This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
File: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft (raw, json)
Hash identifier: R5WyAxZNlyNhgIfTyJNpBKEjtkQC0RZLSm+SeU4S3Jc=
Subject key identifier: 29:4E:9A:AD:0D:8C:6B:73:54:E7:FA:8D:D3:EA:47:01:7F:04:B8:68
Authority key identifier: A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
Certificate issuer: /CN=a09fda047b3a0b1c820435e699388660da32c63f
Certificate serial: 019B3AC6BF428FDA74D49074EAF537462FBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
Manifest number: 06E2
Signing time: Sat 20 Dec 2025 08:01:02 +0000
Manifest this update: Sat 20 Dec 2025 08:01:02 +0000
Manifest next update: Sun 21 Dec 2025 08:01:02 +0000
Files and hashes: 1: FfIlEvStYRtAHT_4tgisj2sboIA.roa (hash: u8VtTRQomqZri4fvKgtiux4C4c/ZHFagnd78Z59URa8=)
2: oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl (hash: 1hQxH3p7wudkuBBxsm2oOUytaixPbp1uDT0/yJ+ObEI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Dec 2025 08:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:3a:c6:bf:42:8f:da:74:d4:90:74:ea:f5:37:46:2f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09fda047b3a0b1c820435e699388660da32c63f
Validity
Not Before: Dec 20 08:01:02 2025 GMT
Not After : Dec 21 08:01:02 2025 GMT
Subject: CN=294e9aad0d8c6b7354e7fa8dd3ea47017f04b868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:44:cf:24:0e:33:ce:9a:04:83:d4:32:42:d9:
9c:64:81:8f:33:53:dd:47:d8:69:f2:0a:af:a6:d5:
5f:a6:c0:d3:0b:c3:e2:bd:60:f2:1c:85:17:a2:81:
ed:44:9f:aa:62:24:26:e3:f4:98:30:98:78:fa:d6:
fb:9d:74:aa:b6:a9:f9:86:5b:52:3d:9a:93:95:97:
0e:a2:a2:1d:49:ae:c7:ef:1e:c7:f4:de:2d:2d:da:
71:ee:5c:fd:33:85:29:d9:76:4b:7d:94:d5:9c:d9:
44:46:44:05:d0:15:9b:cb:98:9c:4d:70:ca:e9:99:
a3:c5:8c:9c:3d:ad:32:a0:cd:ed:e1:91:33:d4:4e:
93:25:52:cc:ed:4d:f1:94:e4:61:09:7b:1a:10:a5:
1d:6d:58:f0:0f:50:d6:0a:0a:ed:1a:ff:80:ea:e1:
f3:19:29:7a:b8:56:c4:7b:61:ed:53:f3:4b:29:20:
55:34:df:73:74:9a:ea:4a:9e:96:12:e7:08:47:9f:
59:bb:35:69:1c:3d:93:44:8a:d1:a7:5d:b7:6f:11:
cb:2c:8e:1d:4b:6b:52:f2:9a:b4:82:5d:f9:26:ff:
99:27:45:39:ef:59:ec:d8:f2:7b:cc:96:89:79:f6:
1a:88:bd:e1:85:59:72:ab:e1:a0:00:e5:bb:59:8f:
5c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4E:9A:AD:0D:8C:6B:73:54:E7:FA:8D:D3:EA:47:01:7F:04:B8:68
X509v3 Authority Key Identifier:
