This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json) Hash identifier: v+iv8hE8/SqQH+pkl36jFSyZ4bdIBi2bL1aQz6UyNmo= Subject key identifier: D1:19:7C:9D:82:34:88:34:F1:35:B9:8B:69:D8:F5:3F:4B:EC:87:B7 Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100 Certificate serial: 019B35D7A851C0545774E85FA6F17DF8D42E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft Manifest number: 0CCB Signing time: Fri 19 Dec 2025 09:01:24 +0000 Manifest this update: Fri 19 Dec 2025 09:01:24 +0000 Manifest next update: Sat 20 Dec 2025 09:01:24 +0000 Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=) 2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=) 3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: d0BdrlYZ6b5zOngqnNRuSERgCOKYl+grV3m8FMCofYY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:d7:a8:51:c0:54:57:74:e8:5f:a6:f1:7d:f8:d4:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27c641b530a7c6ba234022e3327246232367100 Validity Not Before: Dec 19 09:01:24 2025 GMT Not After : Dec 20 09:01:24 2025 GMT Subject: CN=d1197c9d82348834f135b98b69d8f53f4bec87b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:9f:1c:e7:27:f7:b2:87:b5:4f:d0:6a:6f:0c: 25:c2:d9:e6:54:b5:bb:c0:b3:8a:1f:5c:cd:cc:11: 28:76:89:14:44:2f:e6:ac:42:9c:d4:d5:b3:c7:23: 41:39:d1:1c:be:8c:4a:37:f7:ca:61:82:2e:c5:68: fd:91:61:ae:19:c4:69:c9:43:7e:9d:48:f9:eb:f6: 12:cf:33:c8:1c:3f:a2:8e:49:69:5d:c6:08:d8:a8: e3:06:6b:6e:a7:12:a2:12:20:74:b4:1a:25:68:12: 9a:cb:52:db:da:44:73:db:eb:21:24:0b:ae:05:73: 72:93:81:b4:f1:94:68:e2:ce:72:10:90:59:b5:4a: 55:50:42:42:8e:1c:b2:ff:19:3c:32:96:b3:a8:aa: 7d:72:e4:99:6d:44:ee:f7:d2:71:6d:2d:1c:ba:a3: ce:c4:02:8e:a3:ee:fa:ea:65:22:8e:36:ae:35:3a: cb:60:20:b2:eb:52:e4:5e:16:ce:6d:31:02:0f:3c: ab:2b:60:f9:0d:67:b9:e1:10:8b:25:8f:d1:2a:c9: 8a:ba:d3:c3:6d:78:68:10:81:ca:29:c1:b9:cd:18: 87:1f:2a:9d:d1:b9:5c:3d:58:ed:2d:43:b0:bc:fb: d2:c4:c3:fa:dd:96:55:85:2c:5d:34:eb:69:e0:9c: a0:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:19:7C:9D:82:34:88:34:F1:35:B9:8B:69:D8:F5:3F:4B:EC:87:B7 X509v3 Authority Key Identifier: keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:5c:9a:1d:65:1a:96:16:8a:b0:ac:b2:d7:c9:27:d7:7e:ad: 60:4d:34:54:f7:2e:ea:76:d8:79:03:e8:0e:ac:19:c5:8e:c2: 22:1c:1c:0c:f7:4e:93:c4:94:ec:04:74:f2:d0:d8:81:f3:12: 88:b9:49:03:54:4a:e4:5a:9b:b2:18:7e:42:df:be:fd:8e:a4: f3:e5:e1:ae:b2:8f:87:95:74:af:3f:33:93:46:77:d0:25:17: cb:21:0a:8e:f1:be:14:4d:54:18:34:28:b1:ed:0b:b4:fc:94: 67:de:1f:7e:fc:a6:1c:54:fb:17:29:9f:54:e6:e6:1f:44:b4: 7f:0b:54:85:3b:57:f4:9d:e4:68:f4:64:8a:f1:bb:9e:df:fb: a0:36:00:4e:9a:07:5e:cd:8b:5f:58:0f:f5:e7:56:2b:60:59: 2b:c9:3b:c1:80:5c:a0:b7:94:7d:e1:d1:31:e6:a1:5d:f5:3f: f3:97:61:9e:e4:ba:8b:40:20:03:1e:ea:3b:44:29:2d:e0:ce: ec:e0:11:c8:2c:9a:25:17:05:2d:1b:87:b3:c5:47:14:53:aa: 33:5b:51:01:b4:ed:4a:31:06:fd:3c:3b:be:22:2f:40:2e:34: 6e:b2:34:9c:6a:a3:54:13:5d:a9:89:50:cb:81:87:73:28:bf: e3:91:ec:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs116hRwFRXdOhfpvF9+NQuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz NjcxMDAwHhcNMjUxMjE5MDkwMTI0WhcNMjUxMjIwMDkwMTI0WjAzMTEwLwYDVQQD EyhkMTE5N2M5ZDgyMzQ4ODM0ZjEzNWI5OGI2OWQ4ZjUzZjRiZWM4N2I3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA258c5yf3soe1T9BqbwwlwtnmVLW7 wLOKH1zNzBEodokURC/mrEKc1NWzxyNBOdEcvoxKN/fKYYIuxWj9kWGuGcRpyUN+ nUj56/YSzzPIHD+ijklpXcYI2KjjBmtupxKiEiB0tBolaBKay1Lb2kRz2+shJAuu BXNyk4G08ZRo4s5yEJBZtUpVUEJCjhyy/xk8MpazqKp9cuSZbUTu99JxbS0cuqPO xAKOo+766mUijjauNTrLYCCy61LkXhbObTECDzyrK2D5DWe54RCLJY/RKsmKutPD bXhoEIHKKcG5zRiHHyqd0blcPVjtLUOwvPvSxMP63ZZVhSxdNOtp4JygtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNEZfJ2CNIg08TW5i2nY9T9L7Ie3MB8GA1UdIwQY MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1 LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1yaHWUa lhaKsKyy18kn136tYE00VPcu6nbYeQPoDqwZxY7CIhwcDPdOk8SU7AR08tDYgfMS iLlJA1RK5Fqbshh+Qt++/Y6k8+XhrrKPh5V0rz8zk0Z30CUXyyEKjvG+FE1UGDQo se0LtPyUZ94ffvymHFT7FymfVObmH0S0fwtUhTtX9J3kaPRkivG7nt/7oDYATpoH Xs2LX1gP9edWK2BZK8k7wYBcoLeUfeHRMeahXfU/85dhnuS6i0AgAx7qO0QpLeDO 7OARyCyaJRcFLRuHs8VHFFOqM1tRAbTtSjEG/Tw7viIvQC40brI0nGqjVBNdqYlQ y4GHcyi/45HsSA== -----END CERTIFICATE-----Generated at Fri Dec 19 11:35:05 2025 by rpki-client