This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft File: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json) Hash identifier: eWq/ZNRjAX6chWzaqoXlhy3cSjUAryKsQuDzIghJG9g= Subject key identifier: 36:65:9E:6F:36:85:DE:31:D6:D2:E1:34:B5:AE:11:37:06:B6:9A:AE Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1 Certificate issuer: /CN=38a19e640de1f452a7dc4abe786aa581342927b1 Certificate serial: 019B51BCE608BAAD4B7936FE8653092DB3B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft Manifest number: 06D3 Signing time: Wed 24 Dec 2025 19:01:32 +0000 Manifest this update: Wed 24 Dec 2025 19:01:32 +0000 Manifest next update: Thu 25 Dec 2025 19:01:32 +0000 Files and hashes: 1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: aGTz6Zm6O6nFBFmZ26+1JbkR2Nj0hazAKvWUKtnxXw0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:e6:08:ba:ad:4b:79:36:fe:86:53:09:2d:b3:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1 Validity Not Before: Dec 24 19:01:32 2025 GMT Not After : Dec 25 19:01:32 2025 GMT Subject: CN=36659e6f3685de31d6d2e134b5ae113706b69aae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c4:98:46:df:35:06:7a:11:dd:9c:f0:46:da: 47:94:c5:f4:40:01:4e:54:a6:c9:30:a5:11:dc:a4: 8d:51:f8:4c:30:e3:a3:c4:88:16:5d:58:b1:ef:e9: 5c:b7:2d:ab:70:ae:41:ac:6c:ac:cb:39:ab:e3:d8: aa:47:46:a9:2d:df:c5:6c:68:74:55:0d:d7:69:dd: 4b:3a:eb:f3:b9:cb:67:11:65:e5:40:cd:ec:02:f9: 0c:cf:9d:7d:c7:35:9d:cc:a0:3d:ef:df:dd:62:65: 0f:78:61:37:04:e9:55:b2:91:cc:68:65:62:3c:dd: 1a:60:82:da:99:55:0f:fd:09:02:0b:fa:46:d3:40: 2a:54:4d:4b:0c:9d:dc:f7:fa:64:c1:28:06:b6:8c: b0:80:55:5e:72:5f:f7:51:e6:c7:85:6f:a6:9d:d5: 37:c7:65:0f:7d:bd:db:49:09:a7:2f:e0:de:d0:0b: 28:38:ce:23:f7:75:b1:fa:6f:12:3d:70:48:71:a5: 76:4f:0f:cf:af:e3:ae:02:56:a6:b1:a7:ea:eb:67: 82:aa:ea:69:b1:b5:71:77:fd:ee:b5:65:ac:52:5a: 13:4e:dd:5a:bd:ef:8d:5b:da:72:eb:89:28:bc:20: b3:b1:01:1a:8a:61:40:c5:3a:e4:a6:2f:08:5c:f2: e5:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:65:9E:6F:36:85:DE:31:D6:D2:E1:34:B5:AE:11:37:06:B6:9A:AE X509v3 Authority Key Identifier: keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:b0:33:34:b6:a7:41:a1:ab:ec:fb:d2:8b:f0:a2:48:32:02: b2:54:3e:2e:ea:d0:83:3c:0d:a9:a5:78:8d:da:d5:26:01:d8: 0e:c7:0e:af:ce:89:47:fc:1f:ef:a8:ca:1e:8d:26:3d:a1:0a: ae:22:61:ea:10:48:40:31:5b:a5:cb:6b:be:59:a0:51:0a:15: 09:9d:4d:9e:25:db:2a:26:19:a8:d6:b6:05:ae:35:b7:8f:01: 95:8f:27:4a:b8:d6:55:32:e7:5e:ef:84:77:61:55:8f:ff:b5: a4:23:17:c8:ae:04:f3:89:8f:2d:32:e8:2a:65:76:ac:1e:42: 7b:3e:4c:6e:cf:b8:33:70:d0:ab:98:b3:56:3f:4f:fd:5f:c4: 9f:5c:c1:e3:e6:d3:b3:12:6c:63:78:30:4a:56:b6:a8:f8:7d: 8a:16:2c:53:b2:7d:ee:27:13:c2:12:d0:33:15:6b:6e:79:73: 85:1b:65:cf:93:e2:d6:22:39:13:46:ea:5a:2a:74:b2:14:99: 60:03:12:9e:55:51:15:46:30:89:7d:38:d4:61:c0:50:dd:67: 60:e3:bb:56:95:aa:44:45:69:0c:eb:13:20:ba:67:37:40:e7: 1d:86:7d:34:20:41:32:ef:a8:29:ba:50:90:ac:b0:f7:67:eb: 75:47:9b:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvOYIuq1LeTb+hlMJLbOyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy OTI3YjEwHhcNMjUxMjI0MTkwMTMyWhcNMjUxMjI1MTkwMTMyWjAzMTEwLwYDVQQD EygzNjY1OWU2ZjM2ODVkZTMxZDZkMmUxMzRiNWFlMTEzNzA2YjY5YWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMSYRt81BnoR3ZzwRtpHlMX0QAFO VKbJMKUR3KSNUfhMMOOjxIgWXVix7+lcty2rcK5BrGysyzmr49iqR0apLd/FbGh0 VQ3Xad1LOuvzuctnEWXlQM3sAvkMz519xzWdzKA979/dYmUPeGE3BOlVspHMaGVi PN0aYILamVUP/QkCC/pG00AqVE1LDJ3c9/pkwSgGtoywgFVecl/3UebHhW+mndU3 x2UPfb3bSQmnL+De0AsoOM4j93Wx+m8SPXBIcaV2Tw/Pr+OuAlamsafq62eCqupp sbVxd/3utWWsUloTTt1ave+NW9py64kovCCzsQEaimFAxTrkpi8IXPLlWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZlnm82hd4x1tLhNLWuETcGtpquMB8GA1UdIwQY MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbAzNLan QaGr7PvSi/CiSDICslQ+LurQgzwNqaV4jdrVJgHYDscOr86JR/wf76jKHo0mPaEK riJh6hBIQDFbpctrvlmgUQoVCZ1NniXbKiYZqNa2Ba41t48BlY8nSrjWVTLnXu+E d2FVj/+1pCMXyK4E84mPLTLoKmV2rB5Cez5Mbs+4M3DQq5izVj9P/V/En1zB4+bT sxJsY3gwSla2qPh9ihYsU7J97icTwhLQMxVrbnlzhRtlz5Pi1iI5E0bqWip0shSZ YAMSnlVRFUYwiX041GHAUN1nYOO7VpWqREVpDOsTILpnN0DnHYZ9NCBBMu+oKbpQ kKyw92frdUebQA== -----END CERTIFICATE-----Generated at Wed Dec 24 19:59:33 2025 by rpki-client