keyid:A0:9F:DA:04:7B:3A:0B:1C:82:04:35:E6:99:38:86:60:DA:32:C6:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8b4d32-0365-4daa-9d5b-29920e5167d9/1/oJ_aBHs6CxyCBDXmmTiGYNoyxj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:65:3c:39:dc:a4:a9:42:4a:5b:24:ab:e4:43:0e:ea:1a:ac:
31:2f:63:6a:51:55:25:33:fe:19:f8:b1:30:c8:4d:70:ca:40:
f2:34:87:77:4d:b0:45:fd:cb:20:20:a6:ca:64:9b:e6:ee:ed:
cc:19:f5:0a:7b:40:82:64:db:41:a0:a3:49:d9:54:da:e9:e7:
8f:b1:77:e4:89:5f:15:33:dd:b1:57:40:23:48:45:c0:57:1a:
0d:f1:e8:07:3b:80:b7:3c:dc:1e:38:14:9f:fa:15:72:8b:2e:
9c:f8:d2:68:e0:34:ac:9b:1a:00:fa:ae:ba:3c:3f:aa:04:be:
49:46:c0:70:10:78:95:7d:9e:fe:ec:1d:6a:b0:73:fb:b1:2f:
77:16:6a:b9:3e:9c:48:23:04:c9:c9:b4:0c:18:e7:26:38:11:
ad:97:75:8c:90:f0:4b:b2:a1:08:95:d8:cb:9e:6e:be:c7:19:
ee:94:1b:73:80:8a:56:ee:0b:48:16:06:6d:db:68:99:95:9b:
5b:97:83:56:e7:96:89:25:0a:f4:36:dc:5d:48:33:f4:80:ae:
1f:f3:be:80:c2:fc:da:07:ea:ea:49:b9:49:2c:9c:11:cc:d2:
cb:99:ea:f0:6c:9a:d8:2f:37:fc:0e:b5:51:af:e9:a5:89:3d:
82:4f:c0:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs6xr9Cj9p01JB06vU3Ri+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWZkYTA0N2IzYTBiMWM4MjA0MzVlNjk5Mzg4NjYwZGEz
MmM2M2YwHhcNMjUxMjIwMDgwMTAyWhcNMjUxMjIxMDgwMTAyWjAzMTEwLwYDVQQD
EygyOTRlOWFhZDBkOGM2YjczNTRlN2ZhOGRkM2VhNDcwMTdmMDRiODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukTPJA4zzpoEg9QyQtmcZIGPM1Pd
R9hp8gqvptVfpsDTC8PivWDyHIUXooHtRJ+qYiQm4/SYMJh4+tb7nXSqtqn5hltS
PZqTlZcOoqIdSa7H7x7H9N4tLdpx7lz9M4Up2XZLfZTVnNlERkQF0BWby5icTXDK
6ZmjxYycPa0yoM3t4ZEz1E6TJVLM7U3xlORhCXsaEKUdbVjwD1DWCgrtGv+A6uHz
GSl6uFbEe2HtU/NLKSBVNN9zdJrqSp6WEucIR59ZuzVpHD2TRIrRp123bxHLLI4d
S2tS8pq0gl35Jv+ZJ0U571ns2PJ7zJaJefYaiL3hhVlyq+GgAOW7WY9cUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClOmq0NjGtzVOf6jdPqRwF/BLhoMB8GA1UdIwQY
MBaAFKCf2gR7OgscggQ15pk4hmDaMsY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWIt
Mjk5MjBlNTE2N2Q5LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84YjRkMzItMDM2NS00ZGFhLTlkNWItMjk5MjBlNTE2N2Q5
LzEvb0pfYUJIczZDeHlDQkRYbW1UaUdZTm95eGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEmU8Odyk
qUJKWySr5EMO6hqsMS9jalFVJTP+GfixMMhNcMpA8jSHd02wRf3LICCmymSb5u7t
zBn1CntAgmTbQaCjSdlU2unnj7F35IlfFTPdsVdAI0hFwFcaDfHoBzuAtzzcHjgU
n/oVcosunPjSaOA0rJsaAPquujw/qgS+SUbAcBB4lX2e/uwdarBz+7EvdxZquT6c
SCMEycm0DBjnJjgRrZd1jJDwS7KhCJXYy55uvscZ7pQbc4CKVu4LSBYGbdtomZWb
W5eDVueWiSUK9DbcXUgz9ICuH/O+gML82gfq6km5SSycEczSy5nq8Gya2C83/A61
Ua/ppYk9gk/A5Q==
-----END CERTIFICATE-----
Generated at Sat Dec 20 12:26:51 2025 by rpki-client