This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft File: oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft (raw, json) Hash identifier: ghhGiS7kAC/v99MmDNxiuQN8+/0+myVeSlG9Fq7Fm7g= Subject key identifier: 14:14:18:82:C3:C6:C4:AD:7D:BE:6F:61:6F:BC:FC:28:ED:25:52:35 Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77 Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77 Certificate serial: 019B21749FF1CC48BF63494C6401FC28B8C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft Manifest number: 0EA1 Signing time: Mon 15 Dec 2025 10:00:49 +0000 Manifest this update: Mon 15 Dec 2025 10:00:49 +0000 Manifest next update: Tue 16 Dec 2025 10:00:49 +0000 Files and hashes: 1: f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa (hash: CJSEzeKkH+A8u48zVCzb/MrI7FvV/Beze1CPp3UTLZU=) 2: oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl (hash: w34S97AGwMVlC/45bXV9hIenhel2q7CINmwiu0916AE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:9f:f1:cc:48:bf:63:49:4c:64:01:fc:28:b8:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77 Validity Not Before: Dec 15 10:00:49 2025 GMT Not After : Dec 16 10:00:49 2025 GMT Subject: CN=14141882c3c6c4ad7dbe6f616fbcfc28ed255235 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fc:2e:c8:e7:16:1e:d5:e3:b8:55:ca:71:1a: 4e:13:fc:99:07:36:07:4b:7f:84:c0:17:c2:15:ac: ab:95:a1:bb:4e:0a:d2:fa:fe:5b:16:34:2e:8a:18: 5d:79:e8:81:43:14:be:aa:4b:e0:70:db:b7:d5:89: 80:65:6c:c2:57:5f:ac:5d:c5:65:4c:4b:b7:20:4d: 84:81:d1:ac:6a:db:77:4c:a1:81:4f:5a:56:d2:ee: 7a:75:39:78:47:96:45:5d:59:cf:5c:b0:9b:18:15: a2:9b:a3:21:5b:8a:de:b1:72:1d:88:9d:48:e8:d3: 9a:55:df:d5:bf:04:88:1d:a2:23:f8:d9:a8:70:e5: e1:39:2a:8f:b1:0b:9d:93:74:79:51:ae:85:07:47: 29:63:91:2d:9a:c5:de:0b:f1:b2:5e:07:07:8e:15: 06:15:4c:c7:c7:7e:d8:ae:71:54:be:82:58:cf:8a: 01:4c:7b:cc:a7:1e:d1:93:cf:96:c8:cf:39:f3:65: da:2a:ce:ef:8f:7b:46:b1:d8:20:7b:96:2f:33:5e: c2:8a:cd:67:91:db:8a:3e:f3:51:28:6f:09:b2:af: 5f:41:26:86:86:e9:ce:52:8a:38:c8:39:fd:3e:31: cc:ea:a8:cb:e0:fd:a1:06:73:a5:41:27:0f:7b:a7: ff:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:14:18:82:C3:C6:C4:AD:7D:BE:6F:61:6F:BC:FC:28:ED:25:52:35 X509v3 Authority Key Identifier: keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:7b:ee:8a:ff:d1:38:84:1d:48:3a:66:cf:a8:29:1a:29:f6: 38:c4:85:5a:f0:a4:3b:d7:62:f6:ad:cf:6b:1b:1a:ba:11:7f: af:a3:9b:d4:58:59:e6:c8:95:b0:8c:d3:96:52:51:54:9a:4c: b4:79:29:60:20:8b:99:e2:ef:0e:0b:37:ab:39:8d:97:15:38: 00:51:b3:04:dd:cd:23:0a:b5:29:b5:03:74:1f:fd:2b:b2:d2: ab:6f:85:4f:51:67:2e:88:0b:a7:8e:cd:3e:d5:12:2c:d7:a4: 1c:77:5e:21:ee:b5:0f:6b:88:a6:57:b2:ae:c3:98:a1:03:ab: 7f:ce:11:70:4c:d7:18:92:b1:6c:d7:33:58:b3:af:dd:be:a9: a0:da:20:6c:e2:4b:8e:ec:7f:fd:fa:95:5d:1b:5d:b7:55:40: ba:36:ec:89:e3:11:57:31:36:31:16:db:c1:c3:e4:42:2a:d0: cb:dc:b6:ee:03:a7:ae:03:62:55:b9:e5:c5:bf:d8:24:2b:9b: 92:08:99:44:90:8f:b6:95:eb:db:58:7f:1e:4b:04:a7:64:4a: e2:8f:6f:45:94:82:20:f8:7f:de:f4:66:05:c9:67:7e:0a:39: ca:b9:e9:1b:fc:6d:69:16:9e:c6:00:5d:33:20:57:9e:6a:61: 4c:38:f7:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdJ/xzEi/Y0lMZAH8KLjHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz MGZkNzcwHhcNMjUxMjE1MTAwMDQ5WhcNMjUxMjE2MTAwMDQ5WjAzMTEwLwYDVQQD EygxNDE0MTg4MmMzYzZjNGFkN2RiZTZmNjE2ZmJjZmMyOGVkMjU1MjM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfwuyOcWHtXjuFXKcRpOE/yZBzYH S3+EwBfCFayrlaG7TgrS+v5bFjQuihhdeeiBQxS+qkvgcNu31YmAZWzCV1+sXcVl TEu3IE2EgdGsatt3TKGBT1pW0u56dTl4R5ZFXVnPXLCbGBWim6MhW4resXIdiJ1I 6NOaVd/VvwSIHaIj+NmocOXhOSqPsQudk3R5Ua6FB0cpY5EtmsXeC/GyXgcHjhUG FUzHx37YrnFUvoJYz4oBTHvMpx7Rk8+WyM8582XaKs7vj3tGsdgge5YvM17Cis1n kduKPvNRKG8Jsq9fQSaGhunOUoo4yDn9PjHM6qjL4P2hBnOlQScPe6f/7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBQUGILDxsStfb5vYW+8/CjtJVI1MB8GA1UdIwQY MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt ZjVmODE0NTY1MWQzLzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZXvuiv/R OIQdSDpmz6gpGin2OMSFWvCkO9di9q3PaxsauhF/r6Ob1FhZ5siVsIzTllJRVJpM tHkpYCCLmeLvDgs3qzmNlxU4AFGzBN3NIwq1KbUDdB/9K7LSq2+FT1FnLogLp47N PtUSLNekHHdeIe61D2uIpleyrsOYoQOrf84RcEzXGJKxbNczWLOv3b6poNogbOJL jux//fqVXRtdt1VAujbsieMRVzE2MRbbwcPkQirQy9y27gOnrgNiVbnlxb/YJCub kgiZRJCPtpXr21h/HksEp2RK4o9vRZSCIPh/3vRmBclnfgo5yrnpG/xtaRaexgBd MyBXnmphTDj3pQ== -----END CERTIFICATE-----Generated at Mon Dec 15 13:21:52 2025 by rpki-client