This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft File: oCN2bGLetRKXFVcI7MtCHIsEeAo.mft (raw, json) Hash identifier: ffdojq4BEnhtUc4ebgIQk1IPlh+xhtpM3CCGnQPwM28= Subject key identifier: 94:54:A0:42:D8:F8:C9:A8:A9:59:7F:26:C3:04:8C:F4:8D:DE:8F:70 Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a Certificate serial: 019B3EA34E9BF6B0D84D4354A3D46F8D09FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft Manifest number: 14DB Signing time: Sun 21 Dec 2025 02:00:48 +0000 Manifest this update: Sun 21 Dec 2025 02:00:48 +0000 Manifest next update: Mon 22 Dec 2025 02:00:48 +0000 Files and hashes: 1: I773Hp7jzXxFqxtd4A53rVhKUfg.roa (hash: e0xae4ugiNrb+FPmOR6kAe0RGY+82Cc1UMOVTkb0ZXw=) 2: oCN2bGLetRKXFVcI7MtCHIsEeAo.crl (hash: z1tyi+gMDMcJPNrwgtGVLIY2FFsRDhdB7TjTZ38QP/Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:4e:9b:f6:b0:d8:4d:43:54:a3:d4:6f:8d:09:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a023766c62deb51297155708eccb421c8b04780a Validity Not Before: Dec 21 02:00:48 2025 GMT Not After : Dec 22 02:00:48 2025 GMT Subject: CN=9454a042d8f8c9a8a9597f26c3048cf48dde8f70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:bf:b5:d9:46:60:9f:c0:fe:bf:dc:c0:9f:98: 3d:08:a1:1b:6e:ce:b1:ad:b9:0c:85:c0:50:75:de: f2:7d:72:d8:ec:62:0a:06:99:61:11:de:d0:12:a7: df:3e:25:c7:44:2a:b3:aa:c4:b0:e6:b0:f2:22:35: 3e:1a:89:bb:8e:a2:c8:9b:10:43:3d:68:99:92:36: 1a:01:5d:54:2d:b8:1a:21:00:2d:c7:ea:27:13:e5: 4c:31:d8:0b:54:95:4a:ee:aa:de:48:3f:4a:e1:9f: f1:ec:52:44:d4:3a:d8:38:43:af:e4:7d:3d:db:a8: 1f:48:ea:10:d0:ca:c9:c2:bb:2e:3a:c1:e3:8a:4c: f9:a6:55:2d:94:b1:f5:02:8b:2a:6a:65:50:4a:1a: 27:25:53:0f:3c:1a:41:ca:29:04:98:75:f3:89:e9: bd:53:da:04:8e:0b:69:d3:5b:c7:16:8b:ff:70:86: c8:92:86:4e:8e:5c:50:52:52:2b:fe:f1:5d:9a:4a: 4d:82:fb:70:33:f0:6d:2f:ca:f7:b8:de:70:74:61: ff:2b:c9:fc:ca:17:b8:4e:2c:9a:53:95:b1:98:c8: 68:8e:7a:64:4d:a9:34:04:78:e7:dc:97:6b:1f:49: f2:c4:43:73:06:90:57:3a:48:45:48:67:df:18:a6: ca:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:54:A0:42:D8:F8:C9:A8:A9:59:7F:26:C3:04:8C:F4:8D:DE:8F:70 X509v3 Authority Key Identifier: keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:53:3e:71:f9:c4:e7:f5:65:87:f6:e0:d6:66:a7:a9:79:7c: 39:44:9e:65:fe:be:30:62:2c:bd:be:4e:a1:5e:5d:80:71:89: 28:77:dd:12:42:d4:57:51:9c:ed:2d:90:18:78:30:55:27:2c: c3:53:f6:72:4d:25:6f:3e:80:62:a7:ae:39:46:7a:c8:5c:f8: fe:a5:30:c9:e0:33:3c:0b:13:92:e7:5c:2b:47:5b:94:84:31: ed:79:f4:2f:41:dc:0e:e2:66:48:f5:a1:10:bc:9e:bf:a1:33: ea:82:3b:0e:68:d4:ec:8c:93:76:1a:fc:e6:07:d5:95:5b:9c: a3:e2:b8:79:cf:a8:c0:27:9a:e6:9c:a6:b0:88:2d:a2:f2:85: d6:32:6a:18:88:55:fc:8a:cd:11:79:82:f2:54:e2:48:65:c8: b8:18:7b:b9:5a:b0:fe:66:92:a0:cd:e9:6a:f8:29:27:38:0b: ce:fb:ae:c5:97:fe:20:4c:41:30:c4:eb:9c:06:ae:86:3d:b2: 64:a4:ca:48:88:a4:4c:23:12:e9:96:34:20:07:c5:4f:5c:10: 37:09:f7:13:a5:69:f2:83:f5:be:73:be:7a:c3:59:7e:b8:a8: 4f:74:67:11:93:12:e6:41:6f:56:0a:76:68:cf:3a:ad:02:e0: 3e:45:08:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+o06b9rDYTUNUo9RvjQn6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw NDc4MGEwHhcNMjUxMjIxMDIwMDQ4WhcNMjUxMjIyMDIwMDQ4WjAzMTEwLwYDVQQD Eyg5NDU0YTA0MmQ4ZjhjOWE4YTk1OTdmMjZjMzA0OGNmNDhkZGU4ZjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L+12UZgn8D+v9zAn5g9CKEbbs6x rbkMhcBQdd7yfXLY7GIKBplhEd7QEqffPiXHRCqzqsSw5rDyIjU+Gom7jqLImxBD PWiZkjYaAV1ULbgaIQAtx+onE+VMMdgLVJVK7qreSD9K4Z/x7FJE1DrYOEOv5H09 26gfSOoQ0MrJwrsuOsHjikz5plUtlLH1AosqamVQShonJVMPPBpByikEmHXziem9 U9oEjgtp01vHFov/cIbIkoZOjlxQUlIr/vFdmkpNgvtwM/BtL8r3uN5wdGH/K8n8 yhe4TiyaU5WxmMhojnpkTak0BHjn3JdrH0nyxENzBpBXOkhFSGffGKbK3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJRUoELY+MmoqVl/JsMEjPSN3o9wMB8GA1UdIwQY MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt YTNhMTAwZWY4NmRlLzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAklM+cfnE 5/Vlh/bg1manqXl8OUSeZf6+MGIsvb5OoV5dgHGJKHfdEkLUV1Gc7S2QGHgwVScs w1P2ck0lbz6AYqeuOUZ6yFz4/qUwyeAzPAsTkudcK0dblIQx7Xn0L0HcDuJmSPWh ELyev6Ez6oI7DmjU7IyTdhr85gfVlVuco+K4ec+owCea5pymsIgtovKF1jJqGIhV /IrNEXmC8lTiSGXIuBh7uVqw/maSoM3pavgpJzgLzvuuxZf+IExBMMTrnAauhj2y ZKTKSIikTCMS6ZY0IAfFT1wQNwn3E6Vp8oP1vnO+esNZfrioT3RnEZMS5kFvVgp2 aM86rQLgPkUImw== -----END CERTIFICATE-----Generated at Sun Dec 21 09:00:31 2025 by rpki-client