This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft File: OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft (raw, json) Hash identifier: 42mZxHNgfGlUgzM/d2REaUdLVuIiaJyxOo1S7A5jx6U= Subject key identifier: 00:F9:8B:26:A5:63:5E:EF:65:0B:38:C9:1C:40:FD:AE:9D:FF:FE:FD Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb Certificate serial: 019B503C13A66F8DB62F24A6E4A953BE4C0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft Manifest number: 16F8 Signing time: Wed 24 Dec 2025 12:01:12 +0000 Manifest this update: Wed 24 Dec 2025 12:01:12 +0000 Manifest next update: Thu 25 Dec 2025 12:01:12 +0000 Files and hashes: 1: KBKNSo54C-UjedwUMFB9xB41sio.roa (hash: EOnhGNtgG2NlhPSt6QkJfBoHbT869foRrNlEhdeoqqA=) 2: OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl (hash: IDYRm69Bre7gEODmzAxLEfMfqxsge7lrE5Eyl0w3MIA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:3c:13:a6:6f:8d:b6:2f:24:a6:e4:a9:53:be:4c:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb Validity Not Before: Dec 24 12:01:12 2025 GMT Not After : Dec 25 12:01:12 2025 GMT Subject: CN=00f98b26a5635eef650b38c91c40fdae9dfffefd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:4c:9f:24:81:f3:ae:4f:6a:fb:09:5a:98:34: e6:87:e1:fc:25:64:9d:1a:a6:15:56:85:9d:15:af: b3:12:c3:9a:aa:d1:0d:83:1d:c2:74:22:e4:53:e1: ee:6d:85:49:09:1b:0e:ab:ac:09:f2:b1:8d:f4:94: f5:24:cd:f8:a0:17:41:5e:11:72:e1:64:80:77:30: ef:6b:51:48:49:19:ee:64:d0:bf:ca:d9:5a:7e:8b: 2a:f4:01:1e:a5:dd:c2:3c:a4:ea:31:3c:c6:21:b6: 3e:2a:ff:d6:d1:26:fc:15:83:c9:40:18:52:6d:a4: 59:f7:d4:3b:cb:1b:f7:13:2f:0f:41:50:76:3c:91: 27:a8:bf:1b:42:b7:59:15:70:8a:8a:4f:61:9f:a2: 9f:0a:2f:80:18:71:14:01:46:60:17:0c:97:89:f5: b9:ff:57:5e:7b:e2:c8:ac:50:db:52:62:70:bc:09: ff:a5:98:c2:10:01:80:fb:29:26:93:65:31:73:c3: 8a:4d:85:5f:df:ef:ca:49:37:bb:c8:95:47:27:8f: fe:62:bc:b2:74:5b:92:c0:19:a9:1e:0e:bc:5c:66: 73:09:9c:36:1d:91:78:47:a4:60:0d:9c:be:de:9e: 91:b3:e3:28:14:4e:06:3b:bc:dd:1d:3b:8a:4d:4e: 7c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:F9:8B:26:A5:63:5E:EF:65:0B:38:C9:1C:40:FD:AE:9D:FF:FE:FD X509v3 Authority Key Identifier: keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:e3:7f:a6:58:5b:99:ab:29:71:b9:19:7b:5b:f6:c3:c3:1e: f5:bf:45:18:f6:cf:b0:5e:b4:83:cc:e1:75:24:ee:83:c8:fe: b8:d6:de:f0:56:af:85:14:cd:a9:17:f2:c5:49:83:5c:a1:2f: 05:f1:cc:5d:18:79:1d:d3:f8:f4:d9:1d:4b:ee:2e:d3:c9:05: d3:09:3f:8a:5d:31:34:4f:bb:e8:13:11:d5:0d:2c:e8:31:1d: 67:25:14:00:ce:ac:1c:c7:e2:f1:cd:3a:d9:47:07:6a:c9:bb: 10:87:2f:b8:a8:9e:ff:2f:00:e9:ae:8a:b2:63:8e:0c:f4:24: 86:b1:74:10:f7:63:1a:23:cb:5b:c6:7c:29:96:76:cd:34:0a: 67:4c:5a:a9:69:fd:d1:97:07:b1:58:05:63:30:bf:c5:56:d7: e6:a2:1b:68:de:c2:a4:18:f1:91:2f:d1:20:a9:0c:0b:40:b7: 1f:dc:2f:96:40:cf:9b:f6:85:0e:67:3c:66:e8:e8:80:97:51: 1e:5b:02:bb:fc:c8:c3:60:64:64:b1:f8:06:f7:91:51:10:3a: ab:59:0b:fc:0b:5d:e6:0a:04:a1:38:d9:f9:60:50:18:aa:1c: a8:77:18:47:2b:ac:1a:45:8f:e8:43:c0:b1:ee:db:29:81:16: 60:d9:3c:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQPBOmb422LySm5KlTvkwLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3 OTE5ZmIwHhcNMjUxMjI0MTIwMTEyWhcNMjUxMjI1MTIwMTEyWjAzMTEwLwYDVQQD EygwMGY5OGIyNmE1NjM1ZWVmNjUwYjM4YzkxYzQwZmRhZTlkZmZmZWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UyfJIHzrk9q+wlamDTmh+H8JWSd GqYVVoWdFa+zEsOaqtENgx3CdCLkU+HubYVJCRsOq6wJ8rGN9JT1JM34oBdBXhFy 4WSAdzDva1FISRnuZNC/ytlafosq9AEepd3CPKTqMTzGIbY+Kv/W0Sb8FYPJQBhS baRZ99Q7yxv3Ey8PQVB2PJEnqL8bQrdZFXCKik9hn6KfCi+AGHEUAUZgFwyXifW5 /1dee+LIrFDbUmJwvAn/pZjCEAGA+ykmk2Uxc8OKTYVf3+/KSTe7yJVHJ4/+Yryy dFuSwBmpHg68XGZzCZw2HZF4R6RgDZy+3p6Rs+MoFE4GO7zdHTuKTU58CQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAD5iyalY17vZQs4yRxA/a6d//79MB8GA1UdIwQY MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt MDUwMmE2YTU0YWFiLzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADeN/plhb maspcbkZe1v2w8Me9b9FGPbPsF60g8zhdSTug8j+uNbe8FavhRTNqRfyxUmDXKEv BfHMXRh5HdP49NkdS+4u08kF0wk/il0xNE+76BMR1Q0s6DEdZyUUAM6sHMfi8c06 2UcHasm7EIcvuKie/y8A6a6KsmOODPQkhrF0EPdjGiPLW8Z8KZZ2zTQKZ0xaqWn9 0ZcHsVgFYzC/xVbX5qIbaN7CpBjxkS/RIKkMC0C3H9wvlkDPm/aFDmc8ZujogJdR HlsCu/zIw2BkZLH4BveRURA6q1kL/Atd5goEoTjZ+WBQGKocqHcYRyusGkWP6EPA se7bKYEWYNk8Vw== -----END CERTIFICATE-----Generated at Wed Dec 24 18:07:50 2025 by rpki-client