This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft File: OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json) Hash identifier: U/EanSFFQX8IU/pZJiCXMcQCOu0zYFYjdS7IgFpc09I= Subject key identifier: FB:12:46:9A:6A:9E:DD:B7:50:30:EF:A0:A5:C1:52:78:E5:61:47:55 Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2 Certificate issuer: /CN=398936603edb8558b619823c077e9eb8694758b2 Certificate serial: 019B755B34EF02B8114FADE2589CD17F24AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft Manifest number: 06A2 Signing time: Wed 31 Dec 2025 17:01:10 +0000 Manifest this update: Wed 31 Dec 2025 17:01:10 +0000 Manifest next update: Thu 01 Jan 2026 17:01:10 +0000 Files and hashes: 1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: km6QpaSUD4o5nNuqLKhkoAYQjXsUlec1SVAUHnLbWFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 17:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:5b:34:ef:02:b8:11:4f:ad:e2:58:9c:d1:7f:24:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=398936603edb8558b619823c077e9eb8694758b2 Validity Not Before: Dec 31 17:01:10 2025 GMT Not After : Jan 1 17:01:10 2026 GMT Subject: CN=fb12469a6a9eddb75030efa0a5c15278e5614755 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ba:1d:77:82:33:d4:87:22:d9:2e:d1:63:9f: 8b:b5:e5:b4:53:f4:ac:d7:fd:94:89:0c:8c:37:0f: 55:51:d5:bc:95:5c:be:40:73:25:a0:fb:2c:18:a0: c8:92:ca:74:6d:a2:98:2b:76:1f:9b:29:a0:61:3d: 78:b5:d7:98:7d:6f:3c:2f:e6:3a:5c:5e:cb:ae:b8: 3c:29:bb:c0:65:2f:f8:d7:62:92:20:19:13:1c:b7: a3:08:f6:6d:83:81:d6:be:a3:da:d7:48:bc:e7:db: c9:05:70:1f:38:b6:ba:d9:a7:85:20:fe:fe:00:4f: fa:ac:09:aa:c7:3e:fd:73:89:3e:a5:5e:ca:4b:b9: 2d:78:ee:49:5d:df:63:99:6f:fe:80:e3:5c:ed:5f: c3:bd:f7:8d:53:36:b6:b9:e7:e8:b6:8c:41:19:09: 50:1c:ae:33:17:ff:37:18:b0:12:33:ee:c5:f3:ff: ec:ef:12:f0:27:a5:e1:3f:89:c6:3e:d4:07:e5:3c: 2d:69:6f:fa:04:56:80:77:30:8c:5e:6b:f0:e3:63: 8d:15:e3:d2:76:27:19:a8:a9:b9:7a:b9:0e:6c:c4: 5b:83:8f:d9:24:17:f5:92:4a:37:f5:eb:be:0f:ed: 17:83:58:ab:1c:95:2c:76:fe:ad:87:d2:66:52:d6: 94:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:12:46:9A:6A:9E:DD:B7:50:30:EF:A0:A5:C1:52:78:E5:61:47:55 X509v3 Authority Key Identifier: keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:0b:51:5e:70:d2:ca:b2:0d:c9:ce:40:e8:70:8e:19:7d:d1: 88:64:43:f9:00:bd:b8:a6:41:da:56:1e:15:bf:49:fd:0f:a5: e8:ad:5b:bc:da:c0:c4:9e:5e:0f:d5:1d:82:be:b1:01:cf:f5: 98:43:1d:17:51:7e:c9:3b:1f:82:8c:53:79:de:c0:60:8a:1e: 1b:6b:6d:46:8e:04:4a:db:43:36:98:58:65:a2:b2:14:00:f0: bd:80:d1:1f:94:34:01:e4:47:3a:e5:db:9c:a0:e9:97:af:81: 19:34:b6:a4:a0:b3:2f:18:d4:5e:f0:75:5a:b0:9b:15:51:91: e7:00:59:7b:cc:19:d3:e9:30:1e:f7:f5:5d:1f:bc:62:c4:7f: ff:18:5d:d7:5d:ab:d4:06:25:f8:4f:ca:ae:af:ce:1b:07:71: 1d:d9:8e:72:96:97:51:80:c8:47:4b:45:eb:30:f7:56:14:b1: 85:1e:6c:de:a3:64:6b:e7:01:db:e0:78:4d:a3:13:dd:ff:c6: 11:69:63:10:f8:92:b1:cd:bb:6a:12:b1:38:56:0c:b5:d9:82: 79:e0:f2:57:b1:a3:2c:63:75:1c:57:e4:a1:99:22:1b:99:95: bb:16:f6:ba:60:ba:8c:0e:ee:d2:b9:85:b8:3b:72:82:47:0d: 14:fd:8e:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1WzTvArgRT63iWJzRfySuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0 NzU4YjIwHhcNMjUxMjMxMTcwMTEwWhcNMjYwMTAxMTcwMTEwWjAzMTEwLwYDVQQD EyhmYjEyNDY5YTZhOWVkZGI3NTAzMGVmYTBhNWMxNTI3OGU1NjE0NzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrodd4Iz1Ici2S7RY5+LteW0U/Ss 1/2UiQyMNw9VUdW8lVy+QHMloPssGKDIksp0baKYK3YfmymgYT14tdeYfW88L+Y6 XF7Lrrg8KbvAZS/412KSIBkTHLejCPZtg4HWvqPa10i859vJBXAfOLa62aeFIP7+ AE/6rAmqxz79c4k+pV7KS7kteO5JXd9jmW/+gONc7V/DvfeNUza2uefotoxBGQlQ HK4zF/83GLASM+7F8//s7xLwJ6XhP4nGPtQH5TwtaW/6BFaAdzCMXmvw42ONFePS dicZqKm5erkObMRbg4/ZJBf1kko39eu+D+0Xg1irHJUsdv6th9JmUtaUcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPsSRppqnt23UDDvoKXBUnjlYUdVMB8GA1UdIwQY MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4 LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARgtRXnDS yrINyc5A6HCOGX3RiGRD+QC9uKZB2lYeFb9J/Q+l6K1bvNrAxJ5eD9Udgr6xAc/1 mEMdF1F+yTsfgoxTed7AYIoeG2ttRo4ESttDNphYZaKyFADwvYDRH5Q0AeRHOuXb nKDpl6+BGTS2pKCzLxjUXvB1WrCbFVGR5wBZe8wZ0+kwHvf1XR+8YsR//xhd112r 1AYl+E/Krq/OGwdxHdmOcpaXUYDIR0tF6zD3VhSxhR5s3qNka+cB2+B4TaMT3f/G EWljEPiSsc27ahKxOFYMtdmCeeDyV7GjLGN1HFfkoZkiG5mVuxb2umC6jA7u0rmF uDtygkcNFP2Okw== -----END CERTIFICATE-----Generated at Thu Jan 1 00:00:53 2026 by rpki-client