This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft File: onxkG1MKfGuiNAIuMyckYjI2cQA.mft (raw, json) Hash identifier: 2V9uTdK0HwsyD8PIsZ+Yarw1CpG1JVPRrWys7VlPpoM= Subject key identifier: 52:DB:B6:24:C3:49:92:EB:B0:B6:85:A8:3A:23:B5:38:26:E8:B0:C4 Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100 Certificate serial: 019B3F7F5B63C13074520EF9DAB05F02668B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft Manifest number: 0CD0 Signing time: Sun 21 Dec 2025 06:01:09 +0000 Manifest this update: Sun 21 Dec 2025 06:01:09 +0000 Manifest next update: Mon 22 Dec 2025 06:01:09 +0000 Files and hashes: 1: QxhZicwGUVQxP9IW9_Bs3YT2TWA.roa (hash: BTcN4T7DZ6v6RQWA7fyITvrdQwjA1FWvrUllA9/iU9g=) 2: _CJ0ryZ88cYP589Qq2Z03nLVv7o.roa (hash: d5daN2lzwzk4YGoTznQDsoSXMlAa1gaQph+9wl7kXiM=) 3: onxkG1MKfGuiNAIuMyckYjI2cQA.crl (hash: 5h8Lc7K3YXqYDUXu4YafNpp2Bvi17/hECzyvPvA1yi0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:5b:63:c1:30:74:52:0e:f9:da:b0:5f:02:66:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27c641b530a7c6ba234022e3327246232367100 Validity Not Before: Dec 21 06:01:09 2025 GMT Not After : Dec 22 06:01:09 2025 GMT Subject: CN=52dbb624c34992ebb0b685a83a23b53826e8b0c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b8:e2:68:d6:99:24:4f:56:35:27:2f:97:53: 20:bb:46:f0:c3:cd:56:87:38:5e:c1:fe:d1:e8:35: fe:72:b6:3b:c8:36:8d:40:f5:e6:08:62:fe:49:19: ad:d4:2a:f0:3c:90:c7:ff:18:52:51:e2:7b:15:5b: 3b:e4:f3:84:61:56:f3:12:51:f7:f9:27:1f:cc:90: 89:b5:a7:c6:7d:6f:36:b8:cc:a8:0c:b6:0a:98:b0: 30:12:d7:3a:47:78:29:15:51:f5:f6:1c:e7:f0:06: ec:af:e4:77:37:8a:94:04:7c:86:8d:15:2f:0c:11: ba:4f:8f:3e:dd:bc:d6:2f:19:fd:2d:da:10:6f:53: 5f:00:cb:7c:e9:2f:4d:71:11:0a:f9:c6:f8:5c:49: d6:a4:9d:44:74:20:62:ef:4d:fe:c5:ca:e0:40:69: 11:bf:b3:33:10:67:ea:9c:cc:5b:d9:10:28:0a:2a: 15:75:e1:73:f0:97:1a:78:0d:ed:4c:7b:15:13:d5: 13:cc:d9:35:53:85:3a:1a:4e:24:39:c6:91:8b:bb: a5:65:19:53:fa:26:dc:c6:2e:2f:6c:7b:2d:2f:b9: 5e:22:5c:e9:1e:5e:64:c5:2e:af:74:23:d0:3e:de: 4a:40:9e:c9:48:c7:8e:db:ce:4a:f0:f4:44:0d:8a: 5c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:DB:B6:24:C3:49:92:EB:B0:B6:85:A8:3A:23:B5:38:26:E8:B0:C4 X509v3 Authority Key Identifier: keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:5c:54:b4:f7:86:57:fa:39:3c:da:67:41:36:87:4c:3a:86: 5d:c4:26:3e:99:53:92:1c:97:8a:ea:60:ce:fe:ae:19:e3:62: 79:ec:8c:f6:13:85:b0:76:b1:29:db:86:61:26:a3:0a:8f:69: e1:e1:fa:9d:53:ef:0d:69:ab:e5:11:b6:11:3d:25:9c:86:5b: 3a:07:01:4a:70:62:8d:da:28:e7:86:d3:f6:f9:78:98:b0:9c: 86:4d:ed:56:7b:7f:33:0f:ef:45:d9:a2:51:35:a1:ae:5e:b8: 78:72:be:34:58:09:06:fe:c9:5b:28:15:ed:97:fd:21:56:a8: 7a:af:c5:d6:22:85:ba:d4:2f:fd:e4:3b:cc:8e:0e:0a:92:3f: 88:e5:f5:24:a9:a6:cf:de:c2:d7:f6:38:b4:ee:07:f2:8b:a2: 64:f8:df:b9:70:b5:c4:33:00:15:75:d9:67:03:d0:49:e5:fb: 41:66:4e:90:73:ca:67:32:b1:95:07:ef:67:07:45:20:17:e5: 44:c5:97:b4:03:90:76:13:d2:a8:4c:de:07:68:9e:e2:07:85: 25:d7:1b:8e:b6:04:f7:63:ca:a0:3f:4b:40:5d:87:26:18:7d: e9:fe:c7:44:8d:ed:33:86:24:97:3d:b0:53:fd:80:3c:1a:15: 15:09:e3:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/f1tjwTB0Ug752rBfAmaLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz NjcxMDAwHhcNMjUxMjIxMDYwMTA5WhcNMjUxMjIyMDYwMTA5WjAzMTEwLwYDVQQD Eyg1MmRiYjYyNGMzNDk5MmViYjBiNjg1YTgzYTIzYjUzODI2ZThiMGM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLjiaNaZJE9WNScvl1Mgu0bww81W hzhewf7R6DX+crY7yDaNQPXmCGL+SRmt1CrwPJDH/xhSUeJ7FVs75POEYVbzElH3 +ScfzJCJtafGfW82uMyoDLYKmLAwEtc6R3gpFVH19hzn8Absr+R3N4qUBHyGjRUv DBG6T48+3bzWLxn9LdoQb1NfAMt86S9NcREK+cb4XEnWpJ1EdCBi703+xcrgQGkR v7MzEGfqnMxb2RAoCioVdeFz8JcaeA3tTHsVE9UTzNk1U4U6Gk4kOcaRi7ulZRlT +ibcxi4vbHstL7leIlzpHl5kxS6vdCPQPt5KQJ7JSMeO285K8PREDYpciQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFLbtiTDSZLrsLaFqDojtTgm6LDEMB8GA1UdIwQY MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt MWYxODhmY2NlODU1LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1 LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1xUtPeG V/o5PNpnQTaHTDqGXcQmPplTkhyXiupgzv6uGeNieeyM9hOFsHaxKduGYSajCo9p 4eH6nVPvDWmr5RG2ET0lnIZbOgcBSnBijdoo54bT9vl4mLCchk3tVnt/Mw/vRdmi UTWhrl64eHK+NFgJBv7JWygV7Zf9IVaoeq/F1iKFutQv/eQ7zI4OCpI/iOX1JKmm z97C1/Y4tO4H8ouiZPjfuXC1xDMAFXXZZwPQSeX7QWZOkHPKZzKxlQfvZwdFIBfl RMWXtAOQdhPSqEzeB2ie4geFJdcbjrYE92PKoD9LQF2HJhh96f7HRI3tM4Yklz2w U/2APBoVFQnjng== -----END CERTIFICATE-----Generated at Sun Dec 21 10:03:01 2025 by rpki-client