This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft File: OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft (raw, json) Hash identifier: eFCL8TLF4VM1W+0vk6LlsZBnJ9M/VF/iaf16e1qteRw= Subject key identifier: 29:95:B7:94:DC:7F:4B:D3:58:CD:A6:65:97:90:D3:B3:60:27:9D:23 Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b Certificate serial: 019B2175F1A89724C2F33B96CF8F87958B59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft Manifest number: 177E Signing time: Mon 15 Dec 2025 10:02:16 +0000 Manifest this update: Mon 15 Dec 2025 10:02:16 +0000 Manifest next update: Tue 16 Dec 2025 10:02:16 +0000 Files and hashes: 1: 5r0GrYVoAysKJDuHDPTj-1MVWCQ.roa (hash: XAzmjxdrpIx5mLyehPHseK/+jaakSPTIZ07v9R3ktfQ=) 2: 7gpUO99SfoacmIWvz5o-z3ESpPc.roa (hash: jBBU4x8HtuG0AJgjijT3pv++S+IgCjRtCv3AjftIABQ=) 3: JOJ9b2WkEIXJpzQl9CDXk_CHY94.roa (hash: SAmYAd0xvQRGMk1x62ICIfIVJyfWTunRcVeOhZ1E3l0=) 4: OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl (hash: 61jYFQ32Pz9CqXRl00cLC/YELLwcDH6EpxyidzJMOiA=) 5: _MMbboen6fjGZxdl1sjrAWa0F6o.roa (hash: lasMNF+CDNUkmhfnkFUMcQ2+Q/sn4RwC142SJaDCsYo=) 6: qTT5EzYYejgHx_-gozkgtiyWSxE.roa (hash: WcMM5EKO8L7zVDvgOOXzTCPHLyfkpMtxpa7CTFKHemk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:f1:a8:97:24:c2:f3:3b:96:cf:8f:87:95:8b:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b Validity Not Before: Dec 15 10:02:16 2025 GMT Not After : Dec 16 10:02:16 2025 GMT Subject: CN=2995b794dc7f4bd358cda6659790d3b360279d23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:1f:64:27:53:db:3b:24:e1:5f:50:66:53:3e: 27:44:bb:aa:b2:dc:4a:2c:93:dd:90:69:cc:e9:be: 46:0f:e2:90:ed:83:b5:4c:c9:24:8e:e2:e3:6f:1e: 0c:57:fb:41:61:c1:03:65:ed:50:b0:2b:9f:d5:d5: 20:4f:ae:2b:84:b3:65:9f:30:ba:ff:49:93:c4:28: f5:53:78:a6:95:03:8f:2e:5c:9f:05:04:77:93:5d: 67:52:ad:a6:39:66:10:69:f1:8f:e6:41:b4:36:f4: a7:37:c7:fb:14:62:12:c1:c6:0f:cf:b1:23:5f:9d: a6:14:ed:c1:22:e7:7c:ec:9e:a0:d6:64:10:b0:84: 9c:4c:e9:ad:ea:7f:79:c2:5a:e6:0e:e7:69:e0:a2: 3e:02:77:82:df:2e:cd:8e:01:30:30:af:ff:bd:25: 82:e3:60:5b:07:75:f1:84:e6:19:00:a0:53:74:15: 3a:54:20:69:34:b8:af:bd:8b:f0:a2:8f:fc:14:1d: 67:c3:92:59:55:61:91:15:74:f7:5f:8e:07:99:22: ce:8a:e2:a3:c1:35:6f:41:5f:37:24:51:f8:05:57: 00:81:bc:47:eb:23:bb:98:51:73:20:c0:d2:01:d8: 0f:e8:3f:56:ea:b5:f3:9e:5a:7d:c3:3e:58:a8:bf: