This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft File: oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json) Hash identifier: kUavLBk+90dQEltNchEgayOZFpoMy7A40SKA3W9wVJY= Subject key identifier: A6:8E:84:18:F7:7A:60:32:54:AC:0B:5E:EF:F9:EF:4B:A3:1F:5C:43 Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD Certificate issuer: /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd Certificate serial: 019B397DC2A4C3C163A8D999C0E9304027B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft Manifest number: 0408 Signing time: Sat 20 Dec 2025 02:01:41 +0000 Manifest this update: Sat 20 Dec 2025 02:01:41 +0000 Manifest next update: Sun 21 Dec 2025 02:01:41 +0000 Files and hashes: 1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: Sn/F54i7Z7oCFVRAd06xScb5Hu1v5s40Mz7IQjDMEr8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:c2:a4:c3:c1:63:a8:d9:99:c0:e9:30:40:27:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd Validity Not Before: Dec 20 02:01:41 2025 GMT Not After : Dec 21 02:01:41 2025 GMT Subject: CN=a68e8418f77a603254ac0b5eeff9ef4ba31f5c43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a6:cb:d6:9d:65:03:25:12:eb:fa:ec:b4:30: ae:dd:7d:b3:d9:f4:ab:eb:1a:37:b3:cc:90:c1:1d: a2:f6:1f:a9:70:8f:2f:b3:1c:b7:7b:96:c3:8f:d7: 05:d7:97:7c:5e:99:4d:54:41:f8:71:8e:22:4e:0d: 64:75:04:62:72:6f:12:d8:a1:d1:c9:3a:ad:28:f5: 70:e2:c4:ab:87:b0:ae:43:7e:6f:d8:e3:ed:e4:f5: ee:49:a5:f5:a0:a4:a3:c4:c5:df:0e:76:18:e2:5d: 74:aa:b1:46:32:36:58:3f:a0:c9:b1:01:fa:af:ff: 4f:de:59:b9:5d:00:ae:42:06:26:02:c7:c8:cf:57: 5a:01:0e:89:61:f8:12:95:45:f3:6f:3f:81:72:ca: 0b:67:ca:d5:d4:97:93:b7:67:d2:9c:38:f1:86:29: 93:dc:d1:e4:81:09:2c:45:0e:2a:d0:b5:81:bd:89: d7:66:e1:77:db:c3:68:48:af:49:55:45:e1:4a:ef: 5c:56:fc:cc:ce:40:b6:c8:05:55:63:eb:ed:33:72: b7:9a:67:b4:b0:33:fe:e5:15:6b:5a:c6:a8:a1:eb: 0f:58:e4:c2:b5:cd:d3:4e:34:db:00:14:50:98:21: 51:13:4c:bf:a1:76:c3:61:1b:ef:fd:f5:31:e9:e1: ad:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:8E:84:18:F7:7A:60:32:54:AC:0B:5E:EF:F9:EF:4B:A3:1F:5C:43 X509v3 Authority Key Identifier: keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:f2:70:c8:86:01:f5:18:e8:6c:a8:b6:7a:a7:e9:2f:6b:08: 18:1a:a8:96:ee:32:85:05:6b:91:fb:93:07:ce:dc:35:ee:65: 75:9c:cb:03:bb:4f:c4:6c:55:1a:ed:38:dd:f2:3a:34:89:33: 79:be:c6:7e:2b:ad:36:78:1b:28:3d:8e:d6:f4:b3:ca:8a:16: ae:8f:a1:a2:1d:1f:ab:3f:f9:66:5e:9a:77:7f:aa:e1:50:26: a4:81:51:46:7d:b0:04:d2:b1:24:6b:9e:6d:7c:b5:21:bb:83: e3:d2:a7:e5:9d:40:08:02:e0:62:ae:b8:5c:43:97:3b:44:b1: fc:41:46:a0:e1:e4:00:f2:2e:ae:2c:74:60:c4:42:53:00:5f: 72:31:2f:30:91:a7:e5:f9:1a:9b:df:ee:10:45:37:3f:8c:a0: 61:8e:85:16:3b:36:84:a5:a7:05:c9:da:51:28:e4:4d:4e:6d: 80:71:c8:82:eb:00:1c:d5:5c:35:26:60:e9:10:64:8d:3d:13: 2c:da:09:a3:e8:48:13:5b:36:63:1a:ea:12:99:8f:e5:29:ba: 33:dd:8b:6e:eb:df:7e:84:5c:8e:af:ba:6a:37:f3:ad:c5:a1: ac:23:dd:cb:a2:f0:0a:f3:be:e4:f9:05:63:11:06:d8:e8:de: 2a:89:76:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fcKkw8FjqNmZwOkwQCe4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl Y2VlY2QwHhcNMjUxMjIwMDIwMTQxWhcNMjUxMjIxMDIwMTQxWjAzMTEwLwYDVQQD EyhhNjhlODQxOGY3N2E2MDMyNTRhYzBiNWVlZmY5ZWY0YmEzMWY1YzQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6bL1p1lAyUS6/rstDCu3X2z2fSr 6xo3s8yQwR2i9h+pcI8vsxy3e5bDj9cF15d8XplNVEH4cY4iTg1kdQRicm8S2KHR yTqtKPVw4sSrh7CuQ35v2OPt5PXuSaX1oKSjxMXfDnYY4l10qrFGMjZYP6DJsQH6 r/9P3lm5XQCuQgYmAsfIz1daAQ6JYfgSlUXzbz+BcsoLZ8rV1JeTt2fSnDjxhimT 3NHkgQksRQ4q0LWBvYnXZuF328NoSK9JVUXhSu9cVvzMzkC2yAVVY+vtM3K3mme0 sDP+5RVrWsaooesPWOTCtc3TTjTbABRQmCFRE0y/oXbDYRvv/fUx6eGtjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKaOhBj3emAyVKwLXu/570ujH1xDMB8GA1UdIwQY MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfJwyIYB 9RjobKi2eqfpL2sIGBqolu4yhQVrkfuTB87cNe5ldZzLA7tPxGxVGu043fI6NIkz eb7GfiutNngbKD2O1vSzyooWro+hoh0fqz/5Zl6ad3+q4VAmpIFRRn2wBNKxJGue bXy1IbuD49Kn5Z1ACALgYq64XEOXO0Sx/EFGoOHkAPIurix0YMRCUwBfcjEvMJGn 5fkam9/uEEU3P4ygYY6FFjs2hKWnBcnaUSjkTU5tgHHIgusAHNVcNSZg6RBkjT0T LNoJo+hIE1s2YxrqEpmP5Sm6M92LbuvffoRcjq+6ajfzrcWhrCPdy6LwCvO+5PkF YxEG2OjeKol2Tw== -----END CERTIFICATE-----Generated at Sat Dec 20 05:32:32 2025 by rpki-client