS7hm2UROCXrmI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:3c:e2:49:4a:81:d5:bd:68:e9:d7:6e:6b:9b:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59 Validity Not Before: Dec 19 05:00:38 2025 GMT Not After : Dec 20 05:00:38 2025 GMT Subject: CN=5ba4921c6b5932da09dfc8c2d4aa0c6742a3d538 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:88:1c:7f:03:79:5d:82:80:84:e6:15:30:cf: 1b:53:97:7a:37:6f:c1:61:ec:60:66:e2:49:79:79: aa:8a:f9:e7:f5:65:a9:71:e4:4b:10:20:f0:26:1e: cf:0e:e7:16:f0:e7:08:c2:e3:e1:31:66:4e:02:d9: 84:b4:3b:c5:76:6d:5d:37:ac:80:a8:e8:0d:1e:b4: ae:ed:fc:47:fa:b2:a3:6b:91:a6:de:00:2a:cd:5f: 86:aa:80:9e:46:fd:1a:ac:ad:a3:7f:dc:3e:17:bb: fc:9e:0a:c9:49:2b:4f:ea:c5:a3:50:a0:92:9e:62: b5:5c:0e:34:44:e0:d8:de:37:9a:9c:03:24:fc:66: 8f:e5:13:70:c4:35:44:60:9f:43:8b:a0:2a:e7:c9: 3e:73:7f:25:ef:ac:38:75:60:a2:13:9a:11:d8:6e: 09:ae:b6:74:06:5c:bb:c2:64:71:0d:56:26:d3:3e: 56:8d:62:74:ef:0b:c0:0b:f1:fe:5e:2b:51:fd:6f: 63:f4:6a:f1:23:9a:95:d4:ef:9d:15:5f:c9:b3:2d: 71:5d:9d:fe:6d:df:90:4c:1b:4b:5d:0e:ba:cd:39: 72:3f:fa:de:c4:de:d3:ae:bf:0a:00:4a:8f:bd:f3: 64:f3:5a:bc:43:9b:b6:37:06:4e:e9:8d:20:e9:0c: 43:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:A4:92:1C:6B:59:32:DA:09:DF:C8:C2:D4:AA:0C:67:42:A3:D5:38 X509v3 Authority Key Identifier: keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:a0:ba:31:88:fa:23:c5:db:97:7d:0d:2c:12:22:c0:ff:b0: 5f:c5:84:c1:1c:8f:37:90:d7:f2:93:ca:e7:fd:66:45:b1:dd: a8:b9:31:03:2b:5c:f4:c8:c2:ac:6e:34:63:ff:ab:c8:d7:d8: 9d:e3:77:7d:6d:90:01:0d:19:88:de:6d:fe:66:01:da:1b:7a: 84:c7:ef:06:5f:1a:25:6d:9f:67:7c:20:e2:e2:37:5f:49:18: cb:16:6b:33:27:8a:23:d5:ad:a2:dc:09:ab:c6:7a:71:7a:b6: 26:c3:67:ec:a0:a6:f8:c2:77:ec:d4:cc:70:95:0c:9c:05:39: 8a:2b:63:42:d3:70:52:70:4d:a9:1f:0f:55:f9:65:5a:6b:a0: 6c:9a:ab:a9:56:81:33:92:2d:2c:b9:56:98:f5:e7:73:da:34: 07:9f:63:2c:97:f3:67:61:aa:c4:6f:71:cb:db:99:85:ab:66: e3:3a:d9:c2:73:08:01:40:02:5c:84:bb:29:0e:e2:a8:0f:ce: eb:7e:b8:aa:89:a5:06:2c:de:b2:e8:5d:3a:75:7f:7e:0b:45: 0b:db:51:22:1b:bf:7f:63:d1:35:fc:cd:2c:86:d6:a7:80:bd: cd:a8:07:85:23:14:f0:ad:86:9f:f2:f7:8b:4e:b8:ab:a5:14: 14:7c:88:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+zziSUqB1b1o6ddua5vlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1 M2RjNTkwHhcNMjUxMjE5MDUwMDM4WhcNMjUxMjIwMDUwMDM4WjAzMTEwLwYDVQQD Eyg1YmE0OTIxYzZiNTkzMmRhMDlkZmM4YzJkNGFhMGM2NzQyYTNkNTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ogcfwN5XYKAhOYVMM8bU5d6N2/B YexgZuJJeXmqivnn9WWpceRLECDwJh7PDucW8OcIwuPhMWZOAtmEtDvFdm1dN6yA qOgNHrSu7fxH+rKja5Gm3gAqzV+GqoCeRv0arK2jf9w+F7v8ngrJSStP6sWjUKCS nmK1XA40RODY3jeanAMk/GaP5RNwxDVEYJ9Di6Aq58k+c38l76w4dWCiE5oR2G4J rrZ0Bly7wmRxDVYm0z5WjWJ07wvAC/H+XitR/W9j9GrxI5qV1O+dFV/Jsy1xXZ3+ bd+QTBtLXQ66zTlyP/rexN7Trr8KAEqPvfNk81q8Q5u2NwZO6Y0g6QxD3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFukkhxrWTLaCd/IwtSqDGdCo9U4MB8GA1UdIwQY MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcaC6MYj6 I8Xbl30NLBIiwP+wX8WEwRyPN5DX8pPK5/1mRbHdqLkxAytc9MjCrG40Y/+ryNfY neN3fW2QAQ0ZiN5t/mYB2ht6hMfvBl8aJW2fZ3wg4uI3X0kYyxZrMyeKI9WtotwJ q8Z6cXq2JsNn7KCm+MJ37NTMcJUMnAU5iitjQtNwUnBNqR8PVfllWmugbJqrqVaB M5ItLLlWmPXnc9o0B59jLJfzZ2GqxG9xy9uZhatm4zrZwnMIAUACXIS7KQ7iqA/O 6364qomlBizesuhdOnV/fgtFC9tRIhu/f2PRNfzNLIbWp4C9zagHhSMU8K2Gn/L3 i064q6UUFHyI9w== -----END CERTIFICATE-----Generated at Fri Dec 19 12:05:57 2025 by rpki-client