This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json) Hash identifier: fTIsmWnDIThxZ0mRDUgs2XE+mVBPznARUlxg1Qk81xY= Subject key identifier: 91:3C:BE:97:BE:BB:E5:54:A5:F9:39:8D:FC:E4:1A:38:BD:F1:29:2A Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Certificate serial: 019B53ABDA297477CB9E7D3FE46B0A2A48D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft Manifest number: 024A Signing time: Thu 25 Dec 2025 04:02:09 +0000 Manifest this update: Thu 25 Dec 2025 04:02:09 +0000 Manifest next update: Fri 26 Dec 2025 04:02:09 +0000 Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=) 2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: Pg4dVEIn7d25MHQKFhYCQt93q8kbIbfv4G1gLMITpQg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:da:29:74:77:cb:9e:7d:3f:e4:6b:0a:2a:48:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Validity Not Before: Dec 25 04:02:09 2025 GMT Not After : Dec 26 04:02:09 2025 GMT Subject: CN=913cbe97bebbe554a5f9398dfce41a38bdf1292a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:4d:af:07:da:85:e1:21:cd:58:0c:bc:a1:ae: 5a:a8:4d:46:be:93:25:74:61:dd:59:74:32:92:7e: b6:6c:07:d5:fc:13:6f:7d:55:56:1e:26:46:f1:df: e3:ff:82:8e:eb:46:aa:ba:97:96:68:01:80:69:db: 99:18:61:db:03:4b:28:99:1a:6b:dc:4d:92:02:3d: 1b:fe:5b:e7:3e:bb:c8:1a:60:9e:be:05:d8:54:d3: 27:fe:50:4a:98:2e:ed:97:e0:fc:4f:8f:b3:6c:d4: 29:4c:16:37:30:79:f9:be:b1:7c:63:c5:f2:3c:2b: 93:29:b4:df:a6:74:0a:bc:72:64:61:ec:09:1e:2e: 81:5c:64:49:1e:d5:79:4b:ff:54:f2:6f:1a:09:8b: 25:6e:c9:64:74:d9:16:f4:73:76:54:c0:00:4d:02: d1:3c:fb:c0:5a:c2:4a:58:da:e6:43:77:a9:56:04: 46:4d:a9:c4:cc:d3:b4:20:89:3d:c4:4e:3c:cf:dd: f7:45:1d:0d:18:0a:07:11:12:42:ff:47:25:55:04: e4:4f:d6:e4:d1:75:39:63:77:58:aa:7d:b2:29:60: b6:f2:bc:f5:62:82:e3:10:ad:83:72:1c:af:24:4a: b4:b1:84:4a:1b:85:b0:a9:77:06:89:b6:d0:e8:ff: c4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:3C:BE:97:BE:BB:E5:54:A5:F9:39:8D:FC:E4:1A:38:BD:F1:29:2A X509v3 Authority Key Identifier: keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:23:e7:1d:19:9d:9b:41:5e:3f:32:80:09:65:c5:4a:90:02: db:35:47:07:b2:f1:51:8f:f9:2c:c0:94:12:cc:1c:b3:8e:c2: 51:00:19:c8:f3:ed:39:38:d6:cb:21:df:e8:9d:91:fe:2a:bb: 21:c1:1d:3b:85:13:4c:47:e7:cf:62:25:49:d6:59:a7:e4:8e: ec:65:20:21:03:59:25:b7:77:d2:36:c4:86:cb:62:e5:a9:46: e2:83:e9:13:7d:9c:15:4d:d6:3e:b4:63:cd:61:9b:c0:d0:b4: 27:ea:4b:65:8d:cd:44:2c:6d:de:85:c4:61:1a:3d:5f:81:b2: e0:a6:db:44:c5:be:d9:a3:9d:5a:95:d9:9d:e5:05:88:27:2e: 48:21:7a:00:93:04:fb:fc:ab:08:18:34:56:ab:c0:e3:74:7d: 12:7d:95:37:bd:e5:da:d1:78:c1:92:3e:61:7b:e3:05:97:14: 66:6e:e5:be:18:5e:9f:cb:bb:62:ad:cc:28:7f:59:9e:9e:37: df:71:21:b8:fa:df:6d:70:9d:30:27:f4:91:ce:29:87:aa:f3: 2b:ef:35:dc:49:f7:63:6e:56:d6:b4:45:13:b5:35:d7:4a:8f: ea:41:43:7c:64:f6:c0:6f:6a:e3:0c:f8:b5:66:03:82:b0:d7: f9:dc:4b:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq9opdHfLnn0/5GsKKkjQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl OGZkMmIwHhcNMjUxMjI1MDQwMjA5WhcNMjUxMjI2MDQwMjA5WjAzMTEwLwYDVQQD Eyg5MTNjYmU5N2JlYmJlNTU0YTVmOTM5OGRmY2U0MWEzOGJkZjEyOTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU2vB9qF4SHNWAy8oa5aqE1GvpMl dGHdWXQykn62bAfV/BNvfVVWHiZG8d/j/4KO60aqupeWaAGAaduZGGHbA0somRpr 3E2SAj0b/lvnPrvIGmCevgXYVNMn/lBKmC7tl+D8T4+zbNQpTBY3MHn5vrF8Y8Xy PCuTKbTfpnQKvHJkYewJHi6BXGRJHtV5S/9U8m8aCYslbslkdNkW9HN2VMAATQLR PPvAWsJKWNrmQ3epVgRGTanEzNO0IIk9xE48z933RR0NGAoHERJC/0clVQTkT9bk 0XU5Y3dYqn2yKWC28rz1YoLjEK2DchyvJEq0sYRKG4WwqXcGibbQ6P/EIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJE8vpe+u+VUpfk5jfzkGji98SkqMB8GA1UdIwQY MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGCPnHRmd m0FePzKACWXFSpAC2zVHB7LxUY/5LMCUEswcs47CUQAZyPPtOTjWyyHf6J2R/iq7 IcEdO4UTTEfnz2IlSdZZp+SO7GUgIQNZJbd30jbEhsti5alG4oPpE32cFU3WPrRj zWGbwNC0J+pLZY3NRCxt3oXEYRo9X4Gy4KbbRMW+2aOdWpXZneUFiCcuSCF6AJME +/yrCBg0VqvA43R9En2VN73l2tF4wZI+YXvjBZcUZm7lvhhen8u7Yq3MKH9Znp43 33EhuPrfbXCdMCf0kc4ph6rzK+813En3Y25W1rRFE7U110qP6kFDfGT2wG9q4wz4 tWYDgrDX+dxLgQ== -----END CERTIFICATE-----Generated at Thu Dec 25 07:16:31 2025 by rpki-client