c8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:95:B7:94:DC:7F:4B:D3:58:CD:A6:65:97:90:D3:B3:60:27:9D:23 X509v3 Authority Key Identifier: keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:99:53:08:ac:b0:be:66:41:33:d3:19:f2:e4:85:1a:d4:7a: 12:48:7c:c7:14:92:ef:d4:4d:21:38:32:a5:93:47:03:ca:e8: 1c:9e:f6:39:64:27:e4:6b:19:ef:6f:2a:74:93:86:d3:52:4a: d6:d1:9e:2d:7e:ee:13:75:75:bc:14:1f:de:8f:89:63:c1:1d: 12:76:2c:76:89:81:c5:1e:a4:eb:4d:1f:ef:6f:15:e6:0d:a8: 7e:ac:8a:29:45:56:64:22:e1:b8:94:d4:11:1e:66:9b:64:6d: f5:4b:87:0e:1c:19:5b:fb:58:a1:6b:4c:25:a9:da:57:54:d4: bf:34:4f:3e:7e:99:d4:c6:a4:f2:14:75:81:00:1d:0c:74:70: 46:db:be:d2:b9:2f:98:2d:0b:67:5b:71:6f:e2:2f:2a:24:2c: 3b:05:59:a4:8e:e5:1b:dd:6d:f6:b3:49:58:d5:e9:6b:56:43: c5:75:8a:ae:52:1e:ba:f4:64:48:6b:8e:02:33:dc:ad:36:34: 81:32:cc:b5:23:4a:3a:a2:84:3a:5f:4f:7f:43:c2:19:75:3b: 59:43:36:fb:e3:d6:ae:82:42:0e:5b:7d:40:19:58:62:e0:d2: 4e:34:e0:af:dd:89:e3:64:da:d8:7e:e3:26:a3:3c:77:c5:e9: 65:da:25:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdfGolyTC8zuWz4+HlYtZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk ODI0MGIwHhcNMjUxMjE1MTAwMjE2WhcNMjUxMjE2MTAwMjE2WjAzMTEwLwYDVQQD EygyOTk1Yjc5NGRjN2Y0YmQzNThjZGE2NjU5NzkwZDNiMzYwMjc5ZDIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB9kJ1PbOyThX1BmUz4nRLuqstxK LJPdkGnM6b5GD+KQ7YO1TMkkjuLjbx4MV/tBYcEDZe1QsCuf1dUgT64rhLNlnzC6 /0mTxCj1U3imlQOPLlyfBQR3k11nUq2mOWYQafGP5kG0NvSnN8f7FGISwcYPz7Ej X52mFO3BIud87J6g1mQQsIScTOmt6n95wlrmDudp4KI+AneC3y7NjgEwMK//vSWC 42BbB3XxhOYZAKBTdBU6VCBpNLivvYvwoo/8FB1nw5JZVWGRFXT3X44HmSLOiuKj wTVvQV83JFH4BVcAgbxH6yO7mFFzIMDSAdgP6D9W6rXznlp9wz5YqL/I5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCmVt5Tcf0vTWM2mZZeQ07NgJ50jMB8GA1UdIwQY MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt MWQ3MDNiNDk2NjM0LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0 LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZlTCKyw vmZBM9MZ8uSFGtR6Ekh8xxSS79RNITgypZNHA8roHJ72OWQn5GsZ728qdJOG01JK 1tGeLX7uE3V1vBQf3o+JY8EdEnYsdomBxR6k600f728V5g2ofqyKKUVWZCLhuJTU ER5mm2Rt9UuHDhwZW/tYoWtMJanaV1TUvzRPPn6Z1Mak8hR1gQAdDHRwRtu+0rkv mC0LZ1txb+IvKiQsOwVZpI7lG91t9rNJWNXpa1ZDxXWKrlIeuvRkSGuOAjPcrTY0 gTLMtSNKOqKEOl9Pf0PCGXU7WUM2++PWroJCDlt9QBlYYuDSTjTgr92J42Ta2H7j JqM8d8XpZdolSQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:54:45 2025 by rpki-client