This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: qv+7xCz3j4z3uwTnFYoNgXRzD1y/CQJtMpXeJYNY2Gw= Subject key identifier: BC:2E:C1:95:A3:99:53:F0:AC:1C:88:2C:A7:85:A4:CB:BC:C2:0B:29 Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019B390EE249D0FEF3C776310B1F642DDB0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0E6D Signing time: Sat 20 Dec 2025 00:00:35 +0000 Manifest this update: Sat 20 Dec 2025 00:00:35 +0000 Manifest next update: Sun 21 Dec 2025 00:00:35 +0000 Files and hashes: 1: 5FA6usbApR1_cX5AgsEzHiEcMB4.roa (hash: 7OuczURaJl5BP/q53z8kXUiqcwX3Z4OY7NVnaBx1Pg0=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: VjYDcqRNGgYWc92yMEuaSKk8REJQe2d6r0nEjYKeX24=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 00:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0e:e2:49:d0:fe:f3:c7:76:31:0b:1f:64:2d:db:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Dec 20 00:00:35 2025 GMT Not After : Dec 21 00:00:35 2025 GMT Subject: CN=bc2ec195a39953f0ac1c882ca785a4cbbcc20b29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:59:a2:af:95:60:c7:99:eb:f5:1c:63:63:0f: 7a:e6:ce:e7:80:f8:fa:58:49:aa:d9:e6:6c:9e:ed: 52:9b:ea:ef:9d:0a:b4:d6:7f:89:b9:94:8a:2e:50: aa:98:2e:46:79:9b:3c:00:d0:3a:e1:e0:db:91:ec: 84:6a:22:59:f8:9f:62:ab:93:2e:bb:d0:34:48:18: 71:98:a8:85:7a:53:4b:6e:21:15:43:97:06:e8:73: 5f:f8:7d:5f:83:35:3e:28:a5:e4:59:d3:45:d3:11: ed:6f:b4:37:bc:0f:d2:db:3d:91:73:05:9c:30:b2: 69:41:3f:ac:92:b7:84:99:42:47:99:5f:b0:dc:dc: 5d:2d:de:18:ce:bd:d5:24:0a:73:dd:3a:f3:cc:02: 58:4c:19:bb:64:c9:fd:1b:01:5d:03:b4:69:08:c5: 57:a0:67:be:32:31:2a:1e:34:28:3d:0a:d2:68:29: cd:48:f3:9f:d0:3b:40:ac:5a:45:01:60:ae:0a:74: 55:dd:4b:07:d8:b2:bd:ad:29:0c:7a:30:1e:2c:a1: ab:2f:04:dd:48:7f:26:4c:f3:de:e7:f2:34:8d:6c: 86:a8:8b:5e:bf:3b:06:36:08:6a:06:cd:9c:c8:94: b2:09:65:9f:5e:bd:5a:e7:97:1a:e9:4c:78:f5:13: c0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:2E:C1:95:A3:99:53:F0:AC:1C:88:2C:A7:85:A4:CB:BC:C2:0B:29 X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:6e:75:ce:db:00:b2:21:c4:69:ed:51:af:b6:05:da:df:70: 88:9e:3c:99:59:7e:cb:13:30:1d:0c:a7:e1:8b:b0:8a:73:0f: 60:c9:fc:26:21:45:42:d7:98:ca:cd:89:ca:13:ff:d2:e2:f1: 79:38:da:ed:b2:ee:45:3d:08:0c:80:24:07:c6:48:87:a8:21: d5:26:6d:1d:f0:cb:5d:ab:fc:d6:30:f4:a4:ad:d7:54:9a:06: a9:e3:a1:3c:32:53:36:0e:69:62:95:f1:8d:9c:d7:1e:77:de: 5c:50:2e:6b:7c:26:3c:b6:f3:d2:66:60:94:be:49:38:3f:e5: 49:69:89:b9:a8:e0:03:4c:d9:46:e1:8a:be:98:cd:e3:f6:96: f1:11:dd:f6:a4:6b:59:1c:34:bd:44:cf:51:f6:ef:ca:61:1c: f9:45:00:80:e0:99:6e:32:2c:f1:d6:fc:3e:5a:89:36:26:4f: 26:fa:8d:60:1c:78:33:10:f0:22:e0:61:df:30:b8:33:39:df: ea:59:6f:5f:90:e3:eb:a4:cd:c1:45:42:88:59:b1:80:14:92: f4:8b:35:49:37:93:8f:6e:f0:70:72:66:be:fa:a0:69:b5:f9: 96:40:d3:a1:58:c1:c8:38:3c:0f:4f:ad:19:fd:99:07:fe:3f: 51:34:48:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5DuJJ0P7zx3YxCx9kLdsMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjUxMjIwMDAwMDM1WhcNMjUxMjIxMDAwMDM1WjAzMTEwLwYDVQQD EyhiYzJlYzE5NWEzOTk1M2YwYWMxYzg4MmNhNzg1YTRjYmJjYzIwYjI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFmir5Vgx5nr9RxjYw965s7ngPj6 WEmq2eZsnu1Sm+rvnQq01n+JuZSKLlCqmC5GeZs8ANA64eDbkeyEaiJZ+J9iq5Mu u9A0SBhxmKiFelNLbiEVQ5cG6HNf+H1fgzU+KKXkWdNF0xHtb7Q3vA/S2z2RcwWc MLJpQT+skreEmUJHmV+w3NxdLd4Yzr3VJApz3TrzzAJYTBm7ZMn9GwFdA7RpCMVX oGe+MjEqHjQoPQrSaCnNSPOf0DtArFpFAWCuCnRV3UsH2LK9rSkMejAeLKGrLwTd SH8mTPPe5/I0jWyGqItevzsGNghqBs2cyJSyCWWfXr1a55ca6Ux49RPAtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLwuwZWjmVPwrByILKeFpMu8wgspMB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP251ztsA siHEae1Rr7YF2t9wiJ48mVl+yxMwHQyn4YuwinMPYMn8JiFFQteYys2JyhP/0uLx eTja7bLuRT0IDIAkB8ZIh6gh1SZtHfDLXav81jD0pK3XVJoGqeOhPDJTNg5pYpXx jZzXHnfeXFAua3wmPLbz0mZglL5JOD/lSWmJuajgA0zZRuGKvpjN4/aW8RHd9qRr WRw0vUTPUfbvymEc+UUAgOCZbjIs8db8PlqJNiZPJvqNYBx4MxDwIuBh3zC4Mznf 6llvX5Dj66TNwUVCiFmxgBSS9Is1STeTj27wcHJmvvqgabX5lkDToVjByDg8D0+t Gf2ZB/4/UTRIdg== -----END CERTIFICATE-----Generated at Sat Dec 20 06:30:26 2025 by rpki-client