This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json) Hash identifier: qcYHqkONus1Iggk7Wxhgx8sjD2F3pA6wp7D1mgolR9U= Subject key identifier: 37:CB:01:6B:74:89:5D:8A:A1:5F:7D:C6:31:A0:29:AE:03:CC:EF:50 Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590 Certificate serial: 019B1E3CC35B0B57377BD95B25CAEF19B0AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft Manifest number: 177C Signing time: Sun 14 Dec 2025 19:00:57 +0000 Manifest this update: Sun 14 Dec 2025 19:00:57 +0000 Manifest next update: Mon 15 Dec 2025 19:00:57 +0000 Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: 0Gd3I8yoeAVwTRNXzLqTkViYRo3ORgfQ5L46sp7cb4w=) 2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 19:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:3c:c3:5b:0b:57:37:7b:d9:5b:25:ca:ef:19:b0:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590 Validity Not Before: Dec 14 19:00:57 2025 GMT Not After : Dec 15 19:00:57 2025 GMT Subject: CN=37cb016b74895d8aa15f7dc631a029ae03ccef50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e5:ee:7e:c5:ef:9f:95:68:d1:c3:ae:ac:3c: 2f:12:7c:4e:2e:c6:9d:1b:c7:8e:58:24:fc:04:39: 28:28:dd:ce:30:26:e9:0b:0d:5f:a7:21:12:61:31: cc:8b:9d:43:27:c1:a2:c7:af:4a:e4:28:6c:1b:f3: d2:7e:e2:ae:46:25:36:57:3e:3b:fb:34:7f:8f:0f: 4a:cc:8c:3e:66:8b:0a:f8:53:eb:27:3f:34:14:41: 30:b9:b0:65:7e:fa:dd:76:e2:3c:fe:ae:ca:a9:35: 17:49:91:8f:80:c2:b6:4f:75:c7:44:10:6c:12:e9: f4:bd:cc:82:4a:ec:28:61:59:ce:22:da:6a:fe:1e: 14:62:dd:22:a9:3f:dc:29:9d:9a:e8:18:eb:fc:89: e6:bf:b6:1d:f5:f6:65:34:93:4c:4b:5a:19:f8:9c: d1:24:06:d3:21:59:5f:b6:94:44:75:41:51:a6:33: bb:be:c8:d8:36:e7:6f:4b:e6:ca:2e:e6:0c:fb:6c: 5f:26:6e:2c:e4:e1:d9:27:9a:0c:f8:33:bd:0d:92: be:d1:fa:5d:2a:c6:ee:1d:ba:21:9c:bf:71:ff:2f: 8d:86:6f:cf:2f:24:3b:31:4e:4a:fd:88:22:ee:49: b0:12:aa:c9:13:7d:4d:2a:d1:a2:95:17:ec:3c:7e: 78:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:CB:01:6B:74:89:5D:8A:A1:5F:7D:C6:31:A0:29:AE:03:CC:EF:50 X509v3 Authority Key Identifier: keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:f2:bf:2a:b2:ea:29:8d:9b:dc:a1:9f:6a:27:66:46:ef:48: 4f:df:93:32:4b:77:d8:42:44:b6:20:db:e4:ae:6f:98:b7:11: 4a:c2:d1:d8:2d:e1:bf:9d:ee:33:d2:3d:19:e1:15:2b:e4:2d: 02:89:51:60:32:db:1a:5d:77:12:b7:39:e6:90:0a:17:96:ee: d5:69:65:e2:6d:89:f6:48:c4:6d:19:3a:d6:90:65:00:bd:37: 08:d5:25:a7:c8:57:ba:d7:75:0b:06:e2:de:a9:92:6c:92:79: 66:3b:59:e3:25:74:85:cb:fb:c0:bd:72:93:f8:31:f5:98:ad: 12:89:1a:3e:33:06:79:47:7b:05:65:98:74:68:6f:b3:96:51: 7b:f5:f5:bb:2f:a6:07:f4:4d:aa:a0:2d:a3:b8:b4:0d:b2:88: 3f:cd:38:d2:93:b4:56:44:e4:33:dc:a1:7a:2e:ef:95:00:16: 82:33:08:fc:c9:2c:e4:20:6a:77:2a:32:1a:ed:e3:11:2f:6a: 9f:76:1f:eb:6a:e7:60:d4:2b:6c:28:55:5d:6d:c6:c3:2e:b3: bd:0b:bf:88:eb:c8:32:fd:f3:63:78:b5:47:bc:27:59:de:c9: 87:0c:25:4a:0e:ed:04:12:ce:36:05:7e:83:71:1b:d8:82:a0: a8:97:a1:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsePMNbC1c3e9lbJcrvGbCqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5 OTE1OTAwHhcNMjUxMjE0MTkwMDU3WhcNMjUxMjE1MTkwMDU3WjAzMTEwLwYDVQQD EygzN2NiMDE2Yjc0ODk1ZDhhYTE1ZjdkYzYzMWEwMjlhZTAzY2NlZjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOXufsXvn5Vo0cOurDwvEnxOLsad G8eOWCT8BDkoKN3OMCbpCw1fpyESYTHMi51DJ8Gix69K5ChsG/PSfuKuRiU2Vz47 +zR/jw9KzIw+ZosK+FPrJz80FEEwubBlfvrdduI8/q7KqTUXSZGPgMK2T3XHRBBs Eun0vcyCSuwoYVnOItpq/h4UYt0iqT/cKZ2a6Bjr/Inmv7Yd9fZlNJNMS1oZ+JzR JAbTIVlftpREdUFRpjO7vsjYNudvS+bKLuYM+2xfJm4s5OHZJ5oM+DO9DZK+0fpd KsbuHbohnL9x/y+Nhm/PLyQ7MU5K/Ygi7kmwEqrJE31NKtGilRfsPH545wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDfLAWt0iV2KoV99xjGgKa4DzO9QMB8GA1UdIwQY MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2 LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZvK/KrLq KY2b3KGfaidmRu9IT9+TMkt32EJEtiDb5K5vmLcRSsLR2C3hv53uM9I9GeEVK+Qt AolRYDLbGl13Erc55pAKF5bu1Wll4m2J9kjEbRk61pBlAL03CNUlp8hXutd1Cwbi 3qmSbJJ5ZjtZ4yV0hcv7wL1yk/gx9ZitEokaPjMGeUd7BWWYdGhvs5ZRe/X1uy+m B/RNqqAto7i0DbKIP8040pO0VkTkM9yhei7vlQAWgjMI/Mks5CBqdyoyGu3jES9q n3Yf62rnYNQrbChVXW3Gwy6zvQu/iOvIMv3zY3i1R7wnWd7JhwwlSg7tBBLONgV+ g3Eb2IKgqJehCQ== -----END CERTIFICATE-----Generated at Mon Dec 15 04:54:09 2025 by rpki-client