This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json) Hash identifier: ziz7mBFmVMIptHeNnRj0U1AWMZzxgijVWkWMyFU0HiQ= Subject key identifier: 34:AA:15:BB:AF:54:A0:56:DC:BF:13:F4:37:DC:82:52:8E:1D:7E:A6 Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb Certificate serial: 019B3A9080E833B37B389973D4D0CBB1F75E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft Manifest number: 1222 Signing time: Sat 20 Dec 2025 07:01:47 +0000 Manifest this update: Sat 20 Dec 2025 07:01:47 +0000 Manifest next update: Sun 21 Dec 2025 07:01:47 +0000 Files and hashes: 1: WsJxTcqQMdNcfxDwYxL96RxQkLE.roa (hash: AzUS2a/hUE19ESDc/skGDA/ldB6bGDxX9L5RO7/taEk=) 2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: liZE8KEpDaS4KXCwCIUuhp/bTtijG96GQbMiYgn1GU8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:80:e8:33:b3:7b:38:99:73:d4:d0:cb:b1:f7:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb Validity Not Before: Dec 20 07:01:47 2025 GMT Not After : Dec 21 07:01:47 2025 GMT Subject: CN=34aa15bbaf54a056dcbf13f437dc82528e1d7ea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:9c:6f:af:ca:51:be:53:93:c8:9e:d5:6b:51: d0:db:ef:56:5f:c4:55:38:67:a0:60:61:6c:bb:26: 4f:29:3a:c5:39:0a:4e:65:87:d5:c6:5e:fd:a4:38: fd:89:73:00:20:12:8d:56:02:09:1d:9b:84:3e:d2: e6:0a:87:ba:b9:69:eb:41:da:c5:b7:15:08:c8:d4: a5:72:f5:63:11:f1:1f:01:35:7c:3a:c9:90:5c:69: e4:9b:e2:ae:ef:b9:8e:52:58:51:36:b2:ae:bd:5f: 8c:63:61:c1:21:9c:d0:b4:b7:6a:b1:6c:5a:06:e9: 45:b8:37:2f:04:32:82:65:1f:90:03:27:9c:36:50: ed:22:1f:82:d2:86:c6:31:5b:36:f9:68:e2:00:36: 25:46:98:22:4f:16:c6:17:6e:4e:89:da:f8:5a:70: b7:40:a2:68:97:73:66:3c:a1:a3:cb:d3:bd:e1:4a: de:fd:58:28:79:eb:75:01:85:49:94:c4:f4:1d:44: c2:fe:fd:34:d0:60:62:73:b9:22:f0:89:c4:4a:c7: a5:85:18:fb:32:83:52:09:39:8e:83:b7:b2:64:92: 5a:08:9a:60:b2:08:7e:77:22:a8:ee:5d:28:16:80: 0a:c0:91:bf:a2:b5:69:8b:f1:e0:61:c4:77:93:72: 28:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:AA:15:BB:AF:54:A0:56:DC:BF:13:F4:37:DC:82:52:8E:1D:7E:A6 X509v3 Authority Key Identifier: keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:79:35:09:2d:95:95:f8:5a:fd:9b:25:7c:62:9a:5c:4a:54: 86:33:e8:27:ea:dd:64:b2:ba:53:d8:d6:8d:11:d5:ff:d4:d4: 10:13:56:55:42:3f:c2:5b:2a:99:7d:f8:50:f0:95:95:25:7a: 4a:10:0b:5b:52:2c:db:a1:84:bc:c1:2b:cd:a2:af:62:c9:70: e1:01:7a:a1:2a:e6:c7:86:f7:14:cc:41:29:3a:a3:cd:77:79: 07:64:25:1c:2d:c2:8e:ce:d4:42:90:dd:db:fd:1b:06:bc:ee: 02:fc:07:39:47:7d:74:75:0d:d2:6e:96:fb:b3:8c:6b:bf:f5: 54:b1:c2:30:bd:98:19:be:75:70:18:f2:cc:1d:5a:63:a1:64: fd:2a:76:24:fa:c1:e0:dc:33:9a:89:49:fe:ca:82:08:f2:8c: 35:0c:4d:02:7b:54:4f:85:5d:46:dc:f0:38:8f:0d:f8:82:db: 14:bc:15:8c:a7:87:be:43:ae:fe:69:9d:af:f1:55:06:75:b5: 08:c7:75:2a:77:6a:71:91:b2:ee:ed:03:2e:ff:da:99:22:c1: 73:a4:fe:79:20:d6:85:40:57:d9:96:dc:86:0d:b5:cd:6b:89: 28:8a:f1:03:8b:93:bb:7e:29:16:6d:5b:95:8b:dc:1c:ba:7a: 15:82:49:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kIDoM7N7OJlz1NDLsfdeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz NTI5Y2IwHhcNMjUxMjIwMDcwMTQ3WhcNMjUxMjIxMDcwMTQ3WjAzMTEwLwYDVQQD EygzNGFhMTViYmFmNTRhMDU2ZGNiZjEzZjQzN2RjODI1MjhlMWQ3ZWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpxvr8pRvlOTyJ7Va1HQ2+9WX8RV OGegYGFsuyZPKTrFOQpOZYfVxl79pDj9iXMAIBKNVgIJHZuEPtLmCoe6uWnrQdrF txUIyNSlcvVjEfEfATV8OsmQXGnkm+Ku77mOUlhRNrKuvV+MY2HBIZzQtLdqsWxa BulFuDcvBDKCZR+QAyecNlDtIh+C0obGMVs2+WjiADYlRpgiTxbGF25Oidr4WnC3 QKJol3NmPKGjy9O94Ure/Vgoeet1AYVJlMT0HUTC/v000GBic7ki8InESselhRj7 MoNSCTmOg7eyZJJaCJpgsgh+dyKo7l0oFoAKwJG/orVpi/HgYcR3k3IotQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDSqFbuvVKBW3L8T9DfcglKOHX6mMB8GA1UdIwQY MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5 LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPHk1CS2V lfha/ZslfGKaXEpUhjPoJ+rdZLK6U9jWjRHV/9TUEBNWVUI/wlsqmX34UPCVlSV6 ShALW1Is26GEvMErzaKvYslw4QF6oSrmx4b3FMxBKTqjzXd5B2QlHC3Cjs7UQpDd 2/0bBrzuAvwHOUd9dHUN0m6W+7OMa7/1VLHCML2YGb51cBjyzB1aY6Fk/Sp2JPrB 4NwzmolJ/sqCCPKMNQxNAntUT4VdRtzwOI8N+ILbFLwVjKeHvkOu/mmdr/FVBnW1 CMd1KndqcZGy7u0DLv/amSLBc6T+eSDWhUBX2Zbchg21zWuJKIrxA4uTu34pFm1b lYvcHLp6FYJJxQ== -----END CERTIFICATE-----Generated at Sat Dec 20 16:16:10 2025 by rpki-client