This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft File: oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json) Hash identifier: EkH4hJxtENGX71z6UlKyadMg2ioQoISorlKod4j3w9g= Subject key identifier: 20:FF:C3:15:4F:F8:38:17:4C:E4:24:EA:98:2D:31:AC:9F:9C:52:34 Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8 Certificate issuer: /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8 Certificate serial: 019B32D5E4AC4CDDEDFA508783DC64C8AB97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft Manifest number: 1027 Signing time: Thu 18 Dec 2025 19:00:36 +0000 Manifest this update: Thu 18 Dec 2025 19:00:36 +0000 Manifest next update: Fri 19 Dec 2025 19:00:36 +0000 Files and hashes: 1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: vgVkD2y8J/p1gMkBo3QVicktKTa9JcJ6vel7iRTqkeM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:e4:ac:4c:dd:ed:fa:50:87:83:dc:64:c8:ab:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8 Validity Not Before: Dec 18 19:00:36 2025 GMT Not After : Dec 19 19:00:36 2025 GMT Subject: CN=20ffc3154ff838174ce424ea982d31ac9f9c5234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fb:49:9b:3e:8d:cc:67:75:a9:ee:13:e2:aa: 7a:97:cf:fd:da:cd:71:5f:da:85:84:c1:49:0e:24: aa:a0:b7:e2:e7:c5:22:92:54:c3:91:cc:86:94:c1: 17:fd:77:30:74:57:77:f2:cd:70:3f:29:cd:b2:5b: 42:2e:e0:db:d5:af:f7:cc:f1:1a:fa:c3:9f:f7:08: de:8e:13:08:47:77:d1:60:d7:06:b4:28:86:9e:2b: 2d:98:93:4d:5f:ac:5c:4d:55:3d:ab:f7:d9:7f:81: a3:5e:b9:a7:1c:43:40:e2:29:33:85:91:b8:c5:34: d5:c7:e3:d4:0f:18:e9:11:e8:e4:2c:d1:8f:0f:6f: 9d:dd:30:fb:49:1b:f8:9e:36:82:bb:32:89:09:20: 07:11:5b:e9:c9:2e:9c:bc:3d:4b:a1:79:15:45:5f: 3a:2d:59:d4:85:dd:c8:68:67:bc:72:e5:06:c7:a3: e3:66:1e:44:c8:dc:9a:a3:81:a7:bc:75:43:9a:a4: 13:fe:40:fa:d0:94:b4:b8:e5:18:27:d8:08:78:b5: 80:c7:51:09:b8:21:5e:37:d6:1a:80:b7:ab:b8:ac: 23:56:1f:2a:c8:bd:ef:7e:34:a0:66:9d:40:67:92: 36:0c:56:a0:47:03:f7:55:4f:bc:27:b6:a6:2e:1c: 90:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:FF:C3:15:4F:F8:38:17:4C:E4:24:EA:98:2D:31:AC:9F:9C:52:34 X509v3 Authority Key Identifier: keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:b0:36:f8:8e:c9:da:66:47:ab:23:b5:94:77:43:fa:da:51: f3:3f:c4:64:5a:f1:36:23:4c:4b:72:0c:10:f6:25:a7:b6:49: 0e:87:36:2a:29:e5:07:89:b7:30:39:47:68:61:04:3d:d6:c3: 31:50:e9:6d:c2:6e:bb:95:87:6d:41:a2:db:9f:26:0e:22:96: 4f:82:59:f2:bc:44:1d:d7:1f:b0:1a:ab:f9:e3:aa:ca:e2:c7: e5:64:ef:77:56:4b:6e:36:e9:28:e7:63:12:2a:cc:4c:ed:3c: d6:e3:cc:32:e5:2c:51:f3:c6:72:48:b1:76:fc:80:5d:5b:23: d1:b7:02:17:5d:39:ab:e4:7f:09:19:4a:74:40:ea:30:3a:0c: 04:86:da:09:87:8a:d5:6b:ee:f4:01:82:26:4e:3e:0c:0e:39: 0e:b1:47:d0:6c:10:d5:84:af:cd:4e:32:86:54:b6:54:e4:08: 9a:57:76:ce:31:c5:80:b7:80:02:73:b4:6c:94:97:2e:59:fa: 6b:85:27:f0:bd:fd:94:43:24:3c:cb:6b:50:c2:7c:ce:b9:9b: 6f:59:72:cf:c2:84:86:5b:71:7d:e4:89:4c:fb:ac:2e:c8:ee: f1:58:82:73:a3:39:75:3d:64:22:af:a9:f0:02:03:eb:7f:45: d8:9b:49:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1eSsTN3t+lCHg9xkyKuXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy N2E3ZDgwHhcNMjUxMjE4MTkwMDM2WhcNMjUxMjE5MTkwMDM2WjAzMTEwLwYDVQQD EygyMGZmYzMxNTRmZjgzODE3NGNlNDI0ZWE5ODJkMzFhYzlmOWM1MjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqftJmz6NzGd1qe4T4qp6l8/92s1x X9qFhMFJDiSqoLfi58UiklTDkcyGlMEX/XcwdFd38s1wPynNsltCLuDb1a/3zPEa +sOf9wjejhMIR3fRYNcGtCiGnistmJNNX6xcTVU9q/fZf4GjXrmnHENA4ikzhZG4 xTTVx+PUDxjpEejkLNGPD2+d3TD7SRv4njaCuzKJCSAHEVvpyS6cvD1LoXkVRV86 LVnUhd3IaGe8cuUGx6PjZh5EyNyao4GnvHVDmqQT/kD60JS0uOUYJ9gIeLWAx1EJ uCFeN9YagLeruKwjVh8qyL3vfjSgZp1AZ5I2DFagRwP3VU+8J7amLhyQMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCD/wxVP+DgXTOQk6pgtMayfnFI0MB8GA1UdIwQY MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0 LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7A2+I7J 2mZHqyO1lHdD+tpR8z/EZFrxNiNMS3IMEPYlp7ZJDoc2KinlB4m3MDlHaGEEPdbD MVDpbcJuu5WHbUGi258mDiKWT4JZ8rxEHdcfsBqr+eOqyuLH5WTvd1ZLbjbpKOdj EirMTO081uPMMuUsUfPGckixdvyAXVsj0bcCF105q+R/CRlKdEDqMDoMBIbaCYeK 1Wvu9AGCJk4+DA45DrFH0GwQ1YSvzU4yhlS2VOQImld2zjHFgLeAAnO0bJSXLln6 a4Un8L39lEMkPMtrUMJ8zrmbb1lyz8KEhltxfeSJTPusLsju8ViCc6M5dT1kIq+p 8AID639F2JtJcA== -----END CERTIFICATE-----Generated at Fri Dec 19 00:08:54 2025 by rpki-client