This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft File: o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft (raw, json) Hash identifier: 8qwoSy1tgfRWYdjKyzYE6smcJK6vj7o9jxa+8VPsOwM= Subject key identifier: BA:92:AB:A6:B9:40:C4:C0:CF:16:FC:97:E9:81:E3:0D:74:F4:DC:14 Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4 Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4 Certificate serial: 019B38D855C68FB5036826AA3FA69440B19B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft Manifest number: 16B8 Signing time: Fri 19 Dec 2025 23:01:00 +0000 Manifest this update: Fri 19 Dec 2025 23:01:00 +0000 Manifest next update: Sat 20 Dec 2025 23:01:00 +0000 Files and hashes: 1: Su3Ka1R7pjnRGDKZqEvX63VKxF4.roa (hash: QbfTd/kjJdOYrA4Hvyf36D6w4D1v8xL290MIRPSar4I=) 2: ZMT2qJeQlu-C5i0G01EBCNd-g6M.roa (hash: Jul8wggfGDzUNFRFlHhNzs2me0GUF4GTUbIsvxzWDwQ=) 3: fnuqhATdgk7065LZ-MFpw_mk_Sk.roa (hash: MF0/pFOYDoQu2nRxFXy3gK33SujqFiXhgPkh2E7fsqk=) 4: o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl (hash: 4qASuRlDcVA/Xl19oU9RfXfUlk83AzNj/VtLPX0E1AA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 23:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:d8:55:c6:8f:b5:03:68:26:aa:3f:a6:94:40:b1:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4 Validity Not Before: Dec 19 23:01:00 2025 GMT Not After : Dec 20 23:01:00 2025 GMT Subject: CN=ba92aba6b940c4c0cf16fc97e981e30d74f4dc14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:99:8d:ab:fd:e8:f7:3b:69:27:1c:c9:bf:58: b2:03:ff:e1:e1:73:2d:2c:e8:4e:78:9a:75:fd:94: 3d:82:a6:1a:57:ce:04:6e:26:ad:51:19:ac:5a:89: f7:38:a9:11:e9:bd:fb:1a:4d:61:30:45:20:b2:bc: dd:d5:86:3e:ff:23:92:3c:a9:6c:4d:19:e5:70:2f: 77:ef:53:c7:3e:2b:d0:e4:16:2b:bb:55:bd:61:63: be:a7:6e:10:09:ee:85:6e:0c:a5:b5:99:dd:4a:32: 07:47:e8:60:77:cf:7c:72:c3:04:59:a3:b3:1b:0a: c3:f3:8b:98:3f:94:f6:74:32:ed:ab:9c:a0:93:91: d4:a0:3b:42:fe:b3:7c:ab:8c:09:05:52:3d:de:a3: 4f:67:ed:ad:ff:1a:17:4b:7a:29:c8:e7:03:50:ec: 41:d4:81:e1:a3:da:cc:4d:31:13:b9:17:f4:dc:7f: 8d:56:76:f8:ab:7b:21:bc:63:c7:dc:8d:98:6d:f7: 5d:8c:21:62:76:23:96:9c:37:81:67:3b:e8:b3:9a: 8f:89:3e:24:a9:1f:08:4b:c1:f6:c2:be:ff:14:7f: b0:a5:1a:74:bb:cb:90:3c:a2:62:92:1a:89:26:d0: b9:75:7a:b6:1a:ac:84:93:fa:0c:64:56:1f:1b:fd: 68:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:92:AB:A6:B9:40:C4:C0:CF:16:FC:97:E9:81:E3:0D:74:F4:DC:14 X509v3 Authority Key Identifier: keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:74:c9:f1:81:d5:7a:f8:57:49:b4:a5:5b:c3:1c:8f:6c:ac: 52:e9:c4:7f:e5:11:6e:37:09:21:37:4a:32:3b:4c:a2:26:da: 56:2b:3c:60:98:06:cf:be:2c:bb:51:67:e9:5e:a1:30:44:26: cf:9f:f2:99:4f:e9:83:34:c0:bd:70:d2:a0:a1:75:58:5c:90: 70:7c:40:cd:c7:ea:99:6c:35:d8:54:09:bf:34:e2:aa:55:66: a4:a3:b5:4f:2f:72:b0:73:c5:f8:9a:51:3d:3c:9d:99:03:66: 5a:59:54:e8:e0:7e:70:fd:a5:75:43:bb:32:f4:9e:a9:08:68: 66:19:ed:bd:2e:ce:e8:76:38:58:3f:54:1e:dc:28:be:04:43: 4b:c8:1f:27:c1:73:6b:19:d0:ce:58:7b:1a:e5:dd:b5:27:36: ee:a7:26:fd:ee:d7:4a:1d:6b:f5:f3:a6:f9:55:64:9a:07:4f: 04:8e:c1:99:56:4c:98:cd:65:a3:8b:42:c6:10:1f:f0:63:3f: b1:54:81:02:08:30:63:d8:ad:d1:58:57:2c:1e:be:67:6f:1f: 17:0b:89:71:8e:a1:9d:e9:8f:c8:28:10:86:0d:a0:a6:ad:27: 30:c7:e8:c2:e7:41:18:8b:8a:22:95:11:a1:73:d9:45:5d:9d: 96:95:b6:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs42FXGj7UDaCaqP6aUQLGbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx Y2FmYTQwHhcNMjUxMjE5MjMwMTAwWhcNMjUxMjIwMjMwMTAwWjAzMTEwLwYDVQQD EyhiYTkyYWJhNmI5NDBjNGMwY2YxNmZjOTdlOTgxZTMwZDc0ZjRkYzE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5mNq/3o9ztpJxzJv1iyA//h4XMt LOhOeJp1/ZQ9gqYaV84EbiatURmsWon3OKkR6b37Gk1hMEUgsrzd1YY+/yOSPKls TRnlcC9371PHPivQ5BYru1W9YWO+p24QCe6FbgyltZndSjIHR+hgd898csMEWaOz GwrD84uYP5T2dDLtq5ygk5HUoDtC/rN8q4wJBVI93qNPZ+2t/xoXS3opyOcDUOxB 1IHho9rMTTETuRf03H+NVnb4q3shvGPH3I2YbfddjCFidiOWnDeBZzvos5qPiT4k qR8IS8H2wr7/FH+wpRp0u8uQPKJikhqJJtC5dXq2GqyEk/oMZFYfG/1oyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLqSq6a5QMTAzxb8l+mB4w109NwUMB8GA1UdIwQY MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt MGU3MjQxNmI0ZGM3LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3 LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3TJ8YHV evhXSbSlW8Mcj2ysUunEf+URbjcJITdKMjtMoibaVis8YJgGz74su1Fn6V6hMEQm z5/ymU/pgzTAvXDSoKF1WFyQcHxAzcfqmWw12FQJvzTiqlVmpKO1Ty9ysHPF+JpR PTydmQNmWllU6OB+cP2ldUO7MvSeqQhoZhntvS7O6HY4WD9UHtwovgRDS8gfJ8Fz axnQzlh7GuXdtSc27qcm/e7XSh1r9fOm+VVkmgdPBI7BmVZMmM1lo4tCxhAf8GM/ sVSBAggwY9it0VhXLB6+Z28fFwuJcY6hnemPyCgQhg2gpq0nMMfowudBGIuKIpUR oXPZRV2dlpW2uA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:42:07 2025 by rpki-client