This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft File: OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft (raw, json) Hash identifier: jVKV6bLfREYwOQDJrRMwI6UX0iAWPpMWvB+FJVW9/Zk= Subject key identifier: FB:53:AC:2C:C3:9D:7E:43:32:C7:FE:70:C8:C9:39:BE:B0:CB:EE:22 Authority key identifier: 3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B Certificate issuer: /CN=3a40ff154c453943a0b02aa65021c9c264947c2b Certificate serial: 019B44A61C8938BF6E0271A6159F238BA03E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft Manifest number: 0E72 Signing time: Mon 22 Dec 2025 06:01:35 +0000 Manifest this update: Mon 22 Dec 2025 06:01:35 +0000 Manifest next update: Tue 23 Dec 2025 06:01:35 +0000 Files and hashes: 1: 0wAgKVyytNbhNR-_RR1IsIpFFy0.roa (hash: hGr01I8nbqs/LJEbN09Cfzd/lbJVo6JwWOtLmEfD1wA=) 2: OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl (hash: LfvUA0GlzqyxnAry4wAG2mHE7Y7lSaI1MJZn3W1KnfU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a6:1c:89:38:bf:6e:02:71:a6:15:9f:23:8b:a0:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a40ff154c453943a0b02aa65021c9c264947c2b Validity Not Before: Dec 22 06:01:35 2025 GMT Not After : Dec 23 06:01:35 2025 GMT Subject: CN=fb53ac2cc39d7e4332c7fe70c8c939beb0cbee22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8c:d9:aa:fa:61:d0:b4:c8:0a:9c:92:8e:5c: 42:38:6b:32:9c:db:52:da:38:fb:e6:77:72:f0:c2: 65:76:81:c0:aa:94:1c:33:7b:84:e7:73:a8:bc:39: 26:09:fa:8a:e4:01:c0:be:32:a2:45:dc:27:b8:de: 9a:2e:d8:c6:90:21:8e:ef:9f:91:1d:d5:c1:33:d8: 2b:0c:e9:f5:95:66:8f:f7:f5:b7:d9:ca:1a:2e:5f: b5:8a:42:e3:d5:b3:eb:b5:65:f1:13:53:e7:e4:7e: b6:7a:0d:d2:d5:a3:44:03:d4:73:ce:60:c9:7d:a4: 91:2f:9a:d4:d1:16:81:5b:73:35:27:40:9e:e9:d7: 8a:96:bf:e1:e3:83:aa:81:55:06:ff:21:32:39:27: 74:92:d5:48:6b:c1:f9:90:c9:1a:93:69:60:96:88: 44:64:3c:69:e7:9c:60:92:84:be:fb:50:7b:cf:85: 51:37:e0:7e:79:76:cc:f1:b3:58:1d:03:74:c2:1b: 27:82:40:16:85:f8:af:c5:8e:38:e5:c2:3a:9a:a3: cf:b7:f9:ef:e0:50:bf:b9:cd:22:ab:77:89:3e:f1: d2:f9:36:15:1b:a7:ae:56:51:89:4a:64:b9:e3:07: ba:e4:3d:02:83:99:99:6c:ac:15:95:eb:32:87:49: 5d:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:53:AC:2C:C3:9D:7E:43:32:C7:FE:70:C8:C9:39:BE:B0:CB:EE:22 X509v3 Authority Key Identifier: keyid:3A:40:FF:15:4C:45:39:43:A0:B0:2A:A6:50:21:C9:C2:64:94:7C:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkD_FUxFOUOgsCqmUCHJwmSUfCs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4efcae-afc9-422b-aadd-82bb0bb11e3e/1/OkD_FUxFOUOgsCqmUCHJwmSUfCs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:a6:18:49:54:e4:52:d4:d0:f6:37:37:4e:0a:c5:7a:f4:32: 