This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json) Hash identifier: wobDwPqfDAF680/QLcHdKzacEoROXFNokHWgRppZ2IM= Subject key identifier: 52:01:C2:37:94:00:96:9B:39:63:8D:D1:69:4C:11:4B:9D:19:90:02 Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11 Certificate serial: 019B476F4F7E138CF4BF6851CA9BB6D5D878 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft Manifest number: 0AC5 Signing time: Mon 22 Dec 2025 19:00:35 +0000 Manifest this update: Mon 22 Dec 2025 19:00:35 +0000 Manifest next update: Tue 23 Dec 2025 19:00:35 +0000 Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: aO4SeAFXsQ579QVj+bbjxtraKsCm65Fn3qw6Nh4LkFU=) 2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:4f:7e:13:8c:f4:bf:68:51:ca:9b:b6:d5:d8:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11 Validity Not Before: Dec 22 19:00:35 2025 GMT Not After : Dec 23 19:00:35 2025 GMT Subject: CN=5201c2379400969b39638dd1694c114b9d199002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:35:5d:bc:b5:c8:32:a2:eb:95:89:f4:ec:c4: 36:c3:ae:df:6c:c9:89:43:29:99:e3:24:78:37:1f: a6:bf:71:03:5b:79:94:5c:01:db:3c:93:2c:1a:15: d5:5b:f7:e2:12:cb:f9:9e:54:d8:d4:e6:0d:60:84: 04:b7:25:36:fa:b4:d7:7b:14:f1:a8:4a:d9:31:55: 51:1a:12:03:7f:9f:32:78:0c:4d:42:43:da:1a:21: 85:07:ff:54:ba:b0:21:6c:76:5e:0f:fd:af:61:a3: 95:40:48:d3:5a:a4:5e:f7:29:97:ee:2d:ac:19:72: 4f:bf:fe:5f:53:99:0c:96:19:74:4a:be:b3:1d:7c: 22:43:c4:d7:57:bc:77:50:31:6b:e2:cf:9c:6e:d2: 4c:4f:e5:57:9f:71:85:df:af:f8:3a:3e:67:32:a8: d1:e1:92:ec:af:6f:58:2e:49:5d:30:30:ea:8f:7f: d3:49:dc:38:02:90:54:33:1d:d1:e8:a9:2c:e1:b2: 77:14:f5:ae:0a:d2:17:d8:92:4f:6a:a4:3e:81:f5: 7c:81:e3:e9:9d:7f:5d:58:98:41:0a:b5:0a:f8:26: ae:7a:95:f8:22:21:69:13:b5:3f:9c:a3:38:31:c1: 6f:72:1c:aa:09:a2:b5:3c:25:4a:13:1a:d1:27:42: 8b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:01:C2:37:94:00:96:9B:39:63:8D:D1:69:4C:11:4B:9D:19:90:02 X509v3 Authority Key Identifier: keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:6c:2a:ad:6a:de:bc:60:24:10:04:52:9b:95:97:1c:70:05: 5d:30:15:6b:6d:43:39:5b:ab:dd:88:31:49:8f:db:62:c6:ef: 35:20:56:11:50:1a:05:9e:11:df:e8:40:a8:b7:38:b6:6d:94: 77:a0:c9:8a:7a:fb:e9:f1:1c:56:54:a2:af:88:d1:d7:2a:d6: e9:e0:0c:e1:7c:38:34:d5:7b:72:60:de:e1:60:36:66:60:cc: 75:db:08:20:b9:9a:28:b3:06:70:63:ef:48:ac:39:7c:c6:f4: e3:8e:5b:ed:40:64:87:72:69:6d:f9:83:1e:b7:e8:d8:6a:23: 54:e5:45:cd:c5:fd:92:0a:9d:96:5c:fe:5a:bc:7e:5b:99:d2: e0:6e:a1:94:cd:09:f3:43:ee:66:54:4d:65:2f:b7:3d:3d:f5: 12:1f:59:1a:f0:4a:47:2a:a7:a3:2d:a6:e0:87:b1:c0:0d:84: 45:99:eb:f7:78:8d:8a:13:a2:38:c7:54:42:5a:f0:fb:28:32: 8b:14:44:37:cf:57:e1:60:1e:df:3f:53:90:a7:a3:76:7b:cd: de:cd:31:be:d2:ee:8a:6b:d6:11:30:43:ad:c3:5c:2a:90:09: dd:2a:3d:b9:2a:57:08:f9:60:94:94:c9:de:c8:98:d8:31:f2: f6:69:75:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb09+E4z0v2hRypu21dh4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi ZWJiMTEwHhcNMjUxMjIyMTkwMDM1WhcNMjUxMjIzMTkwMDM1WjAzMTEwLwYDVQQD Eyg1MjAxYzIzNzk0MDA5NjliMzk2MzhkZDE2OTRjMTE0YjlkMTk5MDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjVdvLXIMqLrlYn07MQ2w67fbMmJ QymZ4yR4Nx+mv3EDW3mUXAHbPJMsGhXVW/fiEsv5nlTY1OYNYIQEtyU2+rTXexTx qErZMVVRGhIDf58yeAxNQkPaGiGFB/9UurAhbHZeD/2vYaOVQEjTWqRe9ymX7i2s GXJPv/5fU5kMlhl0Sr6zHXwiQ8TXV7x3UDFr4s+cbtJMT+VXn3GF36/4Oj5nMqjR 4ZLsr29YLkldMDDqj3/TSdw4ApBUMx3R6Kks4bJ3FPWuCtIX2JJPaqQ+gfV8gePp nX9dWJhBCrUK+CauepX4IiFpE7U/nKM4McFvchyqCaK1PCVKExrRJ0KLHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFIBwjeUAJabOWON0WlMEUudGZACMB8GA1UdIwQY MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT2wqrWre vGAkEARSm5WXHHAFXTAVa21DOVur3YgxSY/bYsbvNSBWEVAaBZ4R3+hAqLc4tm2U d6DJinr76fEcVlSir4jR1yrW6eAM4Xw4NNV7cmDe4WA2ZmDMddsIILmaKLMGcGPv SKw5fMb0445b7UBkh3JpbfmDHrfo2GojVOVFzcX9kgqdllz+Wrx+W5nS4G6hlM0J 80PuZlRNZS+3PT31Eh9ZGvBKRyqnoy2m4IexwA2ERZnr93iNihOiOMdUQlrw+ygy ixREN89X4WAe3z9TkKejdnvN3s0xvtLuimvWETBDrcNcKpAJ3So9uSpXCPlglJTJ 3siY2DHy9ml1Gg== -----END CERTIFICATE-----Generated at Mon Dec 22 20:45:54 2025 by rpki-client