This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft File: oNxs0zNOAmkDIjc8O1BuQYT67H8.mft (raw, json) Hash identifier: rjWa8yQzGoI35g+1nJN8pbmINGTxTAnGA/MBNCuR68k= Subject key identifier: 5F:B9:D7:FF:89:AA:92:4B:2B:55:29:C3:52:9E:2B:C2:1E:30:EC:7E Authority key identifier: A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F Certificate issuer: /CN=a0dc6cd3334e02690322373c3b506e4184faec7f Certificate serial: 019B3B6B45D4289CE79D67573FDCE41EC9A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft Manifest number: 05B4 Signing time: Sat 20 Dec 2025 11:00:44 +0000 Manifest this update: Sat 20 Dec 2025 11:00:44 +0000 Manifest next update: Sun 21 Dec 2025 11:00:44 +0000 Files and hashes: 1: L2QPsEXXxjypDuteGOkuNir3lUA.roa (hash: mcJaTh3VxTTNDuoHtoju+OCGdo4jk9ztR2/hlQRPaNY=) 2: oNxs0zNOAmkDIjc8O1BuQYT67H8.crl (hash: zmgQeRSCtDBilqC22FtS+vZp12dRCA4sdTEVqXywdVw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:45:d4:28:9c:e7:9d:67:57:3f:dc:e4:1e:c9:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0dc6cd3334e02690322373c3b506e4184faec7f Validity Not Before: Dec 20 11:00:44 2025 GMT Not After : Dec 21 11:00:44 2025 GMT Subject: CN=5fb9d7ff89aa924b2b5529c3529e2bc21e30ec7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6f:9b:1a:86:d8:9a:09:75:b6:ea:18:1e:52: 53:61:bf:30:33:33:28:92:d7:16:84:c1:da:46:28: ca:c9:d2:0a:8d:82:de:96:4e:43:03:e4:5e:56:e7: 9c:ff:67:20:21:dc:70:e9:ff:bf:57:7b:af:39:5e: ab:0e:f4:45:6c:98:ef:ad:15:d5:58:1e:21:ca:e7: 84:46:be:24:25:48:ee:f8:8e:1a:be:5c:b8:30:4d: ed:91:e4:2a:43:5d:9b:86:5f:ff:db:34:c3:a7:18: ab:9d:e2:92:19:cf:65:e6:a8:31:1d:a9:6f:c1:02: 62:08:1a:f5:ab:e2:04:d2:49:9d:2f:dc:a4:88:9c: 5e:34:02:2c:db:64:a5:f5:b4:7f:ca:8f:8d:3f:94: 73:45:c0:a2:f5:13:fe:8d:d5:af:0b:a9:5e:b1:41: f6:f8:a3:99:dc:43:df:96:65:d8:eb:fb:c8:b0:f1: 1a:65:f8:c6:c7:8d:9f:be:cf:ab:f4:a4:a2:ff:b4: 49:55:62:fe:15:33:27:44:41:77:9a:cb:f2:21:17: fd:85:0d:50:e1:5a:cc:be:85:75:33:e7:5a:ef:eb: 8f:05:ac:64:a2:f0:2f:ad:6e:21:fc:95:31:9b:c7: 98:07:2e:7d:4a:20:fc:1e:91:74:17:35:84:dd:1d: 30:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:B9:D7:FF:89:AA:92:4B:2B:55:29:C3:52:9E:2B:C2:1E:30:EC:7E X509v3 Authority Key Identifier: keyid:A0:DC:6C:D3:33:4E:02:69:03:22:37:3C:3B:50:6E:41:84:FA:EC:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNxs0zNOAmkDIjc8O1BuQYT67H8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c01f90-d0fa-4976-b1c0-d1ff75a7a35c/1/oNxs0zNOAmkDIjc8O1BuQYT67H8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:21:e8:e2:e2:e2:3f:05:16:6e:2c:b2:00:a6:a1:1a:13:1e: