This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft File: oeqN4xzspVgDzzrxTUpyea6ERtA.mft (raw, json) Hash identifier: GWqK0EGVDqBvePbOPcDKUGrAlXCfzDBJbwvt5dWBR3A= Subject key identifier: F7:DF:0C:AE:EF:87:E8:51:00:5F:3F:FB:17:DA:BB:B5:C7:70:01:01 Authority key identifier: A1:EA:8D:E3:1C:EC:A5:58:03:CF:3A:F1:4D:4A:72:79:AE:84:46:D0 Certificate issuer: /CN=a1ea8de31ceca55803cf3af14d4a7279ae8446d0 Certificate serial: 019B0FA5F97F539A2A3F683F22AD1C97C27D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft Manifest number: 143C Signing time: Thu 11 Dec 2025 23:01:34 +0000 Manifest this update: Thu 11 Dec 2025 23:01:34 +0000 Manifest next update: Fri 12 Dec 2025 23:01:34 +0000 Files and hashes: 1: ZsbPyFKfDnHSbXB5Rdfyon4nTbQ.roa (hash: f+ETlYVDvmS9d48p0ZYmqykWIOKGSt0JzwDEXRuMaVs=) 2: oeqN4xzspVgDzzrxTUpyea6ERtA.crl (hash: rslJ25eH0QN9usgX8/3lmzocXCfpOhsmHjQ4C9gfz18=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.crl rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a5:f9:7f:53:9a:2a:3f:68:3f:22:ad:1c:97:c2:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1ea8de31ceca55803cf3af14d4a7279ae8446d0 Validity Not Before: Dec 11 23:01:34 2025 GMT Not After : Dec 12 23:01:34 2025 GMT Subject: CN=f7df0caeef87e851005f3ffb17dabbb5c7700101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:21:e6:5f:69:6d:a9:91:5f:e6:ee:13:c4:c5: c2:93:c3:5f:e0:27:4e:f9:eb:06:b4:35:15:4a:7d: dc:f5:d8:b0:f2:3c:27:64:7b:19:95:53:11:48:ae: 17:12:6b:15:2a:1f:bd:c0:1d:a3:f0:39:5b:2d:d9: 1f:3d:1f:9f:69:c1:52:fc:63:19:d6:93:96:f4:1c: 86:db:48:a1:ff:1b:05:45:d4:c5:22:99:c7:9f:98: db:9a:18:1c:23:29:1e:a8:ff:9e:4f:05:41:c7:c3: 89:bd:19:7d:a5:7b:7b:fd:c4:77:4a:23:62:4e:16: 2e:8f:24:f8:ae:07:f7:07:35:74:a9:57:ad:92:7a: 46:20:cc:35:54:54:8b:37:b4:0f:6d:b4:bc:12:71: 95:4c:b8:66:eb:78:d1:62:fd:6a:ac:85:bd:51:ba: 28:3b:db:8c:69:48:e6:b7:7d:91:a7:66:1f:22:be: 60:e4:b8:e8:3d:5a:64:9f:0a:3d:19:6b:81:6c:14: 90:72:a7:6f:4a:98:09:af:04:cd:83:cb:de:c0:26: 46:a5:81:12:8a:d1:52:a2:89:0e:89:9c:18:1c:70: 0d:6a:1b:f3:12:50:cf:44:fd:4a:f1:e8:46:7e:1e: 7c:62:5a:ca:46:14:82:2d:59:5a:7a:5d:d9:a9:ed: 02:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:DF:0C:AE:EF:87:E8:51:00:5F:3F:FB:17:DA:BB:B5:C7:70:01:01 X509v3 Authority Key Identifier: