This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft File: OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json) Hash identifier: ROWminNThAzdTBL361g2esxJbTECIhhbF2a9icXdGqw= Subject key identifier: E7:CA:29:6C:65:C5:B7:60:B0:A4:67:4B:1B:E7:15:65:B8:3A:02:D1 Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D Certificate issuer: /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d Certificate serial: 019B202AE71C4A3F823F6F5D684E119188B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft Manifest number: 1776 Signing time: Mon 15 Dec 2025 04:00:41 +0000 Manifest this update: Mon 15 Dec 2025 04:00:41 +0000 Manifest next update: Tue 16 Dec 2025 04:00:41 +0000 Files and hashes: 1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: z5/e95JCKoKE04bhf1XF3XCcMZgS138rFYltTSOQmbI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2a:e7:1c:4a:3f:82:3f:6f:5d:68:4e:11:91:88:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d Validity Not Before: Dec 15 04:00:41 2025 GMT Not After : Dec 16 04:00:41 2025 GMT Subject: CN=e7ca296c65c5b760b0a4674b1be71565b83a02d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c7:36:ec:67:23:24:b3:94:27:50:10:f1:32: c6:1a:83:0c:dd:80:a6:ea:0b:41:4a:61:b3:7b:be: 81:c8:0c:c6:60:8d:ba:f4:5e:b3:ad:dc:1b:d1:f3: b3:42:a3:98:eb:10:f9:56:b4:25:56:15:b4:f1:ee: a1:6e:34:c7:4f:07:af:ba:7e:52:a8:00:28:5a:60: d0:5d:b2:20:0c:86:4e:75:9e:32:8a:34:fd:2b:1b: 19:a5:23:1f:27:d9:0e:22:4f:30:99:8d:30:14:29: f3:c0:d2:ed:41:11:72:37:61:54:01:93:7b:e3:54: 08:9c:ed:a1:dd:eb:c2:90:7a:1d:7e:ae:3c:0d:9d: f7:62:f0:14:15:47:7b:e8:57:2f:1f:16:48:a6:04: 5a:0c:bf:ca:fc:cc:8c:91:d7:c8:8a:e1:36:0a:b5: b8:b6:23:47:43:16:fd:a1:8f:c5:a7:2b:7c:e6:ed: c6:ab:d4:b1:69:d3:d2:84:ef:e3:ef:c0:ec:2e:48: e6:1c:5f:bc:f8:90:7a:2f:c7:c5:b5:1f:49:ad:09: 80:42:82:d0:c3:f8:12:7b:ec:66:08:ba:48:49:31: 61:28:61:7f:a4:a0:07:37:4c:10:b3:1a:f2:ef:12: 76:cd:b1:5f:bc:85:cb:91:85:0d:d8:21:cd:4e:0c: 11:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:CA:29:6C:65:C5:B7:60:B0:A4:67:4B:1B:E7:15:65:B8:3A:02:D1 X509v3 Authority Key Identifier: keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:0f:e7:54:1e:b8:d0:42:4c:c5:2e:2d:fd:58:ff:04:9a:f0: 11:9d:7b:33:75:1c:eb:44:d9:f5:ad:63:0e:db:ca:44:34:98: db:70:e6:08:22:28:51:70:6c:e4:7f:f4:99:a1:6a:2c:9e:1d: e0:71:50:2f:83:39:81:e7:e6:34:34:a1:14:a8:6b:b3:80:d5: f1:c6:c2:7e:9e:ed:6c:70:a7:ea:9f:18:de:6b:14:05:9b:2c: 9a:dc:ad:14:16:1b:ae:ea:56:16:4d:60:f9:02:eb:99:f1:48: 40:58:d9:91:9a:1f:a7:c3:7f:43:db:0a:4e:64:91:21:d7:43: ac:e6:1b:93:ec:e5:d1:32:98:15:b8:7d:db:f9:b5:fc:f0:35: c7:75:3a:24:eb:f8:ec:3b:91:99:3a:c2:23:f0:bc:a9:e2:0e: 12:93:56:45:04:37:39:2c:98:ea:d0:0d:d4:2c:00:34:38:68: f3:0a:53:24:1d:fc:bb:78:d8:d8:bc:58:a9:0e:e0:b8:f1:c5: 1d:b7:95:ef:cd:60:fa:31:39:62:ee:12:23:c5:3e:51:0e:5c: a7:07:c1:5a:30:83:3f:23:f7:b5:06:3e:03:85:53:b3:26:2d: 2c:8a:3b:5a:18:43:b6:29:1e:58:8b:5c:a9:2a:e7:4f:38:68: 94:2d:29:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgKuccSj+CP29daE4RkYi3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4 OWJmOWQwHhcNMjUxMjE1MDQwMDQxWhcNMjUxMjE2MDQwMDQxWjAzMTEwLwYDVQQD EyhlN2NhMjk2YzY1YzViNzYwYjBhNDY3NGIxYmU3MTU2NWI4M2EwMmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsc27GcjJLOUJ1AQ8TLGGoMM3YCm 6gtBSmGze76ByAzGYI269F6zrdwb0fOzQqOY6xD5VrQlVhW08e6hbjTHTwevun5S qAAoWmDQXbIgDIZOdZ4yijT9KxsZpSMfJ9kOIk8wmY0wFCnzwNLtQRFyN2FUAZN7 41QInO2h3evCkHodfq48DZ33YvAUFUd76FcvHxZIpgRaDL/K/MyMkdfIiuE2CrW4 tiNHQxb9oY/Fpyt85u3Gq9SxadPShO/j78DsLkjmHF+8+JB6L8fFtR9JrQmAQoLQ w/gSe+xmCLpISTFhKGF/pKAHN0wQsxry7xJ2zbFfvIXLkYUN2CHNTgwRMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOfKKWxlxbdgsKRnSxvnFWW4OgLRMB8GA1UdIwQY MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQ/nVB64 0EJMxS4t/Vj/BJrwEZ17M3Uc60TZ9a1jDtvKRDSY23DmCCIoUXBs5H/0maFqLJ4d 4HFQL4M5gefmNDShFKhrs4DV8cbCfp7tbHCn6p8Y3msUBZssmtytFBYbrupWFk1g +QLrmfFIQFjZkZofp8N/Q9sKTmSRIddDrOYbk+zl0TKYFbh92/m1/PA1x3U6JOv4 7DuRmTrCI/C8qeIOEpNWRQQ3OSyY6tAN1CwANDho8wpTJB38u3jY2LxYqQ7guPHF HbeV781g+jE5Yu4SI8U+UQ5cpwfBWjCDPyP3tQY+A4VTsyYtLIo7WhhDtikeWItc qSrnTzholC0pkA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:13:12 2025 by rpki-client