This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft File: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json) Hash identifier: LBqAA55t2V7S4MeTXeIX34Gvj9sJuWePMx3573/XX9g= Subject key identifier: 0D:CF:6C:73:52:4D:6C:E3:0C:84:4D:E6:A9:B9:00:64:F6:31:62:B6 Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 Certificate issuer: /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Certificate serial: 019B51BCF1BC89A9CE0F2E9E45D6075D3BB5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft Manifest number: 1790 Signing time: Wed 24 Dec 2025 19:01:35 +0000 Manifest this update: Wed 24 Dec 2025 19:01:35 +0000 Manifest next update: Thu 25 Dec 2025 19:01:35 +0000 Files and hashes: 1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: k1/SIrBsucQVSnGu/W3O8WKfGn/j1caDp8DPnrpTaWs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:f1:bc:89:a9:ce:0f:2e:9e:45:d6:07:5d:3b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7 Validity Not Before: Dec 24 19:01:35 2025 GMT Not After : Dec 25 19:01:35 2025 GMT Subject: CN=0dcf6c73524d6ce30c844de6a9b90064f63162b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:da:f0:04:41:7f:31:d3:ce:de:1f:25:25:c9: 10:10:56:17:6a:61:e8:90:19:1a:93:5a:cc:49:74: f1:0c:29:00:c1:8c:47:a1:41:ba:de:73:d2:da:b7: dd:bc:7d:19:3c:78:73:43:4d:45:9c:8d:ac:02:fe: 4f:6e:0f:d7:04:77:5b:c8:df:e0:13:cd:15:d2:ff: 94:5a:01:a6:dc:df:66:ee:23:e6:77:a7:a2:ac:60: 43:24:45:f5:7c:29:e4:0e:db:a6:2e:55:1a:e4:5b: cb:d6:e7:65:9c:de:de:49:12:60:6f:1b:28:0d:1f: ca:9a:67:35:09:59:10:ce:c3:54:72:68:1c:6f:00: df:dc:b1:5c:88:b4:91:39:50:7b:52:5d:91:24:3b: 12:9d:7a:b2:d6:eb:d5:d4:a7:df:fb:3e:4a:6b:00: 69:0c:f8:75:15:d4:0b:78:8a:51:42:68:b0:1d:44: be:b5:57:c8:45:78:ae:57:92:f4:a6:64:2a:66:bd: 5d:43:f1:c3:b7:d6:e4:c8:98:5c:44:f1:e9:7b:53: 43:5f:e5:57:32:1d:29:45:c9:67:62:84:fa:9c:98: 1d:01:8b:04:97:bf:ab:20:f7:61:69:d5:38:cc:03: 16:54:a2:f9:b2:46:e4:51:5d:1c:74:b6:26:33:c1: 83:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:CF:6C:73:52:4D:6C:E3:0C:84:4D:E6:A9:B9:00:64:F6:31:62:B6 X509v3 Authority Key Identifier: keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:52:de:42:a8:5b:9e:64:c7:8b:71:2e:a2:ba:fe:4c:10:ba: 7d:d7:9e:df:96:d9:7d:8e:38:5d:0e:93:71:c3:03:7d:bf:74: d4:70:aa:ef:d6:76:d4:63:f2:23:37:45:77:6d:1a:d3:8b:c8: e1:80:38:e5:8e:95:f5:0e:5f:79:4b:80:9d:0c:69:2b:c2:28: d3:3f:98:2e:2d:fc:3f:32:1e:c8:09:7f:70:a9:fd:d2:90:e4: 84:94:0e:bd:a2:32:66:00:72:44:3a:1b:50:d6:87:19:07:b0: c0:ae:d5:89:d8:1b:f8:bb:82:2b:9e:dd:fc:97:b8:e4:e3:f2: b0:54:1a:e0:f8:8d:7e:c2:2e:78:6d:5c:14:24:67:e6:34:3b: eb:6a:81:b2:79:c6:9c:a9:af:10:03:27:67:ea:a6:08:ed:ff: f6:b6:79:c2:00:c9:7c:2a:c3:91:c4:bd:a0:60:7f:82:8e:37: 0f:f9:44:7f:0f:de:2e:e9:3d:68:0f:ca:36:df:1d:e2:1f:8b: 3a:0e:92:92:fc:c7:45:49:a7:51:4b:8d:35:b1:7f:7d:6f:9f: 8f:46:47:b5:35:39:84:2b:29:26:94:9e:f6:a4:76:8e:25:f6: e0:ff:48:ac:0d:ab:69:ba:34:c3:69:19:8d:b1:67:9d:d9:72: db:d4:61:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvPG8ianODy6eRdYHXTu1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh ZmVhYTcwHhcNMjUxMjI0MTkwMTM1WhcNMjUxMjI1MTkwMTM1WjAzMTEwLwYDVQQD EygwZGNmNmM3MzUyNGQ2Y2UzMGM4NDRkZTZhOWI5MDA2NGY2MzE2MmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9trwBEF/MdPO3h8lJckQEFYXamHo kBkak1rMSXTxDCkAwYxHoUG63nPS2rfdvH0ZPHhzQ01FnI2sAv5Pbg/XBHdbyN/g E80V0v+UWgGm3N9m7iPmd6eirGBDJEX1fCnkDtumLlUa5FvL1udlnN7eSRJgbxso DR/Kmmc1CVkQzsNUcmgcbwDf3LFciLSROVB7Ul2RJDsSnXqy1uvV1Kff+z5KawBp DPh1FdQLeIpRQmiwHUS+tVfIRXiuV5L0pmQqZr1dQ/HDt9bkyJhcRPHpe1NDX+VX Mh0pRclnYoT6nJgdAYsEl7+rIPdhadU4zAMWVKL5skbkUV0cdLYmM8GD7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA3PbHNSTWzjDIRN5qm5AGT2MWK2MB8GA1UdIwQY MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlLeQqhb nmTHi3Euorr+TBC6fdee35bZfY44XQ6TccMDfb901HCq79Z21GPyIzdFd20a04vI 4YA45Y6V9Q5feUuAnQxpK8Io0z+YLi38PzIeyAl/cKn90pDkhJQOvaIyZgByRDob UNaHGQewwK7Vidgb+LuCK57d/Je45OPysFQa4PiNfsIueG1cFCRn5jQ762qBsnnG nKmvEAMnZ+qmCO3/9rZ5wgDJfCrDkcS9oGB/go43D/lEfw/eLuk9aA/KNt8d4h+L Og6SkvzHRUmnUUuNNbF/fW+fj0ZHtTU5hCspJpSe9qR2jiX24P9IrA2rabo0w2kZ jbFnndly29RhlA== -----END CERTIFICATE-----Generated at Wed Dec 24 23:27:42 2025 by rpki-client