This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: 9uc5zUaxtFKM6NcWFxbEK9xQA5VccugefIx80UEgwnI= Subject key identifier: 9B:49:6D:2A:C7:4A:7B:F8:3B:5E:45:DE:03:D5:3C:ED:FF:8C:48:B6 Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019B6F21A4AF97C9A3D3ADDA74A01648381B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0E89 Signing time: Tue 30 Dec 2025 12:00:34 +0000 Manifest this update: Tue 30 Dec 2025 12:00:34 +0000 Manifest next update: Wed 31 Dec 2025 12:00:34 +0000 Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: KOMorRl4WYfLM3TriB22mvayNmxvwdFQJ4lIvQ+EAMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6f:21:a4:af:97:c9:a3:d3:ad:da:74:a0:16:48:38:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Dec 30 12:00:34 2025 GMT Not After : Dec 31 12:00:34 2025 GMT Subject: CN=9b496d2ac74a7bf83b5e45de03d53cedff8c48b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:a1:45:2b:ec:b5:ac:a9:b0:6d:bf:15:77:13: 7f:6f:e8:32:5a:2d:22:3f:36:f8:c2:f5:08:f8:cf: df:b8:fb:1f:38:d4:87:82:2c:f4:08:d2:30:7a:fa: 60:51:9c:08:c5:f3:d3:36:25:78:3d:60:60:63:f0: 62:e8:b3:d4:35:9a:93:d1:c3:10:a4:e4:0c:7a:c0: bd:45:69:f5:e8:4a:51:3c:98:78:c3:17:0a:2e:89: 43:44:98:6b:ec:d8:db:ca:19:ef:37:e5:53:09:4d: e4:4d:f1:30:8b:1a:e2:65:76:2c:83:fd:72:a0:3f: d7:45:98:37:1e:5b:06:60:7f:87:82:fe:22:fd:fe: 22:1e:a9:a1:d6:7d:ea:d7:0d:b6:57:c9:dd:a4:a4: bd:cc:4a:a0:db:e6:e0:f9:b9:ce:02:f8:9a:56:9c: c0:1e:25:7b:08:a9:00:93:11:7f:a3:44:ae:6f:8c: 41:29:cd:76:40:e3:73:63:2f:16:a6:da:0b:ef:b6: 0c:49:8a:4c:1f:6a:ff:4f:f1:c1:45:e2:6c:af:5e: 96:12:57:80:0d:64:b3:33:cb:57:b5:70:0d:c9:c0: e0:6e:a5:76:7e:f0:63:3e:31:38:21:db:d1:ff:b0: 2d:87:4a:2b:87:09:3d:51:41:37:22:b3:0a:23:b4: e5:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:49:6D:2A:C7:4A:7B:F8:3B:5E:45:DE:03:D5:3C:ED:FF:8C:48:B6 X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:4f:fc:4a:c8:89:39:60:a7:fc:e1:e8:96:c0:68:f9:8f:84: 2e:bf:c9:3a:54:05:63:36:9d:53:04:c3:2b:1c:27:bb:fa:64: 50:d2:18:f8:3b:de:c7:cb:c4:f0:c5:3d:2c:9a:ba:35:8b:3c: 43:24:6f:09:aa:10:25:e5:a2:a8:47:b3:9a:48:1a:75:4d:90: 68:2e:b3:3d:73:8b:7a:bb:9c:cf:14:d5:2b:37:40:a8:9f:ac: 92:8a:7d:87:a7:73:5a:f3:d4:9c:f9:89:4e:66:c8:96:50:ed: 75:57:b9:43:df:47:68:c9:97:82:58:9a:7d:4d:4c:4e:63:bd: e6:24:5f:6a:1a:2b:19:1b:69:5c:12:0a:29:66:66:03:a8:7f: 40:e8:b5:94:80:1e:84:1c:c5:36:e1:8d:10:de:47:4a:56:6f: 1c:11:09:35:2f:06:26:1b:f2:20:9c:43:db:22:16:b5:70:bb: 0b:fe:e8:27:5e:23:b0:ca:3e:65:60:2b:bf:6f:2a:cf:00:4e: e5:66:c8:0f:b8:46:14:18:81:d6:30:a2:ed:93:eb:7a:a9:15: f5:28:ae:d6:e9:c3:da:3c:86:1d:d6:b5:04:59:02:63:1c:23: e5:40:6a:3b:ab:6b:44:04:05:9a:41:5c:ef:99:ed:df:3d:88: 4a:d7:0b:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtvIaSvl8mj063adKAWSDgbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjUxMjMwMTIwMDM0WhcNMjUxMjMxMTIwMDM0WjAzMTEwLwYDVQQD Eyg5YjQ5NmQyYWM3NGE3YmY4M2I1ZTQ1ZGUwM2Q1M2NlZGZmOGM0OGI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqFFK+y1rKmwbb8VdxN/b+gyWi0i Pzb4wvUI+M/fuPsfONSHgiz0CNIwevpgUZwIxfPTNiV4PWBgY/Bi6LPUNZqT0cMQ pOQMesC9RWn16EpRPJh4wxcKLolDRJhr7NjbyhnvN+VTCU3kTfEwixriZXYsg/1y oD/XRZg3HlsGYH+Hgv4i/f4iHqmh1n3q1w22V8ndpKS9zEqg2+bg+bnOAviaVpzA HiV7CKkAkxF/o0Sub4xBKc12QONzYy8WptoL77YMSYpMH2r/T/HBReJsr16WEleA DWSzM8tXtXANycDgbqV2fvBjPjE4IdvR/7Ath0orhwk9UUE3IrMKI7TlzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJtJbSrHSnv4O15F3gPVPO3/jEi2MB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANU/8SsiJ OWCn/OHolsBo+Y+ELr/JOlQFYzadUwTDKxwnu/pkUNIY+Dvex8vE8MU9LJq6NYs8 QyRvCaoQJeWiqEezmkgadU2QaC6zPXOLeruczxTVKzdAqJ+skop9h6dzWvPUnPmJ TmbIllDtdVe5Q99HaMmXgliafU1MTmO95iRfahorGRtpXBIKKWZmA6h/QOi1lIAe hBzFNuGNEN5HSlZvHBEJNS8GJhvyIJxD2yIWtXC7C/7oJ14jsMo+ZWArv28qzwBO 5WbID7hGFBiB1jCi7ZPreqkV9Siu1unD2jyGHda1BFkCYxwj5UBqO6trRAQFmkFc 75nt3z2IStcLWA== -----END CERTIFICATE-----Generated at Tue Dec 30 14:54:21 2025 by rpki-client