This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json) Hash identifier: zFcKN2ygIww0aPKV7tksZ3jydIj4J+BGFip6LMW85QY= Subject key identifier: 28:83:6D:D5:3C:7F:53:EA:4B:E9:A0:7B:D8:11:89:BC:77:64:8E:2E Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Certificate serial: 019B5A5162BB9222BDC044A6D937B32F3293 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft Manifest number: 1743 Signing time: Fri 26 Dec 2025 11:00:41 +0000 Manifest this update: Fri 26 Dec 2025 11:00:41 +0000 Manifest next update: Sat 27 Dec 2025 11:00:41 +0000 Files and hashes: 1: KBxZJWrk1-bZEdk3S7yVEPMKVtM.roa (hash: BpbYbbHeyy+1nQHRcRldIZ4LwMax+kHyBfVOH0ykZeU=) 2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: II1so6XFiLOtpd4qvyvDtgeFz5/ndyUOsI5HoTRsLrM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:62:bb:92:22:bd:c0:44:a6:d9:37:b3:2f:32:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Validity Not Before: Dec 26 11:00:41 2025 GMT Not After : Dec 27 11:00:41 2025 GMT Subject: CN=28836dd53c7f53ea4be9a07bd81189bc77648e2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:c9:c8:21:21:65:d0:d9:a5:71:6c:f5:95:0d: ca:9a:42:6d:be:e1:b4:ee:d7:45:29:04:8b:89:2b: ed:64:92:a7:59:fe:a0:67:cd:63:6d:02:20:98:f2: f3:b3:6c:83:bf:7b:46:6b:d0:da:4a:a4:30:48:37: a2:5e:cf:e8:e1:1e:1f:99:e0:f6:8d:ae:a9:e7:9d: b7:07:68:87:66:ec:3e:24:82:be:fa:ab:83:ec:48: 3d:37:d3:5a:72:b0:34:90:93:be:91:ca:83:8c:1d: 59:d4:58:35:87:a9:f2:d3:48:8c:25:9d:8c:dc:e2: c4:ac:c7:0b:d0:cd:28:e6:89:09:74:ec:c7:d0:fe: ca:42:a9:67:89:ce:09:b0:bd:18:b1:36:dd:51:5a: 05:85:de:a6:10:eb:78:39:ef:0b:da:9d:eb:aa:3a: 8c:ab:2d:ac:ef:78:63:91:03:b1:9c:b3:45:0d:60: 38:f7:6a:d1:71:18:c1:63:2a:77:43:b2:aa:78:98: fc:60:7f:44:cd:7b:f8:b1:70:59:a9:57:fe:da:17: b5:87:94:9e:23:85:42:52:2a:15:bd:89:09:5c:8c: 35:81:78:15:cb:bb:94:6a:75:fc:c7:3a:34:d0:6c: c2:44:e8:52:d6:3f:bf:46:05:51:d5:41:0f:37:37: 0e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:83:6D:D5:3C:7F:53:EA:4B:E9:A0:7B:D8:11:89:BC:77:64:8E:2E X509v3 Authority Key Identifier: keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:e7:a5:ad:96:76:42:f2:66:1e:ab:23:66:2e:aa:dc:12:f6: aa:ca:64:b7:03:6d:53:30:2c:68:ed:80:6a:3a:24:98:dc:0b: f2:24:e5:fb:cb:c4:0c:8f:99:51:7c:5a:7c:bf:23:23:e7:4f: 8b:f4:c3:6f:77:15:52:29:62:0e:30:c5:9d:8d:a3:82:22:d1: f8:f7:14:aa:79:25:9a:1b:23:30:a0:19:b8:5c:4a:c4:3d:38: da:fe:68:a5:77:3f:8e:59:02:92:dd:25:24:2e:ee:67:73:97: 7e:02:4d:e5:78:41:0c:d0:a2:26:fc:48:07:43:f1:40:90:17: 10:d2:45:e8:1d:ef:63:79:2a:68:2d:da:ce:50:5e:08:35:59: de:de:f5:00:ee:07:c3:c1:27:d3:12:ac:6d:e7:70:7a:bb:1f: ef:14:5d:d3:a4:c7:f3:0d:08:06:c6:cc:60:81:1d:35:10:6d: 0f:c7:55:46:06:4c:b5:19:62:2a:6e:89:cd:ab:c0:20:aa:b0: 78:e4:a9:c6:8e:f6:80:7d:8c:04:8f:76:97:eb:14:14:b2:04: 9b:da:c1:f4:dc:24:a8:21:d6:40:9a:48:23:72:d5:7d:32:81: ac:42:8e:6f:6b:db:4f:20:a2:3a:d7:e2:6b:67:00:af:85:a8: 4b:83:38:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUWK7kiK9wESm2TezLzKTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4 YjQ5OGEwHhcNMjUxMjI2MTEwMDQxWhcNMjUxMjI3MTEwMDQxWjAzMTEwLwYDVQQD EygyODgzNmRkNTNjN2Y1M2VhNGJlOWEwN2JkODExODliYzc3NjQ4ZTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcnIISFl0NmlcWz1lQ3KmkJtvuG0 7tdFKQSLiSvtZJKnWf6gZ81jbQIgmPLzs2yDv3tGa9DaSqQwSDeiXs/o4R4fmeD2 ja6p5523B2iHZuw+JIK++quD7Eg9N9NacrA0kJO+kcqDjB1Z1Fg1h6ny00iMJZ2M 3OLErMcL0M0o5okJdOzH0P7KQqlnic4JsL0YsTbdUVoFhd6mEOt4Oe8L2p3rqjqM qy2s73hjkQOxnLNFDWA492rRcRjBYyp3Q7KqeJj8YH9EzXv4sXBZqVf+2he1h5Se I4VCUioVvYkJXIw1gXgVy7uUanX8xzo00GzCROhS1j+/RgVR1UEPNzcOKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCiDbdU8f1PqS+mge9gRibx3ZI4uMB8GA1UdIwQY MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+elrZZ2 QvJmHqsjZi6q3BL2qspktwNtUzAsaO2AajokmNwL8iTl+8vEDI+ZUXxafL8jI+dP i/TDb3cVUiliDjDFnY2jgiLR+PcUqnklmhsjMKAZuFxKxD042v5opXc/jlkCkt0l JC7uZ3OXfgJN5XhBDNCiJvxIB0PxQJAXENJF6B3vY3kqaC3azlBeCDVZ3t71AO4H w8En0xKsbedwersf7xRd06TH8w0IBsbMYIEdNRBtD8dVRgZMtRliKm6JzavAIKqw eOSpxo72gH2MBI92l+sUFLIEm9rB9NwkqCHWQJpII3LVfTKBrEKOb2vbTyCiOtfi a2cAr4WoS4M4lw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:51 2025 by rpki-client