This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft File: owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json) Hash identifier: gQkDYcen1UcMCx7qU6yMN1UPmmsyYBBTlqJRisvuWKU= Subject key identifier: AA:6D:8A:86:CF:7D:12:47:2D:AC:8C:D9:0B:74:07:47:F9:55:8A:4C Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79 Certificate issuer: /CN=a308dccc47584c3fa8261db7926a2e40172b3f79 Certificate serial: 019B6241E9D7DA60DB014F8AAC388D3B38CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft Manifest number: 046D Signing time: Sun 28 Dec 2025 00:00:45 +0000 Manifest this update: Sun 28 Dec 2025 00:00:45 +0000 Manifest next update: Mon 29 Dec 2025 00:00:45 +0000 Files and hashes: 1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: t6r2RfLWSdg3NihOlK8wUl2AePTYWwdDaN66dUrXMkM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:41:e9:d7:da:60:db:01:4f:8a:ac:38:8d:3b:38:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79 Validity Not Before: Dec 28 00:00:45 2025 GMT Not After : Dec 29 00:00:45 2025 GMT Subject: CN=aa6d8a86cf7d12472dac8cd90b740747f9558a4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:d7:9c:89:69:ba:b9:e2:31:e0:62:35:86:22: 65:21:c4:33:cf:b3:06:ca:57:2a:7d:99:18:bd:28: 6c:5e:bb:5a:6d:99:ab:36:8b:7d:92:e9:35:5f:bc: c9:8d:6c:3f:64:9b:02:02:19:f7:fa:fe:dc:31:3c: 30:73:1f:f2:fb:4a:f5:b8:f7:83:1c:ce:fa:da:e8: 6e:27:0a:da:bf:3b:5b:62:6e:2b:7c:a9:bd:1e:c5: 01:81:37:f5:99:4f:7e:d3:3d:73:52:74:be:f3:25: ee:59:8f:91:bd:9e:36:d1:44:54:36:de:c9:f3:ac: 8c:bc:a4:4e:7c:16:d1:1a:a6:85:b6:d4:c2:1e:08: d4:3d:b3:4e:bb:28:36:e7:f2:ad:5f:29:a9:4e:ec: f3:f5:43:59:91:e6:fd:60:04:96:7f:14:72:3e:4d: ef:25:e7:db:3b:01:c1:46:cd:3f:05:ab:80:62:6f: 70:de:70:f8:cd:a8:f1:9a:41:f7:55:45:8e:b1:ad: 4a:67:10:72:b4:32:a6:9c:a2:c8:8d:57:7d:54:d2: ee:f1:1c:26:ad:1a:bd:ca:19:38:3f:c7:c2:69:4f: 94:42:d1:c9:98:ef:9b:b6:f4:34:11:62:e4:9b:fe: 22:89:1e:44:18:11:9a:45:f5:4f:6d:03:21:b6:ba: ec:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:6D:8A:86:CF:7D:12:47:2D:AC:8C:D9:0B:74:07:47:F9:55:8A:4C X509v3 Authority Key Identifier: keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:09:fc:2b:0b:b7:89:44:87:a9:e6:4f:cc:1c:9c:19:58:43: 8c:1b:a7:b3:8f:d5:25:05:f0:9d:d2:74:77:79:bf:fa:ff:34: 72:f8:71:ba:01:e4:45:31:e9:bc:c7:f9:c8:95:62:7d:2e:68: ec:7f:c9:e7:22:a3:a2:82:93:07:10:30:38:22:a2:99:62:99: 98:2a:68:ac:9e:4d:8a:12:88:99:0b:17:7a:95:08:1d:aa:fc: 15:e6:96:7b:aa:b5:7b:4a:5b:34:59:a6:90:cf:89:2c:28:59: ad:d5:96:96:5a:00:5f:2c:f7:9c:d2:d7:e4:8a:7a:44:7c:7f: 24:eb:74:9d:07:b7:53:25:d2:94:c0:2f:a0:2f:a4:a6:1d:77: a8:9b:11:62:43:cf:46:2d:1d:48:af:8c:4d:28:b2:e6:6d:e7: 4a:13:a9:22:08:01:38:81:6d:8a:7a:88:c7:d5:cf:68:55:f3: 8a:bb:db:00:d4:34:75:8f:02:fb:7e:e1:db:5d:e4:ca:56:e2: d3:df:13:e7:6d:b7:ce:b2:54:9d:7a:ba:cb:b6:d3:1f:b2:ad: 37:65:f8:08:e5:a8:aa:e5:53:9a:a8:b6:04:04:5e:16:63:2d: 24:25:5f:3d:ac:bf:86:67:ef:71:0d:42:88:bc:4d:f9:1c:5c: 69:b8:e5:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtiQenX2mDbAU+KrDiNOzjKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy YjNmNzkwHhcNMjUxMjI4MDAwMDQ1WhcNMjUxMjI5MDAwMDQ1WjAzMTEwLwYDVQQD EyhhYTZkOGE4NmNmN2QxMjQ3MmRhYzhjZDkwYjc0MDc0N2Y5NTU4YTRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NeciWm6ueIx4GI1hiJlIcQzz7MG ylcqfZkYvShsXrtabZmrNot9kuk1X7zJjWw/ZJsCAhn3+v7cMTwwcx/y+0r1uPeD HM762uhuJwravztbYm4rfKm9HsUBgTf1mU9+0z1zUnS+8yXuWY+RvZ420URUNt7J 86yMvKROfBbRGqaFttTCHgjUPbNOuyg25/KtXympTuzz9UNZkeb9YASWfxRyPk3v JefbOwHBRs0/BauAYm9w3nD4zajxmkH3VUWOsa1KZxBytDKmnKLIjVd9VNLu8Rwm rRq9yhk4P8fCaU+UQtHJmO+btvQ0EWLkm/4iiR5EGBGaRfVPbQMhtrrsUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKptiobPfRJHLayM2Qt0B0f5VYpMMB8GA1UdIwQY MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApAn8Kwu3 iUSHqeZPzBycGVhDjBuns4/VJQXwndJ0d3m/+v80cvhxugHkRTHpvMf5yJVifS5o 7H/J5yKjooKTBxAwOCKimWKZmCporJ5NihKImQsXepUIHar8FeaWe6q1e0pbNFmm kM+JLChZrdWWlloAXyz3nNLX5Ip6RHx/JOt0nQe3UyXSlMAvoC+kph13qJsRYkPP Ri0dSK+MTSiy5m3nShOpIggBOIFtinqIx9XPaFXzirvbANQ0dY8C+37h213kylbi 098T5223zrJUnXq6y7bTH7KtN2X4COWoquVTmqi2BAReFmMtJCVfPay/hmfvcQ1C iLxN+Rxcabjltg== -----END CERTIFICATE-----Generated at Sun Dec 28 06:39:52 2025 by rpki-client