This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft File: oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft (raw, json) Hash identifier: TF63OeGKKv4Laj/ru47bbpfrm7zpOI57plkyfIJYSHc= Subject key identifier: 9F:84:65:A3:CB:3A:FD:6E:4F:B2:88:A4:66:E9:39:1A:E3:92:B9:C9 Authority key identifier: A0:A2:2F:CB:54:A0:91:D6:91:3F:FE:9F:AF:B9:83:C5:7A:4A:C2:2C Certificate issuer: /CN=a0a22fcb54a091d6913ffe9fafb983c57a4ac22c Certificate serial: 019B0E92CA9FC7010390773416FF264A7B69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft Manifest number: 08C5 Signing time: Thu 11 Dec 2025 18:00:59 +0000 Manifest this update: Thu 11 Dec 2025 18:00:59 +0000 Manifest next update: Fri 12 Dec 2025 18:00:59 +0000 Files and hashes: 1: oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl (hash: yVQeMxamxGIHP8OTkfZzFXz6luU5YWNWlHBIy13RkYs=) 2: vVp_ERdrnRIqLCUsItb5VjVaAYU.roa (hash: qquI+vjzguENR1gQyNKb61rrA2a/ZfrzpGtiqom6A+8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:ca:9f:c7:01:03:90:77:34:16:ff:26:4a:7b:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a22fcb54a091d6913ffe9fafb983c57a4ac22c Validity Not Before: Dec 11 18:00:59 2025 GMT Not After : Dec 12 18:00:59 2025 GMT Subject: CN=9f8465a3cb3afd6e4fb288a466e9391ae392b9c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:bc:c1:45:97:c2:85:94:f6:80:0d:a2:b5:ee: 7c:12:e9:40:57:b5:4e:54:5d:43:99:7c:c3:a9:aa: e2:a7:38:a5:7c:d8:1b:50:b8:64:b6:ef:7c:4c:3e: 12:40:d9:8e:51:bb:fe:1d:e0:5a:58:99:73:7d:b3: 44:00:72:a0:f4:12:d5:41:c9:d2:1f:68:05:59:cb: b8:fb:4d:3e:7c:18:3c:3f:e1:50:41:4f:68:a4:ed: ab:1b:30:ce:4d:cd:15:a7:e9:be:3b:d8:de:a2:10: ae:cf:b0:40:e9:dc:39:f1:3b:7c:49:d6:f5:b7:c8: f0:31:83:7e:22:1b:14:1f:d0:65:d2:4d:08:3b:2a: 56:e2:39:37:e8:67:91:47:33:30:db:e0:f2:12:ac: a4:74:e7:86:76:50:41:bf:75:34:fd:9c:c6:57:69: 5d:16:93:d5:3f:b2:8f:56:8a:46:32:12:c2:a4:0b: 08:5a:62:66:b1:fc:ba:18:c2:1f:2b:5f:f5:72:6f: 02:c7:35:ad:46:86:46:12:1d:e0:57:ad:0e:bf:75: 56:44:58:5f:2f:c1:57:dc:65:28:d1:f5:2c:05:22: 1f:b5:de:a8:12:a3:85:b8:6c:95:82:3e:73:3f:30: dd:75:fd:15:81:72:aa:e7:66:c8:b3:1b:05:37:dc: f6:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:84:65:A3:CB:3A:FD:6E:4F:B2:88:A4:66:E9:39:1A:E3:92:B9:C9 X509v3 Authority Key Identifier: