This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft File: oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft (raw, json) Hash identifier: 0Mmf/Sob0WgwRNiMnH45wa9beV6ZpI4Yuj4SoxZ9FBY= Subject key identifier: C1:6A:21:EB:4D:56:0E:47:3B:40:38:2B:1B:06:61:D9:18:FF:92:16 Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77 Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77 Certificate serial: 019B405ADFDC0C393AB0B425F38C12EC1891 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft Manifest number: 0EB1 Signing time: Sun 21 Dec 2025 10:00:55 +0000 Manifest this update: Sun 21 Dec 2025 10:00:55 +0000 Manifest next update: Mon 22 Dec 2025 10:00:55 +0000 Files and hashes: 1: f3Wn9TOfcfxB3VYXWanqfMC6WRI.roa (hash: CJSEzeKkH+A8u48zVCzb/MrI7FvV/Beze1CPp3UTLZU=) 2: oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl (hash: zLsFhOL+701xzpv8zdNiJkikv8Ibd6QOrPE6i522Mdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:df:dc:0c:39:3a:b0:b4:25:f3:8c:12:ec:18:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77 Validity Not Before: Dec 21 10:00:55 2025 GMT Not After : Dec 22 10:00:55 2025 GMT Subject: CN=c16a21eb4d560e473b40382b1b0661d918ff9216 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fd:a4:ac:46:3c:8b:44:f2:db:bc:9c:0c:de: 15:15:61:1f:a5:3f:42:db:1c:b0:5f:21:1e:70:f8: 16:8a:25:06:f7:44:1f:64:38:38:77:b9:ee:d0:e3: 4e:9c:c2:b5:5f:a8:e0:96:e7:e8:3b:b9:87:9c:66: 29:5f:51:d8:65:25:f5:af:61:2f:51:db:fd:d1:6d: 45:74:c1:7d:a1:50:a5:bb:67:2c:7f:5f:f6:a8:44: 62:2e:29:7c:4e:b6:cd:c6:4e:eb:9f:83:05:db:0c: fe:db:83:a2:d9:cf:33:1c:65:80:45:0b:56:70:de: 63:15:a6:78:93:bc:cb:34:aa:82:c2:fb:1b:32:a5: 66:5f:93:34:ad:59:ae:bc:dd:64:8b:38:72:0e:3f: d2:38:3c:dc:00:2e:89:cc:c2:30:8a:82:b6:bb:2f: 62:26:55:e6:cf:73:d6:c4:74:ab:de:ef:c3:6a:a2: 94:9e:00:c5:65:41:d0:dd:4d:4a:85:48:34:2c:c0: 2d:f3:d9:d2:b5:3c:39:8a:8f:de:a4:d8:66:26:b6: f4:a1:91:75:e3:90:2c:0c:24:b5:cc:b0:65:78:68: e3:0f:82:9f:82:a0:a7:8e:ca:71:05:b6:4e:00:83: d7:7f:73:44:09:20:c8:63:d0:6f:0c:b5:20:ec:40: 9d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:6A:21:EB:4D:56:0E:47:3B:40:38:2B:1B:06:61:D9:18:FF:92:16 X509v3 Authority Key Identifier: keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:0c:2a:21:b5:9d:34:46:b1:0b:60:cd:57:f1:95:45:d3:e2: c0:54:e2:1e:cd:c3:6b:41:25:bc:7e:f9:8e:24:7d:ac:62:68: b1:2c:a5:61:a2:7f:f0:45:ce:57:89:15:fe:28:24:70:d9:0c: 72:86:ec:d3:ac:33:5b:db:fb:96:59:05:8c:f7:06:c7:95:7e: ab:db:2c:63:53:08:0e:6a:4f:cf:5b:22:f6:50:6b:76:7d:3e: 1a:b6:35:cf:28:85:fd:40:17:19:73:c0:be:f1:ae:81:12:36: 86:8c:01:b7:9b:2d:e0:ad:a3:0b:1e:88:4a:b1:3a:18:af:04: 9f:07:d1:5c:dc:62:2e:3d:9f:b8:a4:02:df:7d:75:3e:ea:b1: 34:10:95:58:bc:07:1d:55:a5:8f:c9:a5:ee:a0:3c:51:4c:4d: cb:9d:c9:ac:24:9c:35:56:63:f7:64:fe:42:e8:61:03:1b:7f: c0:70:fc:7e:c3:d3:26:f1:c5:26:00:0b:c5:0e:53:46:67:5d: b6:08:25:80:f4:44:87:65:5f:aa:a3:7a:71:e2:2d:7c:be:e1: eb:95:6b:93:54:44:e6:c6:dd:96:a2:9b:6d:ba:48:07:b5:0f: 65:f5:da:4a:c1:ff:09:e5:61:0a:74:fa:b1:73:2a:6b:96:3f: aa:e9:d1:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWt/cDDk6sLQl84wS7BiRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz MGZkNzcwHhcNMjUxMjIxMTAwMDU1WhcNMjUxMjIyMTAwMDU1WjAzMTEwLwYDVQQD EyhjMTZhMjFlYjRkNTYwZTQ3M2I0MDM4MmIxYjA2NjFkOTE4ZmY5MjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/2krEY8i0Ty27ycDN4VFWEfpT9C 2xywXyEecPgWiiUG90QfZDg4d7nu0ONOnMK1X6jglufoO7mHnGYpX1HYZSX1r2Ev Udv90W1FdMF9oVClu2csf1/2qERiLil8TrbNxk7rn4MF2wz+24Oi2c8zHGWARQtW cN5jFaZ4k7zLNKqCwvsbMqVmX5M0rVmuvN1kizhyDj/SODzcAC6JzMIwioK2uy9i JlXmz3PWxHSr3u/DaqKUngDFZUHQ3U1KhUg0LMAt89nStTw5io/epNhmJrb0oZF1 45AsDCS1zLBleGjjD4KfgqCnjspxBbZOAIPXf3NECSDIY9BvDLUg7ECdPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMFqIetNVg5HO0A4KxsGYdkY/5IWMB8GA1UdIwQY MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt ZjVmODE0NTY1MWQzLzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnwwqIbWd NEaxC2DNV/GVRdPiwFTiHs3Da0ElvH75jiR9rGJosSylYaJ/8EXOV4kV/igkcNkM cobs06wzW9v7llkFjPcGx5V+q9ssY1MIDmpPz1si9lBrdn0+GrY1zyiF/UAXGXPA vvGugRI2howBt5st4K2jCx6ISrE6GK8EnwfRXNxiLj2fuKQC3311PuqxNBCVWLwH HVWlj8ml7qA8UUxNy53JrCScNVZj92T+QuhhAxt/wHD8fsPTJvHFJgALxQ5TRmdd tgglgPREh2VfqqN6ceItfL7h65Vrk1RE5sbdlqKbbbpIB7UPZfXaSsH/CeVhCnT6 sXMqa5Y/qunRGw== -----END CERTIFICATE-----Generated at Sun Dec 21 12:27:35 2025 by rpki-client