This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json) Hash identifier: kFrSqdvslIlHiiY8SVHMZsb0if/xVtTy4QznQ+e7BKk= Subject key identifier: 77:2F:FD:3F:17:1F:0E:48:45:A2:0F:98:CC:A4:EE:C5:4C:24:D7:BC Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b Certificate serial: 019B5BD2F1470C63D16D52128E426BCAA089 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft Manifest number: 0E7E Signing time: Fri 26 Dec 2025 18:01:49 +0000 Manifest this update: Fri 26 Dec 2025 18:01:49 +0000 Manifest next update: Sat 27 Dec 2025 18:01:49 +0000 Files and hashes: 1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=) 2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: lTlsbB/jgInEqMlfIePIxNWwa38n1+5YcCxurc8HTZM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:d2:f1:47:0c:63:d1:6d:52:12:8e:42:6b:ca:a0:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b Validity Not Before: Dec 26 18:01:49 2025 GMT Not After : Dec 27 18:01:49 2025 GMT Subject: CN=772ffd3f171f0e4845a20f98cca4eec54c24d7bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:35:7b:a7:ad:1a:4d:65:26:d9:2f:fc:ed:84: 23:65:ed:63:f8:0e:4c:28:d7:7a:d1:0d:b6:eb:f0: 64:84:e7:1e:38:a5:cc:37:09:34:8c:50:96:63:32: 10:c3:e1:f7:86:91:5c:71:ff:4e:ad:3e:5f:8c:35: 0c:d7:1e:48:d8:3c:ba:69:5b:4b:aa:3c:bc:f2:11: 26:f4:4e:7f:22:01:13:90:51:2e:8f:aa:39:68:24: 7f:cd:27:8e:c3:ce:ef:fc:6b:70:8f:ec:2c:d8:49: 00:ee:d6:fe:1d:ae:92:1f:66:7a:1a:5d:aa:41:f8: 52:18:b2:0c:8a:80:77:b5:09:70:de:53:b4:83:20: 5c:e3:52:9c:63:35:61:11:d1:23:ba:8f:52:f1:0a: 9d:b6:17:a3:b9:68:b7:54:60:a0:5d:5c:8b:78:05: 5b:6b:39:37:30:aa:d0:c3:52:54:b8:96:49:7f:04: b6:d6:36:75:cb:90:85:8a:79:b1:c7:d1:9f:3a:59: 77:d5:d4:77:fb:f1:60:ac:b3:df:8e:1e:f0:14:c4: 74:d6:e3:d6:b7:b8:62:c2:e8:6c:df:92:68:d8:1e: 3d:48:cc:f3:aa:ba:91:00:00:da:64:c1:f8:26:91: dc:76:8a:48:2e:8e:da:a6:9c:cc:b6:39:23:d1:c4: 53:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:2F:FD:3F:17:1F:0E:48:45:A2:0F:98:CC:A4:EE:C5:4C:24:D7:BC X509v3 Authority Key Identifier: keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:c4:ac:13:38:f3:2e:9e:48:16:a4:28:eb:31:d1:db:9d:1d: ad:34:59:dc:85:ba:54:b4:81:91:56:e9:ea:b6:d4:f5:7c:e4: 31:a7:ff:fa:3b:66:99:26:85:ae:3a:83:83:3e:8e:66:ef:be: 21:a1:9e:8a:64:b0:64:c9:c5:e2:a7:6f:1c:df:9f:ea:e0:17: af:53:7c:28:cb:8d:bb:78:f9:61:32:21:7a:67:05:80:9a:b4: 24:28:f1:50:be:d1:c9:b1:d2:8c:54:30:c3:ff:d1:b0:99:e6: c3:3b:b8:d8:c1:74:08:f7:2c:ad:8c:3d:ec:4b:e3:a5:96:cc: 2b:8e:d4:40:60:e6:00:b5:51:6a:a3:df:30:4d:73:c7:94:73: f3:ff:23:c9:44:c4:80:85:66:34:9a:f0:be:ca:4d:1d:30:44: 7d:df:66:71:17:92:e0:42:8d:2b:6f:e8:8a:4b:7a:c3:df:75: 80:d7:1a:b2:b7:6d:91:02:a1:47:da:35:82:86:c1:aa:40:9b: 41:66:d2:16:a8:05:43:f8:f1:65:3c:4e:4d:1e:6f:8c:b0:bb: ad:39:5c:17:cb:00:b9:b5:b6:2b:69:ac:d0:79:71:b7:b0:2f: da:d2:9d:78:a8:ab:5d:85:8f:38:a2:81:d0:57:be:f7:5d:73: 54:39:3b:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtb0vFHDGPRbVISjkJryqCJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5 NDdjMmIwHhcNMjUxMjI2MTgwMTQ5WhcNMjUxMjI3MTgwMTQ5WjAzMTEwLwYDVQQD Eyg3NzJmZmQzZjE3MWYwZTQ4NDVhMjBmOThjY2E0ZWVjNTRjMjRkN2JjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTV7p60aTWUm2S/87YQjZe1j+A5M KNd60Q226/BkhOceOKXMNwk0jFCWYzIQw+H3hpFccf9OrT5fjDUM1x5I2Dy6aVtL qjy88hEm9E5/IgETkFEuj6o5aCR/zSeOw87v/Gtwj+ws2EkA7tb+Ha6SH2Z6Gl2q QfhSGLIMioB3tQlw3lO0gyBc41KcYzVhEdEjuo9S8QqdthejuWi3VGCgXVyLeAVb azk3MKrQw1JUuJZJfwS21jZ1y5CFinmxx9GfOll31dR3+/FgrLPfjh7wFMR01uPW t7hiwuhs35Jo2B49SMzzqrqRAADaZMH4JpHcdopILo7appzMtjkj0cRTdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHcv/T8XHw5IRaIPmMyk7sVMJNe8MB8GA1UdIwQY MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWsSsEzjz Lp5IFqQo6zHR250drTRZ3IW6VLSBkVbp6rbU9XzkMaf/+jtmmSaFrjqDgz6OZu++ IaGeimSwZMnF4qdvHN+f6uAXr1N8KMuNu3j5YTIhemcFgJq0JCjxUL7RybHSjFQw w//RsJnmwzu42MF0CPcsrYw97EvjpZbMK47UQGDmALVRaqPfME1zx5Rz8/8jyUTE gIVmNJrwvspNHTBEfd9mcReS4EKNK2/oikt6w991gNcasrdtkQKhR9o1gobBqkCb QWbSFqgFQ/jxZTxOTR5vjLC7rTlcF8sAubW2K2ms0Hlxt7Av2tKdeKirXYWPOKKB 0Fe+911zVDk7AQ== -----END CERTIFICATE-----Generated at Fri Dec 26 22:37:56 2025 by rpki-client