This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: qI8PrQLQeMn8MTJKdrUmTpQKCB5b8jsrOiThOljhx+E= Subject key identifier: D6:0D:69:54:5E:14:C2:C5:83:75:72:2A:AE:2E:1A:EE:24:2B:EB:B7 Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019B40C8794A95506A3D5D2E8D2C9B47E2E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0E71 Signing time: Sun 21 Dec 2025 12:00:38 +0000 Manifest this update: Sun 21 Dec 2025 12:00:38 +0000 Manifest next update: Mon 22 Dec 2025 12:00:38 +0000 Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: DnFg2HiOZQ6EA24ae07qLPpLsd7xhoVSStR+Iui/u4g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:79:4a:95:50:6a:3d:5d:2e:8d:2c:9b:47:e2:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Dec 21 12:00:38 2025 GMT Not After : Dec 22 12:00:38 2025 GMT Subject: CN=d60d69545e14c2c58375722aae2e1aee242bebb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:f2:7b:c3:fd:d5:ad:f4:b9:c7:f0:0e:4d:9a: 4b:65:28:20:ca:f7:f2:1a:6c:2e:d3:5f:17:9a:34: 4c:ad:01:1e:ae:5a:8b:8d:3e:5d:b4:43:cd:a8:07: d1:51:9b:58:a9:b0:f8:19:67:1b:ab:62:dc:59:82: f8:21:ae:e5:75:be:bc:6f:04:3d:aa:2f:ba:ff:87: 25:43:2d:8b:e0:fd:eb:e4:0d:3c:fe:4a:2a:d8:de: bc:b2:52:39:31:9f:30:df:7c:ff:88:fb:cf:61:3c: 41:6c:a3:1d:f8:d9:d9:d1:f1:f8:eb:aa:2a:7a:72: fc:b6:b5:62:13:8a:da:0b:67:2c:c7:ca:92:2a:06: eb:1c:a2:14:89:ee:0e:6b:cc:0e:ed:e0:2f:e5:88: 55:09:b1:ea:cf:bc:0a:2b:65:43:a9:9c:0f:36:bb: 60:62:48:00:c3:e6:a9:ed:bd:28:46:41:06:ba:33: 02:28:dc:13:cd:0f:89:fd:03:cd:c1:7b:e9:0c:64: 6d:d5:86:0f:53:eb:5d:f7:a6:f3:36:a7:56:7a:b4: 36:67:6d:0e:8a:58:9e:e2:ad:f5:81:1f:3d:ab:3b: c4:88:b7:ec:c3:5f:e0:e1:c7:0c:e3:05:07:df:22: 77:68:e0:12:a8:4b:f0:74:45:15:df:1c:f7:3d:96: 8b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:0D:69:54:5E:14:C2:C5:83:75:72:2A:AE:2E:1A:EE:24:2B:EB:B7 X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:e2:c8:e1:1d:45:0b:8f:be:70:5b:a0:d2:61:a8:d4:47:fe: 51:15:5d:3c:a8:76:38:f2:a8:5f:73:c5:1b:ea:00:4f:da:53: c4:47:35:c0:4a:b0:8f:9c:a0:6d:79:9d:3d:ff:54:a0:bc:25: 87:e6:db:56:3c:cd:50:95:72:99:6c:af:bd:65:56:7e:dc:80: 69:aa:75:b5:62:f7:c4:7a:26:d7:d0:77:91:57:a2:3b:ca:4b: a9:87:e3:90:72:18:f1:5d:ab:48:1d:49:99:74:60:36:53:43: 5b:61:29:ca:a5:37:8b:36:d3:a8:e5:ce:ed:46:a9:f5:8c:b4: 1b:30:21:30:0b:ba:03:10:04:c0:7e:4f:0c:ea:15:93:c1:e4: a3:06:01:2c:69:69:af:b4:0c:cb:87:1f:8e:ef:ce:4d:17:2b: 21:ef:7a:02:c1:80:51:68:8a:35:b9:0c:3f:00:f8:7a:7f:b8: 7c:3e:9b:52:9d:bd:7c:bd:d9:9f:11:d0:8b:69:00:ac:22:03: 70:8a:31:1d:85:3d:26:8b:3b:5f:03:00:b5:23:de:ba:1f:a8: 2d:1e:28:bd:85:47:30:a2:3a:28:d5:ef:1e:f3:d8:cc:bc:8f: 14:05:cc:8b:2e:76:62:2c:6d:2a:13:5b:04:9a:44:fa:b8:2f: 2e:35:01:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyHlKlVBqPV0ujSybR+LkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjUxMjIxMTIwMDM4WhcNMjUxMjIyMTIwMDM4WjAzMTEwLwYDVQQD EyhkNjBkNjk1NDVlMTRjMmM1ODM3NTcyMmFhZTJlMWFlZTI0MmJlYmI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fJ7w/3VrfS5x/AOTZpLZSggyvfy Gmwu018XmjRMrQEerlqLjT5dtEPNqAfRUZtYqbD4GWcbq2LcWYL4Ia7ldb68bwQ9 qi+6/4clQy2L4P3r5A08/koq2N68slI5MZ8w33z/iPvPYTxBbKMd+NnZ0fH466oq enL8trViE4raC2csx8qSKgbrHKIUie4Oa8wO7eAv5YhVCbHqz7wKK2VDqZwPNrtg YkgAw+ap7b0oRkEGujMCKNwTzQ+J/QPNwXvpDGRt1YYPU+td96bzNqdWerQ2Z20O ilie4q31gR89qzvEiLfsw1/g4ccM4wUH3yJ3aOASqEvwdEUV3xz3PZaLcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNYNaVReFMLFg3VyKq4uGu4kK+u3MB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuLI4R1F C4++cFug0mGo1Ef+URVdPKh2OPKoX3PFG+oAT9pTxEc1wEqwj5ygbXmdPf9UoLwl h+bbVjzNUJVymWyvvWVWftyAaap1tWL3xHom19B3kVeiO8pLqYfjkHIY8V2rSB1J mXRgNlNDW2EpyqU3izbTqOXO7Uap9Yy0GzAhMAu6AxAEwH5PDOoVk8HkowYBLGlp r7QMy4cfju/OTRcrIe96AsGAUWiKNbkMPwD4en+4fD6bUp29fL3ZnxHQi2kArCID cIoxHYU9Jos7XwMAtSPeuh+oLR4ovYVHMKI6KNXvHvPYzLyPFAXMiy52YixtKhNb BJpE+rgvLjUBtQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:28:01 2025 by rpki-client