This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft File: o2n7GRvuUc3HQUppYxl_hrvzE6s.mft (raw, json) Hash identifier: iYnY2GMXChiubEKf8rkIqFc3bwT/RAaKJ9w+iG6QvAI= Subject key identifier: 5C:C5:65:40:92:CD:F5:79:ED:E6:28:E2:66:8F:FC:10:08:EB:FF:F2 Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab Certificate serial: 019B6BE9E60977B02884DFEA818EBA99D067 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft Manifest number: 1201 Signing time: Mon 29 Dec 2025 21:00:49 +0000 Manifest this update: Mon 29 Dec 2025 21:00:49 +0000 Manifest next update: Tue 30 Dec 2025 21:00:49 +0000 Files and hashes: 1: DfIfeCsjxuTLGxOswS1IRTtCtFo.roa (hash: BfLaITLvBopGuXyhXf+VexAjyd8LBGCkT8+9wJK+KLI=) 2: o2n7GRvuUc3HQUppYxl_hrvzE6s.crl (hash: gIxP7OZaRSXR75fMxHrqIS4V5GCQ7+3bcXrCdFkbFeM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 21:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:e9:e6:09:77:b0:28:84:df:ea:81:8e:ba:99:d0:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab Validity Not Before: Dec 29 21:00:49 2025 GMT Not After : Dec 30 21:00:49 2025 GMT Subject: CN=5cc5654092cdf579ede628e2668ffc1008ebfff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:28:ab:d4:6f:5d:93:4f:b9:61:58:2f:32:77: a0:ce:08:b9:51:0e:69:0f:28:93:b0:d4:19:ff:bd: 9b:03:87:ae:22:ca:04:61:fd:ad:1d:d9:d8:cc:45: 15:9e:29:cc:cc:a7:a3:ae:5e:0c:92:d3:99:81:e4: a9:16:c1:82:9a:d0:0d:4b:9d:8f:87:55:f8:4e:22: 4e:c2:a8:c8:26:7c:f8:1d:c0:f1:f0:3c:42:ce:48: 31:bc:83:20:a7:d3:f1:f8:3c:76:46:3f:68:cb:7b: b1:0f:d9:75:e4:46:8c:1e:47:6d:d4:6f:f0:e3:29: bd:91:7b:b3:12:cc:c1:2b:e7:ec:13:10:20:ff:17: 8b:14:62:04:a2:02:3b:7d:ff:bb:80:b6:ef:f4:51: f1:95:3d:6e:31:0f:6c:50:b3:0a:b6:b4:26:fc:f5: 55:95:6f:d4:d5:08:04:f9:59:df:21:16:0d:57:89: 44:9a:30:13:be:be:af:52:2e:88:73:0b:39:dc:61: cc:49:59:64:35:f5:77:14:b4:f2:44:c1:5a:c8:f2: 7b:54:ce:80:49:22:3e:98:ba:c3:d3:f8:86:0e:e3: 4d:f0:d6:c2:e0:1a:30:05:c5:a7:c4:0f:d8:80:4a: 2f:58:94:00:62:53:d2:c9:29:2b:7a:94:94:8d:38: b3:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C5:65:40:92:CD:F5:79:ED:E6:28:E2:66:8F:FC:10:08:EB:FF:F2 X509v3 Authority Key Identifier: keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:67:c0:b3:cd:77:d9:3e:62:7d:78:a1:a3:d6:66:6f:59:5a: 5a:c2:35:22:ed:31:47:d1:b8:29:db:ee:ee:98:1d:29:6b:9a: ef:a0:04:70:7f:22:f9:f5:1e:87:bf:3b:4c:f8:36:49:f3:ef: aa:cf:f5:da:bf:40:48:79:8b:ba:94:44:3c:18:32:2c:d2:06: f4:74:77:12:b4:b5:7e:d7:2f:8c:5a:03:25:3a:20:a4:50:2b: 18:7a:5e:f0:8e:da:d4:d3:b4:8d:92:5d:e5:6f:f1:0a:a0:71: 53:34:31:6b:cd:23:b0:e4:a4:0c:b1:e5:e4:3d:75:80:4c:7e: bf:79:64:f4:6a:bf:71:22:a2:e3:c3:0c:44:b1:46:28:7e:f1: 53:49:55:df:e4:3b:35:5b:45:44:23:7f:f6:28:06:70:bb:fe: 98:80:c6:86:9e:fd:40:a3:2a:9f:22:8d:ba:06:4c:bb:49:88: 4b:81:11:ba:64:8f:eb:a7:ab:ba:6d:e9:12:38:a3:bf:1d:38: 5a:fc:4f:da:2e:ac:f5:ab:3f:e3:cb:87:ff:37:8a:41:bc:2c: 8e:22:a4:6a:24:96:6b:d0:e2:7b:09:c1:b6:c6:0b:4b:a4:ea: c1:58:52:bc:ca:97:dd:02:5f:13:1e:e0:cf:08:01:0a:b9:ef: 4f:55:49:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtr6eYJd7AohN/qgY66mdBnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm MzEzYWIwHhcNMjUxMjI5MjEwMDQ5WhcNMjUxMjMwMjEwMDQ5WjAzMTEwLwYDVQQD Eyg1Y2M1NjU0MDkyY2RmNTc5ZWRlNjI4ZTI2NjhmZmMxMDA4ZWJmZmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSir1G9dk0+5YVgvMnegzgi5UQ5p DyiTsNQZ/72bA4euIsoEYf2tHdnYzEUVninMzKejrl4MktOZgeSpFsGCmtANS52P h1X4TiJOwqjIJnz4HcDx8DxCzkgxvIMgp9Px+Dx2Rj9oy3uxD9l15EaMHkdt1G/w 4ym9kXuzEszBK+fsExAg/xeLFGIEogI7ff+7gLbv9FHxlT1uMQ9sULMKtrQm/PVV lW/U1QgE+VnfIRYNV4lEmjATvr6vUi6Icws53GHMSVlkNfV3FLTyRMFayPJ7VM6A SSI+mLrD0/iGDuNN8NbC4BowBcWnxA/YgEovWJQAYlPSySkrepSUjTizZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFzFZUCSzfV57eYo4maP/BAI6//yMB8GA1UdIwQY MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt ZTE4MDUyZjM4MWJiLzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWfAs813 2T5ifXiho9Zmb1laWsI1Iu0xR9G4Kdvu7pgdKWua76AEcH8i+fUeh787TPg2SfPv qs/12r9ASHmLupREPBgyLNIG9HR3ErS1ftcvjFoDJTogpFArGHpe8I7a1NO0jZJd 5W/xCqBxUzQxa80jsOSkDLHl5D11gEx+v3lk9Gq/cSKi48MMRLFGKH7xU0lV3+Q7 NVtFRCN/9igGcLv+mIDGhp79QKMqnyKNugZMu0mIS4ERumSP66erum3pEjijvx04 WvxP2i6s9as/48uH/zeKQbwsjiKkaiSWa9DiewnBtsYLS6TqwVhSvMqX3QJfEx7g zwgBCrnvT1VJkw== -----END CERTIFICATE-----Generated at Tue Dec 30 06:18:00 2025 by rpki-client