keyid:A0:A2:2F:CB:54:A0:91:D6:91:3F:FE:9F:AF:B9:83:C5:7A:4A:C2:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:e0:4f:fc:3d:da:c8:80:c3:1b:fa:a7:f0:ef:26:a0:a1:be: fd:57:8a:a1:05:29:d4:41:99:58:47:46:55:43:d6:7d:d3:e6: 31:99:39:d3:59:15:94:c1:85:c6:28:69:3f:e9:a8:c3:89:ac: 75:68:37:7c:90:3c:24:d4:68:4a:94:53:be:28:e8:9f:6d:c7: c7:28:55:a7:0c:44:a1:af:5f:b6:1f:75:42:fa:c7:69:f2:0b: 4b:0b:fc:bb:b8:e1:2b:5a:de:34:65:e5:ea:d0:26:fe:ff:51: a0:72:7b:2d:53:ae:94:55:2c:81:ce:cd:5d:73:15:d8:0e:01: b8:4d:25:ca:02:36:60:e9:b2:0e:87:dd:8d:1f:1e:34:6c:31: bb:7b:6c:8c:2d:10:37:9a:b8:90:7c:b9:d3:68:68:aa:a4:c3: 15:d8:f3:86:89:ab:0a:8e:ff:5a:4d:4a:df:c0:ab:3a:3f:79: de:fd:ed:6c:75:49:3a:d3:f3:fa:2d:61:80:23:ea:57:d8:53: d7:77:c4:b1:0a:de:f8:02:04:d1:80:e1:6a:45:c6:fa:7e:a3: d8:84:e0:41:f7:ff:39:05:eb:65:0c:01:88:ed:5c:5a:2d:2b: 5b:fc:58:65:28:eb:0d:b5:9c:5d:99:96:3e:79:0b:46:45:b3: 22:e3:1a:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOksqfxwEDkHc0Fv8mSntpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTIyZmNiNTRhMDkxZDY5MTNmZmU5ZmFmYjk4M2M1N2E0 YWMyMmMwHhcNMjUxMjExMTgwMDU5WhcNMjUxMjEyMTgwMDU5WjAzMTEwLwYDVQQD Eyg5Zjg0NjVhM2NiM2FmZDZlNGZiMjg4YTQ2NmU5MzkxYWUzOTJiOWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LzBRZfChZT2gA2ite58EulAV7VO VF1DmXzDqaripzilfNgbULhktu98TD4SQNmOUbv+HeBaWJlzfbNEAHKg9BLVQcnS H2gFWcu4+00+fBg8P+FQQU9opO2rGzDOTc0Vp+m+O9jeohCuz7BA6dw58Tt8Sdb1 t8jwMYN+IhsUH9Bl0k0IOypW4jk36GeRRzMw2+DyEqykdOeGdlBBv3U0/ZzGV2ld FpPVP7KPVopGMhLCpAsIWmJmsfy6GMIfK1/1cm8CxzWtRoZGEh3gV60Ov3VWRFhf L8FX3GUo0fUsBSIftd6oEqOFuGyVgj5zPzDddf0VgXKq52bIsxsFN9z2nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ+EZaPLOv1uT7KIpGbpORrjkrnJMB8GA1UdIwQY MBaAFKCiL8tUoJHWkT/+n6+5g8V6SsIsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kZjNiMzAtMWJhOS00YzRiLWFhMGMt ZjkyN2U1ODJlYmY5LzEvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9kZjNiMzAtMWJhOS00YzRiLWFhMGMtZjkyN2U1ODJlYmY5 LzEvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAquBP/D3a yIDDG/qn8O8moKG+/VeKoQUp1EGZWEdGVUPWfdPmMZk501kVlMGFxihpP+mow4ms dWg3fJA8JNRoSpRTvijon23HxyhVpwxEoa9fth91QvrHafILSwv8u7jhK1reNGXl 6tAm/v9RoHJ7LVOulFUsgc7NXXMV2A4BuE0lygI2YOmyDofdjR8eNGwxu3tsjC0Q N5q4kHy502hoqqTDFdjzhomrCo7/Wk1K38CrOj953v3tbHVJOtPz+i1hgCPqV9hT 13fEsQre+AIE0YDhakXG+n6j2ITgQff/OQXrZQwBiO1cWi0rW/xYZSjrDbWcXZmW PnkLRkWzIuMaAA== -----END CERTIFICATE-----Generated at Thu Dec 11 23:07:47 2025 by rpki-client