This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft File: 1OKJaJepchZ45oRpOZOlqISQM2Q.mft (raw, json) Hash identifier: 3fEC2rB/UZvAjD+2zVMX1SjojRup2uDKk6l5fQk8FD8= Subject key identifier: 42:62:A4:E9:BB:C8:BE:08:DE:45:74:2F:D7:03:A0:6A:EB:66:68:CE Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64 Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364 Certificate serial: 019B175F01721A1EFF1AF0C320B75E570E80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft Manifest number: 1775 Signing time: Sat 13 Dec 2025 11:01:00 +0000 Manifest this update: Sat 13 Dec 2025 11:01:00 +0000 Manifest next update: Sun 14 Dec 2025 11:01:00 +0000 Files and hashes: 1: 1OKJaJepchZ45oRpOZOlqISQM2Q.crl (hash: PcVS1fT3BvaX4PHAEvZ4bz4ac4lzB68kYRUqHNc70MQ=) 2: WAQz-NVz1tPP197fB-7kdlHEMDo.roa (hash: EfunuE83nVqoEWqBwZZf7jU1FPr/i4YaWTLI4hd6d6w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:17:5f:01:72:1a:1e:ff:1a:f0:c3:20:b7:5e:57:0e:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4e2896897a9721678e684693993a5a884903364 Validity Not Before: Dec 13 11:01:00 2025 GMT Not After : Dec 14 11:01:00 2025 GMT Subject: CN=4262a4e9bbc8be08de45742fd703a06aeb6668ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:02:6f:90:11:ae:bc:f5:8d:72:31:31:33:7b: 80:57:b7:93:6c:1e:51:e1:09:cc:a6:9e:4b:86:1f: 4a:9f:30:2a:a1:b2:4f:e7:e1:37:4b:98:c9:52:06: 8e:77:1a:e4:74:c2:84:79:72:bc:12:10:a7:40:d0: 1c:38:77:0b:89:37:e2:42:0e:64:30:eb:38:e9:f0: 80:82:11:29:18:86:ba:23:8a:a6:18:d4:35:ee:32: 44:17:33:94:44:7a:71:b8:3b:be:e3:c7:8b:17:40: 9f:c8:1d:33:9f:8c:b7:20:1e:ca:71:a5:14:93:5c: 8c:f6:f5:a5:04:13:7b:af:3c:68:17:81:6a:74:bd: f7:8e:8f:44:9a:e4:1b:ad:8b:e9:97:21:0a:3b:1f: c5:f1:7f:3a:0a:d5:79:ea:d0:60:67:66:5a:b1:45: e1:91:21:df:b6:7a:69:ca:bd:96:d6:2c:82:cb:e3: fc:ba:df:39:35:45:5e:51:12:74:41:d6:23:cc:b2: 2c:dc:79:a4:70:4e:cb:3d:da:c4:d9:6e:53:aa:7a: fb:44:fd:b4:f6:d3:86:29:7c:0d:ab:e8:f7:01:92: db:26:31:31:e3:9a:28:1b:f7:95:9e:b3:10:85:a6: a6:3e:9f:87:26:33:77:98:48:16:bb:32:9a:4f:1b: ff:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:62:A4:E9:BB:C8:BE:08:DE:45:74:2F:D7:03:A0:6A:EB:66:68:CE X509v3 Authority Key Identifier: keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:f1:55:da:70:21:b5:57:de:27:6c:7a:46:27:75:c5:f5:c3: 54:e1:3e:bd:4e:1f:89:2d:02:b6:3f:f0:21:3d:0b:61:9b:f2: aa:94:09:69:b8:3a:31:0d:83:5e:43:84:64:56:e1:6e:20:b4: b2:3c:e7:5e:0c:03:d1:9a:02:36:c4:09:ad:6b:ab:fa:61:23: 67:31:67:0f:1b:0d:00:06:46:e0:23:47:29:88:ba:9d:c3:4b: ba:ec:aa:8b:e8:ab:dd:cb:3f:84:f8:04:b7:e7:f0:d8:ff:7c: 80:c7:76:2c:5e:af:61:8b:55:de:0a:59:91:74:05:cb:26:92: 81:46:66:31:47:21:03:24:fe:de:5d:d8:ee:3a:3a:bd:77:11: 19:af:40:0d:2b:2a:ff:e8:ee:b4:7b:ad:e1:fa:8a:63:5a:74: ed:89:fd:09:ad:09:d9:61:4d:86:0e:c0:0b:b7:fe:a8:1f:ff: cb:34:3a:66:89:22:8f:13:cf:d4:56:05:95:b0:de:51:03:48: 3d:4c:ce:f2:38:0a:19:45:b7:24:73:9d:07:f2:bb:b1:14:f3: 8b:88:7b:c6:c6:78:07:ab:91:83:72:eb:45:48:49:73:ee:cc: a8:c8:61:e8:09:55:59:99:0b:66:6a:cf:cb:63:e3:71:e8:b8: fa:18:d4:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsXXwFyGh7/GvDDILdeVw6AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5 MDMzNjQwHhcNMjUxMjEzMTEwMTAwWhcNMjUxMjE0MTEwMTAwWjAzMTEwLwYDVQQD Eyg0MjYyYTRlOWJiYzhiZTA4ZGU0NTc0MmZkNzAzYTA2YWViNjY2OGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQJvkBGuvPWNcjExM3uAV7eTbB5R 4QnMpp5Lhh9KnzAqobJP5+E3S5jJUgaOdxrkdMKEeXK8EhCnQNAcOHcLiTfiQg5k MOs46fCAghEpGIa6I4qmGNQ17jJEFzOURHpxuDu+48eLF0CfyB0zn4y3IB7KcaUU k1yM9vWlBBN7rzxoF4FqdL33jo9EmuQbrYvplyEKOx/F8X86CtV56tBgZ2ZasUXh kSHftnppyr2W1iyCy+P8ut85NUVeURJ0QdYjzLIs3HmkcE7LPdrE2W5Tqnr7RP20 9tOGKXwNq+j3AZLbJjEx45ooG/eVnrMQhaamPp+HJjN3mEgWuzKaTxv/bwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEJipOm7yL4I3kV0L9cDoGrrZmjOMB8GA1UdIwQY MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt ZTQ5N2Q0MGY0ZTJhLzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfFV2nAh tVfeJ2x6Rid1xfXDVOE+vU4fiS0Ctj/wIT0LYZvyqpQJabg6MQ2DXkOEZFbhbiC0 sjznXgwD0ZoCNsQJrWur+mEjZzFnDxsNAAZG4CNHKYi6ncNLuuyqi+ir3cs/hPgE t+fw2P98gMd2LF6vYYtV3gpZkXQFyyaSgUZmMUchAyT+3l3Y7jo6vXcRGa9ADSsq /+jutHut4fqKY1p07Yn9Ca0J2WFNhg7AC7f+qB//yzQ6ZokijxPP1FYFlbDeUQNI PUzO8jgKGUW3JHOdB/K7sRTzi4h7xsZ4B6uRg3LrRUhJc+7MqMhh6AlVWZkLZmrP y2Pjcei4+hjUDQ== -----END CERTIFICATE-----Generated at Sat Dec 13 21:17:17 2025 by rpki-client