This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft File: oNki4v4kvSzaeToqrcEzYlAM2bE.mft (raw, json) Hash identifier: e4ldV2y37X0msGk7vJ9l3DzQ+c1NXx08W+LZ/SbzT4Y= Subject key identifier: B7:A9:14:06:0E:CA:05:75:B2:50:D1:8F:E9:C9:EC:C1:CC:9E:EA:19 Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1 Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1 Certificate serial: 019B3757DDB388D77A8947E51107A92BC635 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft Manifest number: 0D88 Signing time: Fri 19 Dec 2025 16:01:03 +0000 Manifest this update: Fri 19 Dec 2025 16:01:03 +0000 Manifest next update: Sat 20 Dec 2025 16:01:03 +0000 Files and hashes: 1: QU8GopeOlHwkTprCT-S3aTgX93c.roa (hash: wdEn+nBxYgSylw1Zt9va3XXWns8S/pGLaLLxEZ/5irY=) 2: oNki4v4kvSzaeToqrcEzYlAM2bE.crl (hash: 33JISKqKx3WLq7hTSnOSjIjMqXR9SuZ+SVdHDE5VB70=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:57:dd:b3:88:d7:7a:89:47:e5:11:07:a9:2b:c6:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1 Validity Not Before: Dec 19 16:01:03 2025 GMT Not After : Dec 20 16:01:03 2025 GMT Subject: CN=b7a914060eca0575b250d18fe9c9ecc1cc9eea19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7e:62:c0:d4:e6:55:7b:b8:d7:1b:70:a9:34: 87:8b:4d:ee:dc:cb:72:74:71:77:c4:2a:6e:df:47: 20:c5:2e:ee:95:94:93:cc:aa:4d:3f:3f:14:95:83: d0:5e:23:aa:b2:91:74:e4:c4:d7:aa:53:74:03:cc: 56:9d:28:a9:25:36:1b:57:33:1e:ce:ad:b4:ee:5a: ac:16:29:1d:1d:95:00:ff:5d:5a:12:6e:a1:79:4b: df:e6:bf:2a:6b:b8:9e:f1:98:99:57:f4:50:ba:ad: 82:96:f6:e8:c5:56:85:83:d2:bb:be:58:90:31:31: 3b:e4:81:c1:ea:34:2b:6d:e5:3b:ad:5b:15:f6:17: 14:33:b1:10:17:2b:20:7c:7f:02:08:51:26:1d:68: c2:3d:94:52:df:8a:3f:24:78:2b:fa:85:5b:ac:aa: 17:1f:1b:70:aa:ee:61:d2:e8:aa:5a:40:8b:04:93: 50:e6:b2:fd:4a:d2:65:3f:0c:4e:fc:fe:e9:f1:44: 87:dd:9b:13:1b:9b:9d:ed:4c:bb:b7:71:7f:cc:ab: 91:6a:19:ff:70:6a:ad:e7:f3:23:6a:d1:68:8e:47: d3:a7:74:40:ee:dc:09:8d:ea:cc:c0:c2:1c:5d:28: bd:1a:ef:b1:50:39:4e:e5:d6:18:58:dd:cf:7a:f1: 1a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A9:14:06:0E:CA:05:75:B2:50:D1:8F:E9:C9:EC:C1:CC:9E:EA:19 X509v3 Authority Key Identifier: keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:b7:ce:ff:bd:85:63:be:02:a8:fe:e1:ae:f5:ea:7e:4e:3f: 7f:aa:a0:7b:82:53:5d:70:11:74:f8:82:f2:23:1f:7e:e6:32: aa:0b:d3:b8:f2:55:3f:16:1f:1b:44:bb:9c:82:26:fc:1c:5f: 95:7c:7e:92:22:55:09:f1:cd:13:59:7d:fb:4b:0c:21:00:27: 1a:4e:1e:93:16:70:06:4a:45:77:72:13:8f:f7:52:78:22:cf: e6:3c:62:2d:0b:cc:32:15:c1:fa:83:c5:f0:9f:39:2d:03:b5: c6:90:89:6e:c6:6c:68:4e:7d:6f:b8:b5:49:85:28:12:77:77: 07:8e:e3:e9:fa:3b:8e:26:e9:03:38:8d:3a:ee:ff:e3:f1:e8: d0:c6:57:35:63:77:45:f0:7f:f0:33:1e:c6:56:45:a3:11:fc: 6e:b0:62:ef:e4:80:9d:f4:4e:6c:7e:23:78:50:f0:14:1f:db: 46:5a:57:7b:90:81:eb:4f:f1:39:c6:1c:ed:b0:76:db:f8:02: 29:1f:20:ef:09:ac:71:45:82:01:32:01:2a:ab:9d:98:5c:ed: 2a:c3:31:ff:e7:f8:8b:4e:91:f1:64:b0:eb:09:dc:d2:97:2f: 36:ed:42:82:27:78:f0:9a:e5:d9:5e:2f:1a:2c:31:69:cc:1b: 7c:08:c6:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3V92ziNd6iUflEQepK8Y1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw Y2Q5YjEwHhcNMjUxMjE5MTYwMTAzWhcNMjUxMjIwMTYwMTAzWjAzMTEwLwYDVQQD EyhiN2E5MTQwNjBlY2EwNTc1YjI1MGQxOGZlOWM5ZWNjMWNjOWVlYTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH5iwNTmVXu41xtwqTSHi03u3Mty dHF3xCpu30cgxS7ulZSTzKpNPz8UlYPQXiOqspF05MTXqlN0A8xWnSipJTYbVzMe zq207lqsFikdHZUA/11aEm6heUvf5r8qa7ie8ZiZV/RQuq2ClvboxVaFg9K7vliQ MTE75IHB6jQrbeU7rVsV9hcUM7EQFysgfH8CCFEmHWjCPZRS34o/JHgr+oVbrKoX Hxtwqu5h0uiqWkCLBJNQ5rL9StJlPwxO/P7p8USH3ZsTG5ud7Uy7t3F/zKuRahn/ cGqt5/MjatFojkfTp3RA7twJjerMwMIcXSi9Gu+xUDlO5dYYWN3PevEaPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLepFAYOygV1slDRj+nJ7MHMnuoZMB8GA1UdIwQY MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt NGE2YWNlMjZiOTcyLzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbfO/72F Y74CqP7hrvXqfk4/f6qge4JTXXARdPiC8iMffuYyqgvTuPJVPxYfG0S7nIIm/Bxf lXx+kiJVCfHNE1l9+0sMIQAnGk4ekxZwBkpFd3ITj/dSeCLP5jxiLQvMMhXB+oPF 8J85LQO1xpCJbsZsaE59b7i1SYUoEnd3B47j6fo7jibpAziNOu7/4/Ho0MZXNWN3 RfB/8DMexlZFoxH8brBi7+SAnfRObH4jeFDwFB/bRlpXe5CB60/xOcYc7bB22/gC KR8g7wmscUWCATIBKqudmFztKsMx/+f4i06R8WSw6wnc0pcvNu1Cgid48Jrl2V4v GiwxacwbfAjGYg== -----END CERTIFICATE-----Generated at Sat Dec 20 02:03:18 2025 by rpki-client