This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft File: 1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json) Hash identifier: Q65Ra8KJv5kHXL2xweg8isAJL0a4TkEz1lh/NG/5sGg= Subject key identifier: F6:2C:50:7D:DE:33:D3:C8:16:AD:C7:79:35:6D:DA:7F:99:99:EF:0B Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590 Certificate serial: 019B42EE62ADB0C5931A155256514B5E666E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft Manifest number: 178F Signing time: Sun 21 Dec 2025 22:01:17 +0000 Manifest this update: Sun 21 Dec 2025 22:01:17 +0000 Manifest next update: Mon 22 Dec 2025 22:01:17 +0000 Files and hashes: 1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: GBeaSUcYunzO8c2iAeWKhdCxeliqioYz4eFIu/D4lYU=) 2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:62:ad:b0:c5:93:1a:15:52:56:51:4b:5e:66:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590 Validity Not Before: Dec 21 22:01:17 2025 GMT Not After : Dec 22 22:01:17 2025 GMT Subject: CN=f62c507dde33d3c816adc779356dda7f9999ef0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d9:d2:a0:fe:3b:29:4e:8f:ee:a6:b9:09:13: 12:a9:0a:5f:f2:0d:8d:28:1a:89:a9:34:b6:cf:d9: c8:b6:04:95:c7:82:c1:9a:69:c7:f0:f3:42:e5:3c: d2:10:77:28:70:e5:33:52:21:b3:9a:33:91:64:32: a5:97:fc:d6:b8:f7:4b:47:eb:35:00:33:3a:ef:08: 47:7c:76:62:36:80:ff:1e:f7:2c:1c:95:78:67:72: 43:a4:d4:7f:07:7b:da:dc:b6:4d:da:3b:bf:4f:b2: f5:07:29:91:41:50:06:84:f0:8e:4a:99:e9:b7:f3: a3:97:f5:a5:bb:70:0c:bf:12:1c:43:72:a9:bb:ca: 0e:0e:dc:42:ba:65:16:d5:36:27:ac:51:73:29:bc: e2:21:d0:b3:ae:58:de:b2:1f:01:55:1b:e2:6a:47: bd:fd:26:6b:99:33:e1:b3:55:61:05:a3:51:f2:7b: 28:e6:4b:a6:e0:ce:a2:db:50:92:64:ba:48:e2:3d: 72:e7:28:52:80:fe:da:ff:de:bc:c1:b6:a0:43:2d: 24:f6:80:2b:83:d3:70:1b:ad:a5:db:58:39:a2:ef: da:69:7d:55:02:4c:83:ee:c0:e0:a1:b8:02:6f:aa: 9d:69:22:52:a0:97:93:b8:e9:51:7f:8a:37:e9:34: 47:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:2C:50:7D:DE:33:D3:C8:16:AD:C7:79:35:6D:DA:7F:99:99:EF:0B X509v3 Authority Key Identifier: keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:f9:a1:a3:f7:d7:a9:cb:c0:3e:66:1f:80:fc:32:03:1a:a0: 37:c8:14:fd:83:80:de:4d:f4:6b:d3:ba:58:5c:bd:06:22:9d: 14:ac:37:da:09:c1:97:a5:75:1f:f3:56:f1:40:0e:9a:dd:42: 5c:1f:86:f0:ed:59:f5:bc:72:fc:74:b4:e2:d3:9a:d7:a6:7d: 34:81:69:70:f3:93:38:da:14:37:f9:fa:a0:5c:ae:54:02:17: a1:84:a3:32:1e:a1:66:88:cc:c8:21:dd:f0:8c:88:c9:8c:a3: 9b:cf:47:14:7f:be:c2:45:12:80:5e:22:06:4a:69:09:1a:c0: f6:17:75:de:40:95:a7:bb:ae:3a:78:4a:7f:25:59:fa:a9:31: 1d:e6:d9:ee:f8:68:78:b5:df:10:1f:1e:38:a8:f6:cb:2e:43: ae:bb:3c:3d:a7:f1:ed:65:bd:02:18:f2:f7:91:bb:23:5d:99: 48:27:44:99:7d:f6:46:64:53:4e:cd:7d:bf:a7:83:8c:1a:48: c0:67:ca:65:35:cb:b5:69:21:ce:58:c1:f8:6e:9a:6f:49:27: 40:55:01:f0:7a:0b:fa:6e:39:97:41:b8:44:76:5e:68:19:73: 37:5e:f8:ed:c3:b0:90:22:60:7c:6e:a3:b6:f5:e7:db:55:a3: 1e:fc:a0:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7mKtsMWTGhVSVlFLXmZuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5 OTE1OTAwHhcNMjUxMjIxMjIwMTE3WhcNMjUxMjIyMjIwMTE3WjAzMTEwLwYDVQQD EyhmNjJjNTA3ZGRlMzNkM2M4MTZhZGM3NzkzNTZkZGE3Zjk5OTllZjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtnSoP47KU6P7qa5CRMSqQpf8g2N KBqJqTS2z9nItgSVx4LBmmnH8PNC5TzSEHcocOUzUiGzmjORZDKll/zWuPdLR+s1 ADM67whHfHZiNoD/HvcsHJV4Z3JDpNR/B3va3LZN2ju/T7L1BymRQVAGhPCOSpnp t/Ojl/Wlu3AMvxIcQ3Kpu8oODtxCumUW1TYnrFFzKbziIdCzrljesh8BVRviake9 /SZrmTPhs1VhBaNR8nso5kum4M6i21CSZLpI4j1y5yhSgP7a/968wbagQy0k9oAr g9NwG62l21g5ou/aaX1VAkyD7sDgobgCb6qdaSJSoJeTuOlRf4o36TRHnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPYsUH3eM9PIFq3HeTVt2n+Zme8LMB8GA1UdIwQY MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2 LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWPmho/fX qcvAPmYfgPwyAxqgN8gU/YOA3k30a9O6WFy9BiKdFKw32gnBl6V1H/NW8UAOmt1C XB+G8O1Z9bxy/HS04tOa16Z9NIFpcPOTONoUN/n6oFyuVAIXoYSjMh6hZojMyCHd 8IyIyYyjm89HFH++wkUSgF4iBkppCRrA9hd13kCVp7uuOnhKfyVZ+qkxHebZ7vho eLXfEB8eOKj2yy5Drrs8Pafx7WW9Ahjy95G7I12ZSCdEmX32RmRTTs19v6eDjBpI wGfKZTXLtWkhzljB+G6ab0knQFUB8HoL+m45l0G4RHZeaBlzN1747cOwkCJgfG6j tvXn21WjHvygqQ== -----END CERTIFICATE-----Generated at Mon Dec 22 02:50:12 2025 by rpki-client