This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft File: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json) Hash identifier: ohZi/YmJIkWEvqoIN/2uUYZxnGzw4ASpe5jXjZhtMCM= Subject key identifier: CB:04:42:0A:FB:3B:8D:1B:0B:38:51:50:A2:09:52:91:F8:25:43:82 Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB Certificate issuer: /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb Certificate serial: 019B341FC40857C98972CD1F9659E0836600 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft Manifest number: 06A3 Signing time: Fri 19 Dec 2025 01:00:55 +0000 Manifest this update: Fri 19 Dec 2025 01:00:55 +0000 Manifest next update: Sat 20 Dec 2025 01:00:55 +0000 Files and hashes: 1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: xMMGvBkQNaTqkljccgowsLPcTw4SqxGfvVkr3ut0+W8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:1f:c4:08:57:c9:89:72:cd:1f:96:59:e0:83:66:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb Validity Not Before: Dec 19 01:00:55 2025 GMT Not After : Dec 20 01:00:55 2025 GMT Subject: CN=cb04420afb3b8d1b0b385150a2095291f8254382 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9d:0f:21:d1:8d:83:28:f2:2a:42:60:18:a4: 64:ea:27:de:81:00:e9:92:88:2a:04:b4:00:71:92: c6:f6:5d:46:5a:1b:77:ef:e8:6b:b7:59:c5:23:97: 81:be:14:df:c9:5e:13:00:50:88:17:a1:fd:85:34: 16:d8:0e:e3:a4:c8:ca:41:0d:b8:58:a2:0f:fb:eb: 0b:41:6b:da:54:d7:7c:ae:bc:a9:7b:9e:13:89:3c: 5d:02:d8:20:a2:76:e3:04:17:a7:26:86:9a:3a:d8: 32:b4:4d:f8:5e:bc:7b:89:62:4b:54:5e:86:3d:16: ed:d7:c2:82:43:e2:74:6a:8a:f6:f6:60:ce:bd:10: 64:fc:5a:5d:55:7a:d9:d6:93:01:e0:11:0d:54:f0: a7:57:a9:fb:54:8f:4a:05:14:dd:b3:4f:c3:d6:4c: f2:37:3d:b3:92:71:d7:d0:38:88:88:7a:52:f8:99: 88:7a:48:f4:90:e1:e5:bd:a7:9f:9e:bd:61:8f:38: c4:05:34:e1:9b:a5:5d:51:39:c5:df:b9:b7:3d:a4: 0f:6c:d2:56:a5:10:1e:13:7a:f8:3b:5d:0e:f1:d3: 00:11:ee:46:32:14:e5:cf:58:fc:5e:29:ad:0f:87: c2:e6:63:8d:87:e9:88:82:28:e4:ed:e0:b9:a5:f0: ee:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:04:42:0A:FB:3B:8D:1B:0B:38:51:50:A2:09:52:91:F8:25:43:82 X509v3 Authority Key Identifier: keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:bf:ab:ff:13:af:6c:be:31:0c:04:13:32:2b:13:3b:fb:6d: 0b:9b:0a:dd:44:74:9a:1b:39:d4:3c:ca:71:57:03:ed:8f:12: b7:4f:e0:6a:d1:9a:48:32:7f:b0:af:fe:55:04:93:76:cb:32: 83:e0:74:04:50:a8:36:d1:b0:65:04:df:fb:ca:b2:2c:c8:c0: 45:68:98:01:eb:ce:6c:51:f4:fa:fb:1a:64:9b:35:a3:09:20: dd:f7:a2:44:08:13:1a:ec:48:d7:5e:63:b6:ff:b7:5f:6f:07: 12:bf:86:d2:44:f4:35:e2:2a:6c:7c:34:4b:2a:b8:03:d6:8f: 71:f7:37:a1:af:f4:6b:ea:6e:ea:f4:f7:a6:09:d9:8c:44:00: 00:d9:05:dd:48:72:3e:74:2f:bb:cd:c6:8e:0c:06:16:a8:43: 88:8f:a4:99:db:fb:bf:bb:46:0e:41:4a:b1:60:7d:70:f5:08: c1:48:7e:ee:e4:c9:d9:8f:07:cb:0e:4f:ed:bc:d2:26:e0:ac: 98:e7:3b:54:d5:6c:dc:d2:2d:a6:80:89:0a:87:11:bf:0c:d7: 61:62:23:84:d2:fc:eb:fd:27:e5:52:c2:e1:73:80:36:48:c2: c9:c6:67:dc:12:b0:e4:2d:4b:93:a3:b3:49:de:b6:1d:a2:86: 17:5d:d3:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0H8QIV8mJcs0fllngg2YAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz OTQzY2IwHhcNMjUxMjE5MDEwMDU1WhcNMjUxMjIwMDEwMDU1WjAzMTEwLwYDVQQD EyhjYjA0NDIwYWZiM2I4ZDFiMGIzODUxNTBhMjA5NTI5MWY4MjU0MzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp0PIdGNgyjyKkJgGKRk6ifegQDp kogqBLQAcZLG9l1GWht37+hrt1nFI5eBvhTfyV4TAFCIF6H9hTQW2A7jpMjKQQ24 WKIP++sLQWvaVNd8rrype54TiTxdAtggonbjBBenJoaaOtgytE34Xrx7iWJLVF6G PRbt18KCQ+J0aor29mDOvRBk/FpdVXrZ1pMB4BENVPCnV6n7VI9KBRTds0/D1kzy Nz2zknHX0DiIiHpS+JmIekj0kOHlvaefnr1hjzjEBTThm6VdUTnF37m3PaQPbNJW pRAeE3r4O10O8dMAEe5GMhTlz1j8XimtD4fC5mONh+mIgijk7eC5pfDuvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMsEQgr7O40bCzhRUKIJUpH4JUOCMB8GA1UdIwQY MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAab+r/xOv bL4xDAQTMisTO/ttC5sK3UR0mhs51DzKcVcD7Y8St0/gatGaSDJ/sK/+VQSTdssy g+B0BFCoNtGwZQTf+8qyLMjARWiYAevObFH0+vsaZJs1owkg3feiRAgTGuxI115j tv+3X28HEr+G0kT0NeIqbHw0Syq4A9aPcfc3oa/0a+pu6vT3pgnZjEQAANkF3Uhy PnQvu83GjgwGFqhDiI+kmdv7v7tGDkFKsWB9cPUIwUh+7uTJ2Y8Hyw5P7bzSJuCs mOc7VNVs3NItpoCJCocRvwzXYWIjhNL86/0n5VLC4XOANkjCycZn3BKw5C1Lk6Oz Sd62HaKGF13TAg== -----END CERTIFICATE-----Generated at Fri Dec 19 02:32:13 2025 by rpki-client