This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft File: OKN8JN3KNH1xPteU0zzUqBqLSYo.mft (raw, json) Hash identifier: oFLZGp+HVplVxaRf4WjZ6s7YWe3Kl55WTrPXsR6FUWI= Subject key identifier: 89:DC:A7:B8:76:24:74:F4:78:46:DE:AD:DF:09:F5:88:9D:9D:23:6D Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Certificate serial: 019B3B6B3CC1900036DAB1CABB88C315C467 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft Manifest number: 1733 Signing time: Sat 20 Dec 2025 11:00:42 +0000 Manifest this update: Sat 20 Dec 2025 11:00:42 +0000 Manifest next update: Sun 21 Dec 2025 11:00:42 +0000 Files and hashes: 1: KBxZJWrk1-bZEdk3S7yVEPMKVtM.roa (hash: BpbYbbHeyy+1nQHRcRldIZ4LwMax+kHyBfVOH0ykZeU=) 2: OKN8JN3KNH1xPteU0zzUqBqLSYo.crl (hash: C4hpKCrnH2Ji0bjReQLOz976ZYmrGYaCtP7Tfthl9+k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:3c:c1:90:00:36:da:b1:ca:bb:88:c3:15:c4:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a Validity Not Before: Dec 20 11:00:42 2025 GMT Not After : Dec 21 11:00:42 2025 GMT Subject: CN=89dca7b8762474f47846deaddf09f5889d9d236d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5e:88:fa:df:ae:ca:ff:07:7d:5a:d7:6d:c4: 28:44:d2:4a:01:f9:89:dd:37:59:68:2a:b3:5e:34: 15:aa:27:51:d7:b7:20:bd:9e:28:45:60:49:f2:80: c4:b9:da:fc:97:38:49:58:fb:ef:92:3e:7a:61:16: 5a:5e:68:4e:59:ed:28:89:ec:e6:b3:0e:ed:c9:f9: 0d:06:c9:bd:f5:7a:0c:86:22:b6:4c:94:12:2b:a3: d2:16:47:c6:e5:aa:31:e3:82:dc:2a:20:4f:5f:cb: 0b:15:0a:a1:91:a7:b4:ad:66:bb:dd:dd:1b:69:26: ad:88:a2:6f:0a:7a:b1:ef:d5:92:36:88:ee:3f:52: b7:15:fa:04:86:c8:ba:23:d0:2e:76:af:b1:88:32: f6:e1:07:73:80:07:b9:fc:c9:5f:0d:e8:0e:25:2e: 40:a1:4c:ac:15:01:d1:d4:80:6b:b7:54:e9:17:75: 5d:d0:27:56:73:6b:eb:e5:b1:b6:4f:95:a8:29:55: 57:b7:73:c9:dd:54:31:71:b1:dc:db:cc:3b:41:2d: 50:25:d2:5f:3a:ae:08:e2:b6:73:1b:84:aa:b5:4e: 33:a2:cc:f1:c8:ce:f4:3e:4e:3b:ae:52:55:b2:7a: 55:4b:7e:bf:e9:35:73:3e:b2:86:f5:95:fd:33:86: e2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:DC:A7:B8:76:24:74:F4:78:46:DE:AD:DF:09:F5:88:9D:9D:23:6D X509v3 Authority Key Identifier: keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:8d:9d:0d:57:d5:6d:10:f5:40:4d:50:51:38:00:55:a0:19: 90:75:d8:65:5c:26:2c:6c:e3:f0:12:86:98:43:9b:86:3a:6f: b1:48:48:10:a2:c4:af:f9:6d:c8:9e:21:96:57:0d:cc:a4:a6: b8:b2:15:e2:1a:f4:2c:44:ce:02:4c:c1:c4:44:f3:18:cb:e8: 05:50:35:8e:8c:bf:6c:d7:75:d6:0d:dc:d3:84:1e:2f:85:b7: 19:d4:d0:05:a7:3e:0f:51:bd:87:df:1e:67:a3:ca:6b:ff:51: 65:25:d0:6c:e9:ff:39:dc:b6:9a:a5:93:c9:5e:76:4b:5e:30: 63:ab:2b:27:f0:5d:d4:54:5e:7c:e6:23:1b:20:bf:b2:3c:72: 1c:8f:d0:eb:30:ff:e5:19:6a:6b:bb:24:3e:1c:86:51:3f:ec: f9:f0:f2:22:de:af:41:0c:86:08:e6:d2:a5:a9:33:23:8a:28: 5b:10:f3:36:88:36:57:da:3a:27:09:1a:dd:bb:6c:30:46:5b: f0:ba:26:45:7d:15:12:0d:82:f3:dd:ef:f2:fe:b4:e0:9f:24: d9:b3:82:14:86:b0:3f:4e:01:29:ab:a0:c7:23:3f:f4:f5:68: 8f:ce:87:a0:3a:5b:70:88:d8:1d:56:b1:8a:c6:4e:b6:da:95: 07:b9:28:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7azzBkAA22rHKu4jDFcRnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4 YjQ5OGEwHhcNMjUxMjIwMTEwMDQyWhcNMjUxMjIxMTEwMDQyWjAzMTEwLwYDVQQD Eyg4OWRjYTdiODc2MjQ3NGY0Nzg0NmRlYWRkZjA5ZjU4ODlkOWQyMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV6I+t+uyv8HfVrXbcQoRNJKAfmJ 3TdZaCqzXjQVqidR17cgvZ4oRWBJ8oDEudr8lzhJWPvvkj56YRZaXmhOWe0oiezm sw7tyfkNBsm99XoMhiK2TJQSK6PSFkfG5aox44LcKiBPX8sLFQqhkae0rWa73d0b aSatiKJvCnqx79WSNojuP1K3FfoEhsi6I9Audq+xiDL24QdzgAe5/MlfDegOJS5A oUysFQHR1IBrt1TpF3Vd0CdWc2vr5bG2T5WoKVVXt3PJ3VQxcbHc28w7QS1QJdJf Oq4I4rZzG4SqtU4zoszxyM70Pk47rlJVsnpVS36/6TVzPrKG9ZX9M4biLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIncp7h2JHT0eEberd8J9YidnSNtMB8GA1UdIwQY MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt NDRhNDlkMjYzNzAwLzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiY2dDVfV bRD1QE1QUTgAVaAZkHXYZVwmLGzj8BKGmEObhjpvsUhIEKLEr/ltyJ4hllcNzKSm uLIV4hr0LETOAkzBxETzGMvoBVA1joy/bNd11g3c04QeL4W3GdTQBac+D1G9h98e Z6PKa/9RZSXQbOn/Ody2mqWTyV52S14wY6srJ/Bd1FRefOYjGyC/sjxyHI/Q6zD/ 5Rlqa7skPhyGUT/s+fDyIt6vQQyGCObSpakzI4ooWxDzNog2V9o6Jwka3btsMEZb 8LomRX0VEg2C893v8v604J8k2bOCFIawP04BKaugxyM/9PVoj86HoDpbcIjYHVax isZOttqVB7ko+Q== -----END CERTIFICATE-----Generated at Sat Dec 20 19:30:00 2025 by rpki-client