keyid:A1:EA:8D:E3:1C:EC:A5:58:03:CF:3A:F1:4D:4A:72:79:AE:84:46:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:c5:c8:fd:e9:ce:95:f9:d5:14:dd:1b:71:3d:9b:50:61:d7: 71:62:56:17:7a:24:55:f3:2b:b6:4a:da:1b:3e:a8:04:c9:86: 55:0f:f5:8b:dd:b5:6b:69:a5:24:92:47:c8:ee:c2:24:74:b9: b2:88:e7:93:bd:4e:de:f1:e5:f5:2e:9d:88:98:ea:17:1d:05: f8:4c:82:30:b8:06:ea:bb:41:99:d1:9e:9b:49:84:58:7c:cf: d0:95:02:bd:24:cf:03:9c:de:45:b2:57:e2:e3:1e:f0:2a:43: 4f:4f:34:c9:8a:de:d9:48:ce:0f:82:2d:8c:b0:5c:20:70:50: ba:4e:dd:23:48:d4:a5:21:17:21:65:53:6d:08:3c:a6:a9:b2: 30:47:64:9a:b3:5c:51:4d:ea:27:94:fc:79:84:ef:7d:38:5b: 49:cc:3d:82:75:0d:22:55:30:07:7d:23:77:b6:e5:82:f7:b3: 89:16:03:42:cc:7a:ff:ef:fb:9c:1f:f2:ac:ed:52:8e:e8:26: 5f:1b:3a:d6:ca:ec:b2:1f:17:72:df:54:ea:bb:35:74:79:a4: 52:59:b7:d3:57:e9:7f:02:d2:74:2b:6b:50:a0:b6:10:87:63: 71:8c:6a:66:e8:90:7f:0c:31:35:f0:08:61:fb:4d:24:66:d3: 93:f1:b9:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpfl/U5oqP2g/Iq0cl8J9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZWE4ZGUzMWNlY2E1NTgwM2NmM2FmMTRkNGE3Mjc5YWU4 NDQ2ZDAwHhcNMjUxMjExMjMwMTM0WhcNMjUxMjEyMjMwMTM0WjAzMTEwLwYDVQQD EyhmN2RmMGNhZWVmODdlODUxMDA1ZjNmZmIxN2RhYmJiNWM3NzAwMTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCHmX2ltqZFf5u4TxMXCk8Nf4CdO +esGtDUVSn3c9diw8jwnZHsZlVMRSK4XEmsVKh+9wB2j8DlbLdkfPR+facFS/GMZ 1pOW9ByG20ih/xsFRdTFIpnHn5jbmhgcIykeqP+eTwVBx8OJvRl9pXt7/cR3SiNi ThYujyT4rgf3BzV0qVetknpGIMw1VFSLN7QPbbS8EnGVTLhm63jRYv1qrIW9Uboo O9uMaUjmt32Rp2YfIr5g5LjoPVpknwo9GWuBbBSQcqdvSpgJrwTNg8vewCZGpYES itFSookOiZwYHHANahvzElDPRP1K8ehGfh58YlrKRhSCLVlael3Zqe0CHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPffDK7vh+hRAF8/+xfau7XHcAEBMB8GA1UdIwQY MBaAFKHqjeMc7KVYA8868U1KcnmuhEbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jYTk5ZDgtODUyNy00NWI4LWFmNmEt NzY1MjYyZjI5ZWFmLzEvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9jYTk5ZDgtODUyNy00NWI4LWFmNmEtNzY1MjYyZjI5ZWFm LzEvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcXI/enO lfnVFN0bcT2bUGHXcWJWF3okVfMrtkraGz6oBMmGVQ/1i921a2mlJJJHyO7CJHS5 sojnk71O3vHl9S6diJjqFx0F+EyCMLgG6rtBmdGem0mEWHzP0JUCvSTPA5zeRbJX 4uMe8CpDT080yYre2UjOD4ItjLBcIHBQuk7dI0jUpSEXIWVTbQg8pqmyMEdkmrNc UU3qJ5T8eYTvfThbScw9gnUNIlUwB30jd7blgveziRYDQsx6/+/7nB/yrO1Sjugm Xxs61srssh8Xct9U6rs1dHmkUlm301fpfwLSdCtrUKC2EIdjcYxqZuiQfwwxNfAI YftNJGbTk/G5Wg== -----END CERTIFICATE-----Generated at Fri Dec 12 00:16:11 2025 by rpki-client