This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json) Hash identifier: wEEmdqCl5ZYAbAqA0VRN+hyCnwqFe7BO8F429ps4xP8= Subject key identifier: 43:F5:05:29:D7:41:D5:1C:CD:08:6B:CF:85:6B:71:2E:C3:D9:0A:16 Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d Certificate serial: 019B3FB68D193BE678B7204CFB788919A808 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft Manifest number: 171B Signing time: Sun 21 Dec 2025 07:01:26 +0000 Manifest this update: Sun 21 Dec 2025 07:01:26 +0000 Manifest next update: Mon 22 Dec 2025 07:01:26 +0000 Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: u8XLb4mqXKdqJ1ypjIqunpK0uZtrhNJ31frcD/9bqrI=) 2: oU-Dh2GrIk6DJo0B3ckZobCZQLg.roa (hash: 3M/n9wvPmKU+uLTP2MTaGav/2cb5GDciUi4YXKv/+G0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:b6:8d:19:3b:e6:78:b7:20:4c:fb:78:89:19:a8:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d Validity Not Before: Dec 21 07:01:26 2025 GMT Not After : Dec 22 07:01:26 2025 GMT Subject: CN=43f50529d741d51ccd086bcf856b712ec3d90a16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:06:8c:08:b7:8e:fe:0a:2a:bd:75:a7:0d:3f: 44:27:64:69:19:2e:e5:ad:69:c6:3f:ea:20:02:9b: 75:f0:ac:13:a5:3f:a1:9d:49:31:89:78:e8:6c:f9: 5b:83:86:ad:07:6b:ee:bb:3f:53:c7:00:e8:24:31: a5:95:78:f9:91:f2:bc:96:4f:3a:65:af:c9:eb:a9: e3:b6:c4:21:60:7c:87:85:26:ab:2a:b5:cf:68:48: 4e:6b:48:25:27:aa:81:73:67:be:3e:8c:90:1c:95: 1e:bb:0f:d1:a0:a9:3d:8b:34:66:2a:e9:45:34:65: 77:bf:ff:ab:7b:51:99:f6:b8:cd:69:47:0d:ba:b5: a0:f3:9c:27:f5:b0:03:ab:53:8a:59:88:d0:89:94: 2e:70:7a:8a:99:03:e7:a8:07:f1:f0:75:77:ee:31: 55:8a:3d:20:17:97:ac:52:dc:b2:9c:37:78:69:0f: a3:55:95:e0:1d:d6:eb:1d:da:f5:48:df:35:43:7a: 99:67:da:a0:4f:19:bd:0f:10:db:11:26:94:12:db: 1b:a7:50:d0:54:44:a6:90:67:0d:de:b7:cc:01:ba: 86:6a:9e:2a:54:4e:54:3b:db:4f:8e:b6:cb:17:8d: 88:9e:5e:d4:13:22:32:fc:72:6b:ea:f6:39:3b:8c: 40:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F5:05:29:D7:41:D5:1C:CD:08:6B:CF:85:6B:71:2E:C3:D9:0A:16 X509v3 Authority Key Identifier: keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:c0:f8:35:98:0f:24:87:dc:83:a2:ee:91:eb:dc:00:7a:27: ec:8d:4e:ca:b1:49:d2:b9:75:7a:7c:d2:a9:c0:c3:92:be:56: ec:1c:b7:b4:fb:84:5a:79:f0:65:9b:2d:85:9c:ec:01:04:ba: 3c:20:78:77:f7:fa:88:50:11:57:e5:00:35:4e:ba:38:ec:d2: 43:37:f8:0e:a0:24:0d:44:c4:99:4f:d9:1d:db:b6:1d:5d:7d: 6e:9d:14:5a:c6:96:1c:cc:17:4f:16:56:df:a9:15:c3:aa:a6: cd:ab:60:11:63:69:c5:ce:9b:8b:1b:c8:6b:2b:29:49:60:6e: b7:6a:8e:f1:75:4b:8a:aa:e2:c8:36:7f:7a:f8:e6:99:b9:2d: 6a:d0:ba:25:60:9f:40:cd:91:74:80:54:43:95:1e:43:50:1e: 75:76:16:0d:4a:18:2d:ff:62:ee:5b:5c:8a:2e:fb:c8:fc:fa: 98:49:5c:2e:28:f4:0e:9d:9f:5d:2a:53:44:38:2f:0f:6a:8c: a9:00:65:f8:f5:63:24:85:dd:24:0d:0c:43:80:e6:8b:55:2d: ea:af:4e:f1:cf:b4:b3:56:c5:ad:e2:45:a7:5d:d2:69:28:28: 81:1f:a6:8e:85:ad:db:8b:32:30:57:d6:77:42:90:a1:2e:bb: 19:c6:68:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/to0ZO+Z4tyBM+3iJGagIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm Njk5NmQwHhcNMjUxMjIxMDcwMTI2WhcNMjUxMjIyMDcwMTI2WjAzMTEwLwYDVQQD Eyg0M2Y1MDUyOWQ3NDFkNTFjY2QwODZiY2Y4NTZiNzEyZWMzZDkwYTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAaMCLeO/goqvXWnDT9EJ2RpGS7l rWnGP+ogApt18KwTpT+hnUkxiXjobPlbg4atB2vuuz9TxwDoJDGllXj5kfK8lk86 Za/J66njtsQhYHyHhSarKrXPaEhOa0glJ6qBc2e+PoyQHJUeuw/RoKk9izRmKulF NGV3v/+re1GZ9rjNaUcNurWg85wn9bADq1OKWYjQiZQucHqKmQPnqAfx8HV37jFV ij0gF5esUtyynDd4aQ+jVZXgHdbrHdr1SN81Q3qZZ9qgTxm9DxDbESaUEtsbp1DQ VESmkGcN3rfMAbqGap4qVE5UO9tPjrbLF42Inl7UEyIy/HJr6vY5O4xAPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEP1BSnXQdUczQhrz4VrcS7D2QoWMB8GA1UdIwQY MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArsD4NZgP JIfcg6LukevcAHon7I1OyrFJ0rl1enzSqcDDkr5W7By3tPuEWnnwZZsthZzsAQS6 PCB4d/f6iFARV+UANU66OOzSQzf4DqAkDUTEmU/ZHdu2HV19bp0UWsaWHMwXTxZW 36kVw6qmzatgEWNpxc6bixvIayspSWBut2qO8XVLiqriyDZ/evjmmbktatC6JWCf QM2RdIBUQ5UeQ1AedXYWDUoYLf9i7ltcii77yPz6mElcLij0Dp2fXSpTRDgvD2qM qQBl+PVjJIXdJA0MQ4Dmi1Ut6q9O8c+0s1bFreJFp13SaSgogR+mjoWt24syMFfW d0KQoS67GcZoWg== -----END CERTIFICATE-----Generated at Sun Dec 21 11:08:07 2025 by rpki-client