This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft File: oeqN4xzspVgDzzrxTUpyea6ERtA.mft (raw, json) Hash identifier: sEozRraRNEpv2iNm4atMsX9fLTGTrdZhjpYbysy3TQI= Subject key identifier: 32:89:0C:31:E2:62:73:17:79:61:7C:E0:9F:71:A5:DB:6B:94:A5:FA Authority key identifier: A1:EA:8D:E3:1C:EC:A5:58:03:CF:3A:F1:4D:4A:72:79:AE:84:46:D0 Certificate issuer: /CN=a1ea8de31ceca55803cf3af14d4a7279ae8446d0 Certificate serial: 019B360E263317B9A693A99171BF71CC7D05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft Manifest number: 1450 Signing time: Fri 19 Dec 2025 10:00:55 +0000 Manifest this update: Fri 19 Dec 2025 10:00:55 +0000 Manifest next update: Sat 20 Dec 2025 10:00:55 +0000 Files and hashes: 1: TDfG5NF12hxSyXLWLA5stKOOtYA.roa (hash: ZIIOgFqGU3wD4D80AI/qGFTgXGLSL893vgumKTjU8Dc=) 2: oeqN4xzspVgDzzrxTUpyea6ERtA.crl (hash: xVOTttZrhLpb/C8vcWn/OM3wgtYkK+miO6D5TkSHNPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.crl rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0e:26:33:17:b9:a6:93:a9:91:71:bf:71:cc:7d:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1ea8de31ceca55803cf3af14d4a7279ae8446d0 Validity Not Before: Dec 19 10:00:55 2025 GMT Not After : Dec 20 10:00:55 2025 GMT Subject: CN=32890c31e262731779617ce09f71a5db6b94a5fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a3:c0:c9:94:63:81:f5:5a:8d:7f:c5:f5:f4: f1:a3:fe:69:8b:61:be:12:69:5b:38:af:0b:a8:5a: e7:9e:cd:7e:f9:b9:65:77:01:8a:ad:1d:24:cd:32: 04:4e:c7:5b:54:cc:8d:d2:5e:6b:3b:6e:de:50:c4: 57:67:30:ac:c5:44:e1:9a:97:d4:16:ce:42:15:cb: ae:6d:70:48:1e:18:1f:37:f6:69:99:17:98:71:6d: f7:b3:cc:67:ad:e5:0e:8b:b0:93:ff:a6:cd:a4:a9: ea:86:f8:2d:28:ad:e4:a8:e3:22:73:74:1e:47:69: 71:47:ed:29:51:64:7e:73:b7:a1:f6:c3:92:86:c3: f5:07:f7:bc:57:4d:2c:07:1c:67:43:d4:71:e2:19: 15:99:00:f5:35:ef:19:8e:b6:a3:df:62:10:98:00: 39:39:79:e6:6f:81:b1:17:45:f6:a9:37:a5:09:ef: 21:a8:c6:d0:10:96:93:f8:9e:8b:4f:ac:19:26:bb: ee:a4:f1:aa:ba:19:f9:71:6c:e6:92:8b:3e:84:77: a9:b5:0e:cd:9a:16:e6:3a:ed:61:14:df:9c:22:aa: ff:68:eb:68:f0:de:b5:2c:6b:d4:de:77:88:96:05: 31:a2:e7:5c:05:4b:3a:70:ee:f2:b3:b3:78:db:29: 80:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:89:0C:31:E2:62:73:17:79:61:7C:E0:9F:71:A5:DB:6B:94:A5:FA X509v3 Authority Key Identifier: keyid:A1:EA:8D:E3:1C:EC:A5:58:03:CF:3A:F1:4D:4A:72:79:AE:84:46:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeqN4xzspVgDzzrxTUpyea6ERtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca99d8-8527-45b8-af6a-765262f29eaf/1/oeqN4xzspVgDzzrxTUpyea6ERtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:f0:4b:31:6a:e0:21:c4:92:eb:9d:57:4b:8a:5a:ad:d6:42: a4:c3:29:b4:91:08:ff:9b:26:9c:7c:10:7f:bb:29:f9:31:d5: 3b:26:a8:11:b3:13:41:b8:d6:a4:f5:e0:51:aa:b6:61:a7:62: 46:77:4a:a1:28:e0:75:93:a4:92:a1:b9:e9:bd:81:6b:fe:a5: 33:6c:2b:36:ab:2f:14:85:94:a7:0f:df:ba:62:cf:7c:04:0f: 28:0f:2b:91:91:27:fa:68:d1:a2:95:18:89:92:76:54:65:a8: 6b:f1:49:e6:67:47:fb:e0:0d:05:3d:d2:1b:05:c4:ba:46:59: b8:fc:16:d3:c7:7b:b0:a4:ee:02:de:30:ef:3c:a4:24:3a:27: 2b:29:cf:5a:8b:0b:43:5f:f1:7d:76:4f:71:e3:88:df:7c:01: 38:74:bd:a1:08:88:d7:14:e0:fb:3f:8c:3f:9a:56:80:da:08: da:11:5f:d4:c7:92:db:74:48:c8:69:4a:56:4c:75:49:99:4d: cf:4f:e7:bd:76:ba:a5:be:1a:28:df:55:9b:42:c2:7e:67:7b: e6:76:b7:b3:04:36:7f:76:f3:24:4b:6e:0d:47:ce:c8:b7:af: 89:a9:7b:1b:9e:7a:f4:e4:8e:19:c1:fd:86:61:13:be:5b:8c: 7a:e1:f5:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DiYzF7mmk6mRcb9xzH0FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZWE4ZGUzMWNlY2E1NTgwM2NmM2FmMTRkNGE3Mjc5YWU4 NDQ2ZDAwHhcNMjUxMjE5MTAwMDU1WhcNMjUxMjIwMTAwMDU1WjAzMTEwLwYDVQQD EygzMjg5MGMzMWUyNjI3MzE3Nzk2MTdjZTA5ZjcxYTVkYjZiOTRhNWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqPAyZRjgfVajX/F9fTxo/5pi2G+ EmlbOK8LqFrnns1++blldwGKrR0kzTIETsdbVMyN0l5rO27eUMRXZzCsxUThmpfU Fs5CFcuubXBIHhgfN/ZpmReYcW33s8xnreUOi7CT/6bNpKnqhvgtKK3kqOMic3Qe R2lxR+0pUWR+c7eh9sOShsP1B/e8V00sBxxnQ9Rx4hkVmQD1Ne8Zjraj32IQmAA5 OXnmb4GxF0X2qTelCe8hqMbQEJaT+J6LT6wZJrvupPGquhn5cWzmkos+hHeptQ7N mhbmOu1hFN+cIqr/aOto8N61LGvU3neIlgUxoudcBUs6cO7ys7N42ymAawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDKJDDHiYnMXeWF84J9xpdtrlKX6MB8GA1UdIwQY MBaAFKHqjeMc7KVYA8868U1KcnmuhEbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jYTk5ZDgtODUyNy00NWI4LWFmNmEt NzY1MjYyZjI5ZWFmLzEvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9jYTk5ZDgtODUyNy00NWI4LWFmNmEtNzY1MjYyZjI5ZWFm LzEvb2VxTjR4enNwVmdEenpyeFRVcHllYTZFUnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfBLMWrg IcSS651XS4pardZCpMMptJEI/5smnHwQf7sp+THVOyaoEbMTQbjWpPXgUaq2Yadi RndKoSjgdZOkkqG56b2Ba/6lM2wrNqsvFIWUpw/fumLPfAQPKA8rkZEn+mjRopUY iZJ2VGWoa/FJ5mdH++ANBT3SGwXEukZZuPwW08d7sKTuAt4w7zykJDonKynPWosL Q1/xfXZPceOI33wBOHS9oQiI1xTg+z+MP5pWgNoI2hFf1MeS23RIyGlKVkx1SZlN z0/nvXa6pb4aKN9Vm0LCfmd75na3swQ2f3bzJEtuDUfOyLevial7G5569OSOGcH9 hmETvluMeuH1Gg== -----END CERTIFICATE-----Generated at Fri Dec 19 13:16:33 2025 by rpki-client