This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json) Hash identifier: UThOmKrZ5oWZ/+mm6/6v0Ft/PE9A0PHjTFeymtbfemc= Subject key identifier: 87:A4:17:BF:DE:8B:C4:9A:FC:85:7A:8B:5D:F0:43:95:87:D7:01:1E Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48 Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48 Certificate serial: 019B3C7ECF47A0EA10F10673858AB7328BA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft Manifest number: 04AA Signing time: Sat 20 Dec 2025 16:01:42 +0000 Manifest this update: Sat 20 Dec 2025 16:01:42 +0000 Manifest next update: Sun 21 Dec 2025 16:01:42 +0000 Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=) 2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: Dz0y/EJZSmWPqtbWClkYVUpv601TvzaAE8Vdd/7ghHU=) 3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:cf:47:a0:ea:10:f1:06:73:85:8a:b7:32:8b:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48 Validity Not Before: Dec 20 16:01:42 2025 GMT Not After : Dec 21 16:01:42 2025 GMT Subject: CN=87a417bfde8bc49afc857a8b5df0439587d7011e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:4d:83:54:3a:bd:58:8a:ab:37:75:3c:cc:dd: 40:50:7a:db:2b:a7:cd:7a:8d:10:f4:ff:18:58:d3: a8:ab:e5:4c:21:6f:19:49:f0:1b:a7:cd:e2:ac:5a: a4:a3:b3:9c:df:ad:ee:0d:6c:f4:15:5b:f4:7e:64: e4:41:c0:ec:1d:13:83:94:ae:b9:d9:dd:c0:f2:0a: dc:2d:0f:98:ee:74:b3:e7:24:18:71:38:cc:e0:fb: 54:18:f1:f0:81:f3:3d:a5:17:8a:68:51:f0:6f:46: b1:ad:09:92:98:60:d6:e8:33:ce:ea:83:e9:c0:8b: ad:1a:68:97:a7:45:c9:7e:d6:aa:32:73:5e:1f:47: 92:5b:ea:d6:0d:ad:c8:d5:93:6c:07:1c:92:84:88: 81:6b:05:2b:63:a4:24:f1:cc:93:cf:81:d2:e3:c8: fe:6f:6d:6b:03:5f:24:a6:82:26:9f:e2:ad:a5:48: 2b:6f:85:e6:9d:ea:55:b5:83:21:ce:69:89:6d:6a: 80:88:82:b5:83:5c:d2:af:1b:02:25:c1:10:9b:8b: e5:58:4e:33:9c:90:ea:92:4b:4f:d7:c8:2a:51:37: 13:81:d8:94:8e:a9:79:fe:fd:d9:ee:05:d3:3f:6e: a0:03:7a:43:a8:1e:87:32:0c:6d:93:48:01:ca:7b: e5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A4:17:BF:DE:8B:C4:9A:FC:85:7A:8B:5D:F0:43:95:87:D7:01:1E X509v3 Authority Key Identifier: keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:3a:b6:7b:90:2e:10:8c:f6:1f:07:92:aa:d0:a0:cb:c0:0a: e4:9d:71:9a:7f:4e:f0:f6:59:63:3f:d7:bb:27:9c:d0:23:58: 4f:e5:c7:f0:c4:2e:ce:de:f6:81:8c:88:66:05:da:33:9f:e6: 25:c1:c8:45:d4:6f:df:6f:df:24:c0:cf:b9:aa:80:94:1e:f9: 84:6b:5c:2d:12:bf:be:f6:00:7f:29:c5:a6:5b:8d:25:48:30: 5b:21:dd:9d:18:48:d6:68:3d:1b:da:a9:35:95:d7:e2:47:aa: 33:51:14:13:80:bc:56:2b:d3:e6:2d:7f:a4:8f:e9:25:24:cd: c8:75:eb:71:fb:14:99:5d:8a:46:5e:7c:d8:2b:49:52:a7:d3: 60:37:30:4e:71:af:96:b1:52:58:12:37:54:ab:1c:ec:31:fd: 7a:7b:72:4e:34:bd:79:8e:6f:6b:34:99:5c:05:e7:67:b5:7d: d7:2b:bc:8e:24:d2:fc:52:e2:c5:f1:a0:02:e8:c5:b1:c9:73: 5e:7e:7a:cc:b8:e5:8c:c8:94:c1:aa:8e:70:db:09:0b:0f:4a: 67:51:22:2e:67:b7:e3:16:1e:f0:94:11:b9:11:39:05:6a:c6: 97:d2:f2:07:26:9f:87:b8:15:6f:dd:a9:cb:f3:a3:d3:d1:e7: 1e:2f:43:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fs9HoOoQ8QZzhYq3MoupMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz ZTRhNDgwHhcNMjUxMjIwMTYwMTQyWhcNMjUxMjIxMTYwMTQyWjAzMTEwLwYDVQQD Eyg4N2E0MTdiZmRlOGJjNDlhZmM4NTdhOGI1ZGYwNDM5NTg3ZDcwMTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE2DVDq9WIqrN3U8zN1AUHrbK6fN eo0Q9P8YWNOoq+VMIW8ZSfAbp83irFqko7Oc363uDWz0FVv0fmTkQcDsHRODlK65 2d3A8grcLQ+Y7nSz5yQYcTjM4PtUGPHwgfM9pReKaFHwb0axrQmSmGDW6DPO6oPp wIutGmiXp0XJftaqMnNeH0eSW+rWDa3I1ZNsBxyShIiBawUrY6Qk8cyTz4HS48j+ b21rA18kpoImn+KtpUgrb4XmnepVtYMhzmmJbWqAiIK1g1zSrxsCJcEQm4vlWE4z nJDqkktP18gqUTcTgdiUjql5/v3Z7gXTP26gA3pDqB6HMgxtk0gBynvluQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIekF7/ei8Sa/IV6i13wQ5WH1wEeMB8GA1UdIwQY MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkzq2e5Au EIz2HweSqtCgy8AK5J1xmn9O8PZZYz/Xuyec0CNYT+XH8MQuzt72gYyIZgXaM5/m JcHIRdRv32/fJMDPuaqAlB75hGtcLRK/vvYAfynFpluNJUgwWyHdnRhI1mg9G9qp NZXX4keqM1EUE4C8VivT5i1/pI/pJSTNyHXrcfsUmV2KRl582CtJUqfTYDcwTnGv lrFSWBI3VKsc7DH9entyTjS9eY5vazSZXAXnZ7V91yu8jiTS/FLixfGgAujFsclz Xn56zLjljMiUwaqOcNsJCw9KZ1EiLme34xYe8JQRuRE5BWrGl9LyByafh7gVb92p y/Oj09HnHi9Dqw== -----END CERTIFICATE-----Generated at Sat Dec 20 23:10:01 2025 by rpki-client