This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json) Hash identifier: Ix43aEcEnqS9oEd4nZsytERQcMSvKKcnDFs7izB472I= Subject key identifier: 66:DC:5E:49:55:B3:FB:97:16:8F:0C:18:17:4C:4B:8D:2A:F4:65:3E Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Certificate serial: 019B326874ED1B4FF5EFE95C419DBDE115C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft Manifest number: 08C9 Signing time: Thu 18 Dec 2025 17:01:05 +0000 Manifest this update: Thu 18 Dec 2025 17:01:05 +0000 Manifest next update: Fri 19 Dec 2025 17:01:05 +0000 Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=) 2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: S2EIqc3G8U/RAM5jT7sOV5xKoULVkDzTDCvBs3D0hzI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:74:ed:1b:4f:f5:ef:e9:5c:41:9d:bd:e1:15:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Validity Not Before: Dec 18 17:01:05 2025 GMT Not After : Dec 19 17:01:05 2025 GMT Subject: CN=66dc5e4955b3fb97168f0c18174c4b8d2af4653e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3c:56:f9:b4:bd:77:62:cd:e0:85:bd:1b:4f: 84:67:19:2a:25:c4:7a:2d:f3:3c:48:61:49:cd:4e: 17:57:95:a9:bd:83:c5:7d:d4:12:b1:8d:df:35:c8: 94:2b:33:c6:99:72:13:3e:b8:eb:3f:c8:72:5a:bd: c4:39:d7:c1:a6:57:ad:77:60:3a:4a:a9:3b:bf:20: 17:e4:8f:6f:ff:83:83:bc:a5:52:17:7c:a2:99:9d: a3:e3:c8:38:f1:b3:be:ea:6a:88:dd:fe:01:fb:18: 3c:90:2a:8b:bd:7c:48:6c:59:06:2a:9a:17:92:a4: f5:87:87:6d:b8:02:6e:ed:84:82:07:e7:70:c1:58: 99:83:65:e7:05:02:96:c5:5d:ec:47:8f:f1:e3:e0: 0d:d7:84:9f:38:3e:5b:9c:4d:94:c4:df:92:f3:02: 74:a6:0c:42:c8:dc:dd:9e:4e:b8:5f:4a:5a:c9:d9: 8f:4b:c8:49:66:64:e5:9e:42:23:cd:60:a9:58:17: 58:6a:80:0d:e7:80:9b:f1:09:0e:0c:a8:f7:35:25: 4a:24:e9:13:b7:44:94:a1:3b:ee:bc:e6:62:c7:94: 9d:3b:27:33:ec:0e:1d:53:64:80:50:0f:f3:eb:e5: 8b:1c:59:24:61:16:4b:8f:08:a3:6c:0d:4e:99:a1: 38:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:DC:5E:49:55:B3:FB:97:16:8F:0C:18:17:4C:4B:8D:2A:F4:65:3E X509v3 Authority Key Identifier: keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:dc:6e:26:cd:84:26:2d:57:2f:79:7e:07:14:89:d1:32:6e: bd:10:8e:36:00:c7:2e:7a:6c:4f:17:f4:d7:d1:b2:fa:9c:cc: 5b:24:83:86:54:94:b9:57:d3:f2:da:92:b2:ab:1b:75:8b:ab: 14:57:d0:b1:41:f7:47:19:da:e3:18:e3:f4:42:46:81:a7:ec: 16:54:21:59:b3:4a:fe:e8:68:b0:62:e3:7c:ad:2e:2c:92:c3: c3:05:f3:83:4b:f1:f2:da:11:e9:80:7f:ac:7c:a3:ed:d2:60: 78:67:e4:36:bc:71:87:3d:08:da:03:58:5a:39:f1:3c:f1:88: 0a:79:59:da:85:df:30:5a:5d:0c:e0:7e:ee:0c:0d:51:ec:21: a3:5c:79:87:86:d3:60:6f:47:6d:a1:e8:ba:d4:f5:44:96:01: 27:df:d8:4e:2a:4f:39:3c:5b:50:12:af:60:86:4d:50:8b:02: 3e:59:2e:85:ee:61:f8:9a:c6:09:fd:32:ca:d7:50:9d:78:ef: 77:88:a1:9a:df:31:29:00:25:31:88:24:7f:2e:46:83:5b:c2: d7:30:04:ca:16:00:fa:e3:38:ac:17:f7:1e:61:32:f2:a1:6e: e4:9e:6e:96:d1:14:83:9a:d0:e9:1c:cc:0f:99:19:a0:df:c5: be:cd:ab:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaHTtG0/17+lcQZ294RXBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj NGRhMjAwHhcNMjUxMjE4MTcwMTA1WhcNMjUxMjE5MTcwMTA1WjAzMTEwLwYDVQQD Eyg2NmRjNWU0OTU1YjNmYjk3MTY4ZjBjMTgxNzRjNGI4ZDJhZjQ2NTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxW+bS9d2LN4IW9G0+EZxkqJcR6 LfM8SGFJzU4XV5WpvYPFfdQSsY3fNciUKzPGmXITPrjrP8hyWr3EOdfBpletd2A6 Sqk7vyAX5I9v/4ODvKVSF3yimZ2j48g48bO+6mqI3f4B+xg8kCqLvXxIbFkGKpoX kqT1h4dtuAJu7YSCB+dwwViZg2XnBQKWxV3sR4/x4+AN14SfOD5bnE2UxN+S8wJ0 pgxCyNzdnk64X0paydmPS8hJZmTlnkIjzWCpWBdYaoAN54Cb8QkODKj3NSVKJOkT t0SUoTvuvOZix5SdOycz7A4dU2SAUA/z6+WLHFkkYRZLjwijbA1OmaE4ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGbcXklVs/uXFo8MGBdMS40q9GU+MB8GA1UdIwQY MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0 LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftxuJs2E Ji1XL3l+BxSJ0TJuvRCONgDHLnpsTxf019Gy+pzMWySDhlSUuVfT8tqSsqsbdYur FFfQsUH3Rxna4xjj9EJGgafsFlQhWbNK/uhosGLjfK0uLJLDwwXzg0vx8toR6YB/ rHyj7dJgeGfkNrxxhz0I2gNYWjnxPPGICnlZ2oXfMFpdDOB+7gwNUewho1x5h4bT YG9HbaHoutT1RJYBJ9/YTipPOTxbUBKvYIZNUIsCPlkuhe5h+JrGCf0yytdQnXjv d4ihmt8xKQAlMYgkfy5Gg1vC1zAEyhYA+uM4rBf3HmEy8qFu5J5ultEUg5rQ6RzM D5kZoN/Fvs2rJg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:53:02 2025 by rpki-client