e9:18:c7:49:49:c1:84:3d:84:88:45:26:c6:42:ed:b9:ea:6a: 47:5f:29:3d:09:9f:34:19:92:a8:d6:60:68:7d:6b:d3:99:3a: 85:73:c1:d8:45:53:f6:e1:f9:d8:12:c3:10:64:96:36:b8:a0: 8b:5b:d5:96:c5:b9:52:75:81:c1:89:a0:46:12:96:10:81:84: ca:17:39:bc:ae:e4:09:ac:6c:3b:24:cb:7e:2c:52:5e:41:74: 01:f3:b1:93:c0:13:c9:31:36:d2:18:12:89:13:3b:5d:4c:b7: 38:91:1e:9d:bd:40:14:04:a8:fd:12:92:e5:a1:8c:56:5e:a2: 88:41:f4:e1:a6:24:16:5c:13:32:ee:b9:ce:77:73:00:75:92: 83:52:60:10:44:8f:84:26:f2:84:9e:f0:81:97:fd:e1:c5:98: 65:60:12:4b:dd:87:89:7d:3e:36:e9:fa:c5:4a:d2:a4:d3:7a: db:dc:ad:8e:87:a6:e7:c7:0e:39:b4:50:fd:cb:fe:df:19:69: 1c:7b:c9:51:47:1a:fd:40:15:8c:12:7e:06:32:e5:3b:20:77: 21:73:3a:00:3d:c4:c2:25:6a:2e:98:de:50:24:b2:de:5a:e0: bf:82:8c:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a0XUKJznnWdXP9zkHsmhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZGM2Y2QzMzM0ZTAyNjkwMzIyMzczYzNiNTA2ZTQxODRm YWVjN2YwHhcNMjUxMjIwMTEwMDQ0WhcNMjUxMjIxMTEwMDQ0WjAzMTEwLwYDVQQD Eyg1ZmI5ZDdmZjg5YWE5MjRiMmI1NTI5YzM1MjllMmJjMjFlMzBlYzdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG+bGobYmgl1tuoYHlJTYb8wMzMo ktcWhMHaRijKydIKjYLelk5DA+ReVuec/2cgIdxw6f+/V3uvOV6rDvRFbJjvrRXV WB4hyueERr4kJUju+I4avly4ME3tkeQqQ12bhl//2zTDpxirneKSGc9l5qgxHalv wQJiCBr1q+IE0kmdL9ykiJxeNAIs22Sl9bR/yo+NP5RzRcCi9RP+jdWvC6lesUH2 +KOZ3EPflmXY6/vIsPEaZfjGx42fvs+r9KSi/7RJVWL+FTMnREF3msvyIRf9hQ1Q 4VrMvoV1M+da7+uPBaxkovAvrW4h/JUxm8eYBy59SiD8HpF0FzWE3R0wuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF+51/+JqpJLK1Upw1KeK8IeMOx+MB8GA1UdIwQY MBaAFKDcbNMzTgJpAyI3PDtQbkGE+ux/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAt ZDFmZjc1YTdhMzVjLzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9jMDFmOTAtZDBmYS00OTc2LWIxYzAtZDFmZjc1YTdhMzVj LzEvb054czB6Tk9BbWtESWpjOE8xQnVRWVQ2N0g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSHo4uLi PwUWbiyyAKahGhMe6RjHSUnBhD2EiEUmxkLtuepqR18pPQmfNBmSqNZgaH1r05k6 hXPB2EVT9uH52BLDEGSWNrigi1vVlsW5UnWBwYmgRhKWEIGEyhc5vK7kCaxsOyTL fixSXkF0AfOxk8ATyTE20hgSiRM7XUy3OJEenb1AFASo/RKS5aGMVl6iiEH04aYk FlwTMu65zndzAHWSg1JgEESPhCbyhJ7wgZf94cWYZWASS92HiX0+Nun6xUrSpNN6 29ytjoem58cOObRQ/cv+3xlpHHvJUUca/UAVjBJ+BjLlOyB3IXM6AD3EwiVqLpje UCSy3lrgv4KMhQ== -----END CERTIFICATE-----Generated at Sat Dec 20 17:48:54 2025 by rpki-client