This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft File: oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json) Hash identifier: f4/aFdnGJUkrixU0HCAxMSTPnKdj3wGQFDMCGlhFyTI= Subject key identifier: 1E:A8:7A:CE:65:76:FC:CF:58:A1:48:39:A1:75:C2:E7:4B:F9:6F:6B Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10 Certificate issuer: /CN=a223d15344c02a551e63f831c604f80dbec4ba10 Certificate serial: 019B405C3DD4C334B51816DCC2D6A01D36D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft Manifest number: 0BDF Signing time: Sun 21 Dec 2025 10:02:25 +0000 Manifest this update: Sun 21 Dec 2025 10:02:25 +0000 Manifest next update: Mon 22 Dec 2025 10:02:25 +0000 Files and hashes: 1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: oCO18+7hoOkST5Zfbfqh1JWPA6U09Er2HryGW8Q1wrc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:02:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:3d:d4:c3:34:b5:18:16:dc:c2:d6:a0:1d:36:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10 Validity Not Before: Dec 21 10:02:25 2025 GMT Not After : Dec 22 10:02:25 2025 GMT Subject: CN=1ea87ace6576fccf58a14839a175c2e74bf96f6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:bf:bf:66:54:eb:4c:02:f0:69:76:28:87:52: 10:c8:1d:4d:be:30:91:66:cd:af:92:21:6a:7d:d4: 05:87:c9:7a:9d:75:35:c9:29:9b:54:29:6c:da:0e: 17:f7:dd:59:7a:cc:37:0c:17:03:ad:a0:03:a1:ea: a1:73:9c:b8:9b:f2:36:03:56:89:51:fa:52:60:90: bd:b5:d9:ec:5d:78:ab:96:a4:b8:17:a8:ec:7b:39: 76:17:9c:5b:00:88:b2:4b:11:d7:94:bd:0a:9c:a4: f7:e0:9f:82:3a:be:55:53:4e:85:ba:ab:57:f4:37: 67:68:04:2e:96:89:0a:85:2d:b6:6f:77:fb:ef:df: 5a:42:25:92:9f:1f:5b:33:ef:25:a4:2e:8a:b0:a0: e9:a4:fb:c8:62:c3:dc:5c:49:27:3e:27:bc:78:69: 93:62:42:5c:fe:b6:34:17:d0:60:aa:96:99:04:05: a1:f2:2b:fb:41:b3:8e:b8:4e:1e:e0:02:a3:97:e2: ca:b1:51:6b:48:20:22:72:c8:3d:e0:e8:20:c3:9e: cf:06:d0:c0:b0:2f:38:a7:53:bf:cd:b3:9b:44:97: 64:b3:1f:ec:eb:7e:7f:e5:12:cd:54:5e:39:e8:d6: b3:f4:4e:c3:66:05:23:3b:fe:a4:13:44:00:2c:c9: 6b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A8:7A:CE:65:76:FC:CF:58:A1:48:39:A1:75:C2:E7:4B:F9:6F:6B X509v3 Authority Key Identifier: keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:05:81:2b:62:a0:c9:cb:a2:f1:9d:aa:80:b0:9b:d8:a1:8b: e7:a3:83:f7:e8:a0:af:a9:b4:31:57:b4:a3:4a:f6:d7:1b:56: 96:35:e3:de:7b:05:7d:17:47:15:f5:83:08:f6:91:4c:93:47: 52:54:29:98:1a:72:ea:b7:a3:76:36:8f:83:f2:df:18:6c:b9: 08:f9:e1:c5:29:3e:b0:e6:0d:18:1a:74:6c:77:72:1c:75:55: bd:69:1d:a1:41:84:ae:9d:12:6e:75:08:a9:30:fb:2d:73:94: 7a:db:5a:94:2d:d1:50:64:32:a8:6a:99:dd:98:30:7d:de:df: fc:ab:fb:d7:70:c1:79:85:89:af:ec:7b:4f:bf:a6:4c:38:9f: 28:21:00:79:61:1a:88:86:42:18:cf:80:2a:0b:87:87:2d:35: 46:9f:44:63:4d:06:04:d0:c7:21:7b:9a:17:96:31:16:70:6f: 82:ac:89:7b:d2:05:e6:a5:b1:86:3b:81:87:79:dc:3c:26:b4: c8:e2:97:ef:f0:f1:ba:e8:ee:30:ff:6a:39:a0:ed:f5:ee:19: cd:91:6c:44:22:ca:31:16:04:f8:bd:cb:07:6b:13:ec:cf:88: 5c:6c:5e:54:57:f6:91:10:99:59:93:e5:df:dd:0f:15:6c:91: 68:f1:9f:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXD3UwzS1GBbcwtagHTbVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj NGJhMTAwHhcNMjUxMjIxMTAwMjI1WhcNMjUxMjIyMTAwMjI1WjAzMTEwLwYDVQQD EygxZWE4N2FjZTY1NzZmY2NmNThhMTQ4MzlhMTc1YzJlNzRiZjk2ZjZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb+/ZlTrTALwaXYoh1IQyB1NvjCR Zs2vkiFqfdQFh8l6nXU1ySmbVCls2g4X991Zesw3DBcDraADoeqhc5y4m/I2A1aJ UfpSYJC9tdnsXXirlqS4F6jsezl2F5xbAIiySxHXlL0KnKT34J+COr5VU06FuqtX 9DdnaAQulokKhS22b3f7799aQiWSnx9bM+8lpC6KsKDppPvIYsPcXEknPie8eGmT YkJc/rY0F9BgqpaZBAWh8iv7QbOOuE4e4AKjl+LKsVFrSCAicsg94Oggw57PBtDA sC84p1O/zbObRJdksx/s635/5RLNVF456Naz9E7DZgUjO/6kE0QALMlrWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB6oes5ldvzPWKFIOaF1wudL+W9rMB8GA1UdIwQY MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4 LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAowWBK2Kg ycui8Z2qgLCb2KGL56OD9+igr6m0MVe0o0r21xtWljXj3nsFfRdHFfWDCPaRTJNH UlQpmBpy6rejdjaPg/LfGGy5CPnhxSk+sOYNGBp0bHdyHHVVvWkdoUGErp0SbnUI qTD7LXOUettalC3RUGQyqGqZ3Zgwfd7f/Kv713DBeYWJr+x7T7+mTDifKCEAeWEa iIZCGM+AKguHhy01Rp9EY00GBNDHIXuaF5YxFnBvgqyJe9IF5qWxhjuBh3ncPCa0 yOKX7/DxuujuMP9qOaDt9e4ZzZFsRCLKMRYE+L3LB2sT7M+IXGxeVFf2kRCZWZPl 390PFWyRaPGf7A== -----END CERTIFICATE-----Generated at Sun Dec 21 19:27:20 2025 by rpki-client