This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft File: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json) Hash identifier: dbkzneDhm9lNX+vhIR/CA8OdEpLb/FPKnopE833YMjw= Subject key identifier: 3E:CD:0B:B3:28:BB:B7:82:13:4D:D4:E9:92:D3:E2:A7:6B:1C:0A:1E Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 Certificate issuer: /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Certificate serial: 019B34C4520E70895717EBA0BDB6C1E9791F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft Manifest number: 1781 Signing time: Fri 19 Dec 2025 04:00:39 +0000 Manifest this update: Fri 19 Dec 2025 04:00:39 +0000 Manifest next update: Sat 20 Dec 2025 04:00:39 +0000 Files and hashes: 1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: ySwfJq2gBPjL5JCa74fM+we63PyaTKODezP7qYB9dCQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:52:0e:70:89:57:17:eb:a0:bd:b6:c1:e9:79:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Validity Not Before: Dec 19 04:00:39 2025 GMT Not After : Dec 20 04:00:39 2025 GMT Subject: CN=3ecd0bb328bbb782134dd4e992d3e2a76b1c0a1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:11:77:62:d3:5e:47:b1:0c:c4:e3:3d:1a:51: 70:1c:19:4b:97:6f:11:55:97:51:76:e8:60:7a:d2: 03:26:c2:f6:b6:c7:c4:3a:13:b4:77:f8:cc:b0:36: 53:56:ba:ce:b6:80:d2:d2:8a:03:bc:3b:03:73:63: 81:58:f1:7c:58:2c:47:6f:ed:67:ee:7e:37:08:7c: 94:e6:24:8c:7d:b4:e9:f3:cf:3f:7a:43:5e:b0:8f: da:dc:a1:5e:d6:8c:6a:0d:06:09:19:69:22:53:1a: 2d:ee:12:02:05:d8:45:0c:fb:25:1b:55:68:46:d5: dd:c6:92:f7:50:20:66:6f:f8:1f:95:ad:3d:a2:af: 0b:34:fc:8c:32:08:37:92:64:a1:ae:6e:81:bf:3a: 9a:72:94:09:88:1b:93:77:f3:da:d5:29:de:f0:b2: 1f:d2:68:4d:e2:a6:75:39:d5:cf:e7:fa:43:28:b6: 2f:0a:f0:dd:62:9e:4a:03:29:d1:f3:4d:9f:d5:03: 4b:9b:b6:6b:a6:6c:2a:e0:be:98:ba:5e:1a:3b:c9: 0d:a9:68:dd:cb:7d:6d:ae:a0:1b:af:ed:06:23:cd: b3:8f:02:78:f8:c5:9b:66:96:9f:8e:fd:12:08:e7: 4d:89:2a:a0:06:7c:f8:06:96:b2:75:2d:b9:69:7d: 01:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:CD:0B:B3:28:BB:B7:82:13:4D:D4:E9:92:D3:E2:A7:6B:1C:0A:1E X509v3 Authority Key Identifier: keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:dc:aa:83:ff:54:e4:33:0e:ca:a1:a7:35:80:a8:38:d4:61: 4f:54:72:d2:48:3e:08:77:3e:f2:c9:71:bc:fb:90:4e:cd:ff: 20:e8:5b:a7:6e:43:d1:1d:c0:af:b2:73:42:7a:a3:23:d4:6a: 67:1e:e5:88:c3:49:d4:8e:ea:be:01:02:3c:9c:f0:72:2c:08: b4:67:da:54:1e:12:10:27:01:39:f2:80:ff:34:60:63:28:28: 5f:8a:72:e9:38:60:06:86:09:fd:cb:71:35:c3:c3:82:73:52: 29:5e:7f:6b:bf:a2:e5:82:2f:25:bc:e0:82:21:52:4e:e1:72: 05:e1:a1:02:74:71:98:37:89:64:8b:10:87:1d:97:71:bc:33: 81:61:10:15:f5:07:fa:c0:c4:b3:6d:fc:c7:8d:f8:06:64:04: d6:f6:f7:49:73:0b:c3:3c:4f:45:39:fa:03:97:3b:34:47:bf: 9d:8c:52:29:f9:d9:9b:3c:ad:31:a5:92:dd:29:8b:81:28:d2: 78:f5:09:83:bc:10:51:6a:01:57:04:e7:1d:9e:27:59:5d:f4: da:ff:6f:fd:df:e4:f6:61:26:c4:d1:b5:97:69:bc:d0:73:47: 59:e0:fa:02:ff:c4:7c:7f:24:05:84:4b:25:cf:d2:0b:6a:55: c9:c6:9c:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xFIOcIlXF+ugvbbB6XkfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh ZmVhYTcwHhcNMjUxMjE5MDQwMDM5WhcNMjUxMjIwMDQwMDM5WjAzMTEwLwYDVQQD EygzZWNkMGJiMzI4YmJiNzgyMTM0ZGQ0ZTk5MmQzZTJhNzZiMWMwYTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhF3YtNeR7EMxOM9GlFwHBlLl28R VZdRduhgetIDJsL2tsfEOhO0d/jMsDZTVrrOtoDS0ooDvDsDc2OBWPF8WCxHb+1n 7n43CHyU5iSMfbTp888/ekNesI/a3KFe1oxqDQYJGWkiUxot7hICBdhFDPslG1Vo RtXdxpL3UCBmb/gfla09oq8LNPyMMgg3kmShrm6BvzqacpQJiBuTd/Pa1Sne8LIf 0mhN4qZ1OdXP5/pDKLYvCvDdYp5KAynR802f1QNLm7Zrpmwq4L6Yul4aO8kNqWjd y31trqAbr+0GI82zjwJ4+MWbZpafjv0SCOdNiSqgBnz4BpaydS25aX0BeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD7NC7Mou7eCE03U6ZLT4qdrHAoeMB8GA1UdIwQY MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGdyqg/9U 5DMOyqGnNYCoONRhT1Ry0kg+CHc+8slxvPuQTs3/IOhbp25D0R3Ar7JzQnqjI9Rq Zx7liMNJ1I7qvgECPJzwciwItGfaVB4SECcBOfKA/zRgYygoX4py6ThgBoYJ/ctx NcPDgnNSKV5/a7+i5YIvJbzggiFSTuFyBeGhAnRxmDeJZIsQhx2XcbwzgWEQFfUH +sDEs238x434BmQE1vb3SXMLwzxPRTn6A5c7NEe/nYxSKfnZmzytMaWS3SmLgSjS ePUJg7wQUWoBVwTnHZ4nWV302v9v/d/k9mEmxNG1l2m80HNHWeD6Av/EfH8kBYRL Jc/SC2pVycacGA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:41:05 2025 by rpki-client