This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: g4D/EjTh4AX3DYca9qRfPU2u9Y/X2owFBFK/vXhBZ+U= Subject key identifier: 4B:A2:81:EB:29:4A:E0:1A:D9:51:0E:43:8C:C1:48:31:91:FE:A6:5D Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019B0E93534A171B44A219900FCCE96D161C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0E57 Signing time: Thu 11 Dec 2025 18:01:34 +0000 Manifest this update: Thu 11 Dec 2025 18:01:34 +0000 Manifest next update: Fri 12 Dec 2025 18:01:34 +0000 Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: v+rjQPo84M161a4+SNbPspyodx6u2WQT+7Q4baSRRvQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 18:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:93:53:4a:17:1b:44:a2:19:90:0f:cc:e9:6d:16:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Dec 11 18:01:34 2025 GMT Not After : Dec 12 18:01:34 2025 GMT Subject: CN=4ba281eb294ae01ad9510e438cc1483191fea65d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:77:8d:59:2c:6d:92:c7:ec:04:d7:20:48:0c: 03:04:df:77:22:65:96:c1:2e:47:de:14:fe:51:86: a1:fd:c0:c2:87:8d:7f:00:a5:f8:fd:48:0a:b4:ca: d2:44:fd:35:dc:0a:2c:7b:1e:af:88:d5:3b:04:1a: 7c:88:d1:bd:d9:89:ca:a5:3b:0b:ae:a2:99:0e:cd: 20:b5:6d:f7:91:43:e8:d4:44:58:d9:14:c9:77:0a: a3:c4:8d:88:ac:8f:3b:e5:eb:ec:6f:1f:da:c6:f3: 94:98:b8:7d:47:f6:56:38:70:c5:7a:c0:7f:80:0c: d3:ac:57:6f:82:51:bd:99:8b:99:83:32:f4:4d:72: 14:24:96:24:69:d4:06:78:63:65:b9:e1:4f:38:ab: 56:85:76:9e:3f:82:5a:6a:dd:49:22:86:05:f9:8d: ff:35:5e:2e:44:6b:cd:c1:d9:66:95:e9:83:2b:8f: dc:f1:32:88:7f:02:dc:4a:3c:03:1e:9d:09:c0:27: df:25:b2:fd:44:48:8b:d8:cd:37:c8:61:71:78:53: 15:d4:f7:7a:61:02:6e:13:2b:73:bb:a8:c7:6c:8c: 5c:f5:b4:cc:99:ed:22:19:99:b7:2f:7b:e0:f6:50: a0:71:07:eb:28:de:10:9a:9f:8d:d3:f4:3f:d2:0f: 51:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:A2:81:EB:29:4A:E0:1A:D9:51:0E:43:8C:C1:48:31:91:FE:A6:5D X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:f4:ed:55:0d:bf:69:89:aa:68:04:6c:1d:12:e1:b1:fa:28: 1d:0f:e8:02:27:e2:9d:13:fd:75:56:0f:ac:72:81:94:bc:5f: 51:18:56:76:50:01:25:17:b8:fb:dd:e9:87:ea:5a:8c:ae:cf: c3:a5:a3:4e:73:58:28:86:d9:ed:cb:5a:ec:17:5c:a6:7c:15: 64:8f:81:b3:02:1d:b0:d0:ea:5c:f1:3b:0e:4d:79:ed:60:88: 93:4b:7d:ec:fe:5c:73:cb:82:eb:fb:0f:43:98:43:8c:c4:19: 85:a6:53:f3:54:0f:83:f2:a1:2b:74:da:bd:79:92:0c:68:a5: dd:3c:a8:c1:4f:1f:41:0c:ce:7f:f5:b9:05:21:44:32:1d:14: f9:56:42:84:fa:03:4f:c7:34:44:ef:f6:94:79:eb:eb:29:9f: a3:86:43:c9:63:48:d9:97:bb:53:c5:96:0c:6f:11:b5:d3:63: 9a:97:cf:84:7a:00:46:e8:4e:3c:6c:b7:d5:4f:50:aa:26:26: bd:e3:de:2b:a3:a9:c3:e9:26:30:67:4d:b9:d0:d4:1a:71:8d: a7:4f:25:4a:98:c3:49:83:0f:e8:ac:76:ef:ef:ba:a4:61:cb: 38:cb:21:b2:d4:63:5b:a7:55:35:2c:8a:17:3c:23:c7:8b:30: 18:41:91:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOk1NKFxtEohmQD8zpbRYcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjUxMjExMTgwMTM0WhcNMjUxMjEyMTgwMTM0WjAzMTEwLwYDVQQD Eyg0YmEyODFlYjI5NGFlMDFhZDk1MTBlNDM4Y2MxNDgzMTkxZmVhNjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03eNWSxtksfsBNcgSAwDBN93ImWW wS5H3hT+UYah/cDCh41/AKX4/UgKtMrSRP013Aosex6viNU7BBp8iNG92YnKpTsL rqKZDs0gtW33kUPo1ERY2RTJdwqjxI2IrI875evsbx/axvOUmLh9R/ZWOHDFesB/ gAzTrFdvglG9mYuZgzL0TXIUJJYkadQGeGNlueFPOKtWhXaeP4Jaat1JIoYF+Y3/ NV4uRGvNwdlmlemDK4/c8TKIfwLcSjwDHp0JwCffJbL9REiL2M03yGFxeFMV1Pd6 YQJuEytzu6jHbIxc9bTMme0iGZm3L3vg9lCgcQfrKN4Qmp+N0/Q/0g9RTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEuigespSuAa2VEOQ4zBSDGR/qZdMB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfTtVQ2/ aYmqaARsHRLhsfooHQ/oAifinRP9dVYPrHKBlLxfURhWdlABJRe4+93ph+pajK7P w6WjTnNYKIbZ7cta7BdcpnwVZI+BswIdsNDqXPE7Dk157WCIk0t97P5cc8uC6/sP Q5hDjMQZhaZT81QPg/KhK3TavXmSDGil3TyowU8fQQzOf/W5BSFEMh0U+VZChPoD T8c0RO/2lHnr6ymfo4ZDyWNI2Ze7U8WWDG8RtdNjmpfPhHoARuhOPGy31U9QqiYm vePeK6Opw+kmMGdNudDUGnGNp08lSpjDSYMP6Kx27++6pGHLOMshstRjW6dVNSyK Fzwjx4swGEGRnw== -----END CERTIFICATE-----Generated at Fri Dec 12 00:36:51 2025 by rpki-client