This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json) Hash identifier: p9tqZ26cqQB58DKklVEv/TTNlxHZPJIPfK1wQ5G/jXw= Subject key identifier: 58:9C:69:7F:5B:F5:A6:2E:0A:40:70:05:6B:5C:31:91:A4:CB:AC:4B Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Certificate serial: 019B3456C1E493D13E2C2414A83D5FFE379B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft Manifest number: 0A7A Signing time: Fri 19 Dec 2025 02:00:59 +0000 Manifest this update: Fri 19 Dec 2025 02:00:59 +0000 Manifest next update: Sat 20 Dec 2025 02:00:59 +0000 Files and hashes: 1: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: WC3eY3JaMWegJxOVAzkymEwvGHl8BNYVueY8ZD9dCNU=) 2: vPivcilO-E_vThnuw1Jbeo7vl7Q.roa (hash: ue62obgrVIotq1vJM56av/nq50vzkGkDbEL5zd0kvpg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:56:c1:e4:93:d1:3e:2c:24:14:a8:3d:5f:fe:37:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Validity Not Before: Dec 19 02:00:59 2025 GMT Not After : Dec 20 02:00:59 2025 GMT Subject: CN=589c697f5bf5a62e0a4070056b5c3191a4cbac4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3b:07:7f:43:c3:ce:23:07:6c:3c:60:88:fb: a4:60:03:eb:27:32:34:c4:a7:b7:4f:82:21:ef:c6: cc:78:65:91:8d:2b:c7:e1:9b:6d:93:01:df:2f:5e: 01:fe:bb:fa:be:98:96:1c:bf:6b:eb:3c:c5:e8:9d: 54:ed:ff:4a:24:67:4b:75:e8:61:1e:d2:0c:a4:11: 11:08:2e:c1:d9:89:a1:a0:b5:95:98:75:90:ed:af: 90:41:89:57:36:dc:eb:e1:b6:37:4a:64:e9:7a:7b: e6:d4:33:5d:d6:2e:42:b4:71:aa:6a:3a:0f:23:91: 97:1d:29:09:e3:c7:54:9c:ae:73:dd:db:f6:da:c8: 56:82:28:0f:81:8f:ef:c1:f1:e5:cf:e8:04:4f:c6: 86:62:78:e5:68:6a:07:2e:73:c5:c9:28:15:df:dc: b3:1b:3c:8b:5e:3d:f1:f9:73:43:55:25:2f:7f:63: 22:86:dc:ba:ca:b9:f9:55:23:5c:bf:8d:79:08:83: 76:53:8c:b6:57:59:bb:24:dc:b6:0f:ab:59:e7:a6: 71:1b:b6:92:af:ea:cb:5f:db:15:47:41:79:20:d0: 95:f8:ff:1d:86:4a:24:cc:27:8b:54:40:be:03:90: 0b:fb:6c:ed:65:ae:1c:41:ac:a4:d0:e8:8b:b9:7b: c4:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:9C:69:7F:5B:F5:A6:2E:0A:40:70:05:6B:5C:31:91:A4:CB:AC:4B X509v3 Authority Key Identifier: keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:a9:ec:42:b4:31:ee:81:1b:e8:f2:53:e5:63:01:4c:9e:cc: 75:24:6c:27:d6:87:f8:7e:6f:70:81:8a:82:17:63:67:87:19: 8b:3f:23:c1:f9:bb:bb:fc:dc:3e:22:7b:55:48:c1:1b:b9:7e: c6:2f:98:4d:47:e3:10:63:00:06:b0:39:0f:ab:d2:f1:e7:1b: fb:bb:8d:f5:dc:57:ca:07:c5:7f:a7:f9:ad:bf:f5:94:e1:9d: 9a:68:71:8b:5b:5e:84:86:40:a9:2e:01:73:c7:88:8d:96:f2: 32:88:57:bf:6f:22:8e:b5:49:62:22:57:65:4f:21:c3:5f:56: 4a:81:1b:bd:1b:2a:68:77:ff:16:b2:a7:b7:4b:d0:24:f0:9d: e8:32:62:b5:c0:12:f8:da:d4:18:b8:fc:b9:5f:ec:34:71:6d: 9d:cb:45:3d:8a:4b:2b:b9:af:7f:73:c5:a3:53:f3:d1:06:db: d8:e9:da:e9:97:81:68:90:a2:2a:89:74:dc:ea:07:5d:32:87: ee:39:11:57:f1:69:94:57:45:4a:89:93:d7:aa:ca:06:6a:62: 66:eb:7f:37:0a:d6:68:5f:9b:6f:f1:9a:fc:6c:dc:64:de:ba: 27:42:66:c1:74:50:39:bf:89:09:0f:e8:e1:78:48:e5:17:90: b2:45:7d:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0VsHkk9E+LCQUqD1f/jebMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw N2VlZjIwHhcNMjUxMjE5MDIwMDU5WhcNMjUxMjIwMDIwMDU5WjAzMTEwLwYDVQQD Eyg1ODljNjk3ZjViZjVhNjJlMGE0MDcwMDU2YjVjMzE5MWE0Y2JhYzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzsHf0PDziMHbDxgiPukYAPrJzI0 xKe3T4Ih78bMeGWRjSvH4ZttkwHfL14B/rv6vpiWHL9r6zzF6J1U7f9KJGdLdehh HtIMpBERCC7B2YmhoLWVmHWQ7a+QQYlXNtzr4bY3SmTpenvm1DNd1i5CtHGqajoP I5GXHSkJ48dUnK5z3dv22shWgigPgY/vwfHlz+gET8aGYnjlaGoHLnPFySgV39yz GzyLXj3x+XNDVSUvf2Mihty6yrn5VSNcv415CIN2U4y2V1m7JNy2D6tZ56ZxG7aS r+rLX9sVR0F5INCV+P8dhkokzCeLVEC+A5AL+2ztZa4cQayk0OiLuXvEtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFicaX9b9aYuCkBwBWtcMZGky6xLMB8GA1UdIwQY MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYansQrQx 7oEb6PJT5WMBTJ7MdSRsJ9aH+H5vcIGKghdjZ4cZiz8jwfm7u/zcPiJ7VUjBG7l+ xi+YTUfjEGMABrA5D6vS8ecb+7uN9dxXygfFf6f5rb/1lOGdmmhxi1tehIZAqS4B c8eIjZbyMohXv28ijrVJYiJXZU8hw19WSoEbvRsqaHf/FrKnt0vQJPCd6DJitcAS +NrUGLj8uV/sNHFtnctFPYpLK7mvf3PFo1Pz0Qbb2Ona6ZeBaJCiKol03OoHXTKH 7jkRV/FplFdFSomT16rKBmpiZut/NwrWaF+bb/Ga/GzcZN66J0JmwXRQOb+JCQ/o 4XhI5ReQskV9Ig== -----END CERTIFICATE-----Generated at Fri Dec 19 06:51:29 2025 by rpki-client