65:c4:d6:bd:d0:fb:8a:ff:8a:99:3a:de:d8:67:05:8b:76:8d: c6:97:7a:c7:85:3a:99:24:6c:a8:fd:57:6d:61:53:7f:b6:e3: 20:fe:64:66:bf:9c:12:b3:f9:59:d5:6b:c4:6d:24:19:6f:fd: 74:a4:4e:c2:5d:21:f0:67:0d:a2:84:ce:1e:8a:ec:cd:6c:f1: 65:9a:54:51:56:66:b5:69:03:31:4d:a1:9f:78:ac:9f:cc:bf: 6c:d3:12:4a:c9:d8:0c:9b:c7:2f:b2:91:bc:6c:f2:15:6f:57: aa:af:f5:3d:b4:44:6e:fd:85:0b:6b:88:20:20:e6:02:bf:ff: c2:01:7a:6e:93:90:dd:50:98:d0:68:3c:73:0a:40:38:10:a1: 36:41:b9:e0:96:43:bb:2f:42:01:0b:c9:50:47:1b:a6:c2:1f: 99:44:13:d0:ed:32:4e:29:e3:a3:9c:7a:17:6e:d1:01:71:71: f0:76:13:39:80:c8:10:65:82:50:05:e7:ea:40:e1:b4:fa:df: 97:bf:c8:de:80:7c:38:fa:d1:fe:6f:9d:d9:85:fc:35:12:30: 9a:0f:9e:34:a3:da:bf:a1:7a:c6:79:b6:5a:f1:4d:99:7b:44: 53:f6:c3:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEphyJOL9uAnGmFZ8ji6A+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDBmZjE1NGM0NTM5NDNhMGIwMmFhNjUwMjFjOWMyNjQ5 NDdjMmIwHhcNMjUxMjIyMDYwMTM1WhcNMjUxMjIzMDYwMTM1WjAzMTEwLwYDVQQD EyhmYjUzYWMyY2MzOWQ3ZTQzMzJjN2ZlNzBjOGM5MzliZWIwY2JlZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYzZqvph0LTICpySjlxCOGsynNtS 2jj75ndy8MJldoHAqpQcM3uE53OovDkmCfqK5AHAvjKiRdwnuN6aLtjGkCGO75+R HdXBM9grDOn1lWaP9/W32coaLl+1ikLj1bPrtWXxE1Pn5H62eg3S1aNEA9RzzmDJ faSRL5rU0RaBW3M1J0Ce6deKlr/h44OqgVUG/yEyOSd0ktVIa8H5kMkak2lglohE ZDxp55xgkoS++1B7z4VRN+B+eXbM8bNYHQN0whsngkAWhfivxY445cI6mqPPt/nv 4FC/uc0iq3eJPvHS+TYVG6euVlGJSmS54we65D0Cg5mZbKwVlesyh0ldZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPtTrCzDnX5DMsf+cMjJOb6wy+4iMB8GA1UdIwQY MBaAFDpA/xVMRTlDoLAqplAhycJklHwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQt ODJiYjBiYjExZTNlLzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi80ZWZjYWUtYWZjOS00MjJiLWFhZGQtODJiYjBiYjExZTNl LzEvT2tEX0ZVeEZPVU9nc0NxbVVDSEp3bVNVZkNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIaYYSVTk UtTQ9jc3TgrFevQyZcTWvdD7iv+KmTre2GcFi3aNxpd6x4U6mSRsqP1XbWFTf7bj IP5kZr+cErP5WdVrxG0kGW/9dKROwl0h8GcNooTOHorszWzxZZpUUVZmtWkDMU2h n3isn8y/bNMSSsnYDJvHL7KRvGzyFW9Xqq/1PbREbv2FC2uIICDmAr//wgF6bpOQ 3VCY0Gg8cwpAOBChNkG54JZDuy9CAQvJUEcbpsIfmUQT0O0yTinjo5x6F27RAXFx 8HYTOYDIEGWCUAXn6kDhtPrfl7/I3oB8OPrR/m+d2YX8NRIwmg+eNKPav6F6xnm2 WvFNmXtEU/bDpg== -----END CERTIFICATE-----Generated at Mon Dec 22 15:43:05 2025 by rpki-client