This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft File: O-_lCkD7FzJUHoqXRQq13ndHcdg.mft (raw, json) Hash identifier: rzesEl1M0XDeNEuQCVm1uT+vF0rM60g9QIlX1XAMuyM= Subject key identifier: BE:51:A7:9A:A1:25:6C:07:25:35:DE:22:23:03:3F:B2:61:D3:DC:87 Authority key identifier: 3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8 Certificate issuer: /CN=3befe50a40fb1732541e8a97450ab5de774771d8 Certificate serial: 019B3645435C7803BEFF1FCA0001E58AB641 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft Manifest number: 0516 Signing time: Fri 19 Dec 2025 11:01:07 +0000 Manifest this update: Fri 19 Dec 2025 11:01:07 +0000 Manifest next update: Sat 20 Dec 2025 11:01:07 +0000 Files and hashes: 1: 7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa (hash: cTRZ7K6oUrn2Rqx5R/D6Zllm9PmQV/y/ARWXdG55cmE=) 2: O-_lCkD7FzJUHoqXRQq13ndHcdg.crl (hash: mDGmlEm4uIjyKcNo0oNvjC4oU9e9qrHrhOIoKfmREYM=) 3: YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa (hash: va3bKDhWKpgZL3Z4ed7EIl2pjSDDXrOal9gvmMpvSE0=) 4: aBnhuCyVg4pVl4Cu-1q0sSCGSow.roa (hash: VQIqr/RAqzgxu4SPZE6Psd9Jss+IRfVZ1r0b7rL29Wo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:45:43:5c:78:03:be:ff:1f:ca:00:01:e5:8a:b6:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3befe50a40fb1732541e8a97450ab5de774771d8 Validity Not Before: Dec 19 11:01:07 2025 GMT Not After : Dec 20 11:01:07 2025 GMT Subject: CN=be51a79aa1256c072535de2223033fb261d3dc87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:70:71:d0:5a:c2:85:1d:ba:9f:38:a8:74:9a: 2a:c3:18:2f:e5:5c:1e:28:18:d6:9e:6e:01:75:00: a0:e9:49:f2:45:f9:5f:b8:96:e9:ff:ea:57:71:4e: 3f:ac:e0:bf:2c:ff:9b:da:65:e6:b0:ee:59:0f:80: 4e:d9:9f:da:06:89:12:09:22:33:4c:c2:f1:8f:e5: e7:aa:24:aa:68:8f:50:7c:3d:aa:c1:a3:96:bd:bb: 1c:d6:a5:ef:0e:73:a5:b1:3d:e3:3a:8d:9a:3c:58: 9a:49:1f:40:2d:de:ca:f1:d7:25:d9:d5:3b:32:52: 1b:ae:40:f0:4e:df:53:8b:70:fe:83:9c:09:71:c1: 44:99:06:e3:db:a3:fa:50:d4:a3:46:e4:c4:cf:be: 6a:70:bf:90:a8:48:4f:9c:ef:7e:90:54:bf:e7:4b: 58:10:ae:6d:d8:bd:a4:bd:a8:57:50:02:fd:ff:eb: cb:ce:23:b2:34:60:7f:24:29:a3:3a:bd:a3:1b:22: 84:52:49:cd:de:f5:ab:6d:27:37:86:62:54:35:4e: 7a:26:f3:0d:13:ee:7d:f0:03:c3:df:22:bd:9d:95: 88:82:0b:7a:5b:56:aa:0d:2f:cd:fc:a0:a4:7e:7d: bb:62:31:b4:0a:7a:e4:e5:fa:d0:50:bb:94:07:ce: 7c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:51:A7:9A:A1:25:6C:07:25:35:DE:22:23:03:3F:B2:61:D3:DC:87 X509v3 Authority Key Identifier: keyid:3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:91:28:98:db:87:9a:f6:a0:e3:f8:dc:10:38:25:00:0b:02: 07:93:83:f6:97:eb:e3:fc:15:35:00:b7:f4:b0:ae:ea:3c:b3: b6:1e:97:63:ea:40:a5:fe:01:44:35:03:26:e0:3b:9d:fd:b2: af:88:2d:29:38:60:37:bf:11:5d:24:25:d3:cf:25:81:39:a0: 03:f5:f3:3d:53:35:5c:57:a6:7d:37:78:19:56:94:61:1e:a5: 23:cc:c8:c2:ce:e0:3c:86:df:87:86:64:09:60:7b:89:2c:db: 01:c8:ed:55:ef:16:0b:30:d2:bf:ff:52:52:af:bd:87:5b:d6: 08:f6:f8:6e:5c:7e:82:a4:73:31:71:77:8a:46:ad:1a:9e:33: 3c:f5:87:0f:c7:21:d3:e8:a7:6f:e6:4a:d9:52:aa:77:5e:75: 19:2f:6c:66:a7:51:e2:c7:e2:9c:21:0c:fc:e5:f6:f3:65:49: f2:19:51:99:87:34:f8:da:19:dd:1b:15:14:b1:9e:37:66:32: 13:81:ba:19:0e:24:75:e8:a6:29:e5:b9:da:16:5e:b0:77:90: b2:62:b6:2a:35:66:96:ca:41:c3:98:bf:7e:dd:4b:4b:4c:2d: 09:43:cf:70:84:47:86:5e:ba:dd:02:e2:5f:5d:61:54:ec:6c: 2d:1a:f9:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RUNceAO+/x/KAAHlirZBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZWZlNTBhNDBmYjE3MzI1NDFlOGE5NzQ1MGFiNWRlNzc0 NzcxZDgwHhcNMjUxMjE5MTEwMTA3WhcNMjUxMjIwMTEwMTA3WjAzMTEwLwYDVQQD EyhiZTUxYTc5YWExMjU2YzA3MjUzNWRlMjIyMzAzM2ZiMjYxZDNkYzg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnBx0FrChR26nziodJoqwxgv5Vwe KBjWnm4BdQCg6UnyRflfuJbp/+pXcU4/rOC/LP+b2mXmsO5ZD4BO2Z/aBokSCSIz TMLxj+XnqiSqaI9QfD2qwaOWvbsc1qXvDnOlsT3jOo2aPFiaSR9ALd7K8dcl2dU7 MlIbrkDwTt9Ti3D+g5wJccFEmQbj26P6UNSjRuTEz75qcL+QqEhPnO9+kFS/50tY EK5t2L2kvahXUAL9/+vLziOyNGB/JCmjOr2jGyKEUknN3vWrbSc3hmJUNU56JvMN E+598APD3yK9nZWIggt6W1aqDS/N/KCkfn27YjG0Cnrk5frQULuUB858CQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL5Rp5qhJWwHJTXeIiMDP7Jh09yHMB8GA1UdIwQY MBaAFDvv5QpA+xcyVB6Kl0UKtd53R3HYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDkt ZTYxNTQ5MzExN2QyLzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDktZTYxNTQ5MzExN2Qy LzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJEomNuH mvag4/jcEDglAAsCB5OD9pfr4/wVNQC39LCu6jyzth6XY+pApf4BRDUDJuA7nf2y r4gtKThgN78RXSQl088lgTmgA/XzPVM1XFemfTd4GVaUYR6lI8zIws7gPIbfh4Zk CWB7iSzbAcjtVe8WCzDSv/9SUq+9h1vWCPb4blx+gqRzMXF3ikatGp4zPPWHD8ch 0+inb+ZK2VKqd151GS9sZqdR4sfinCEM/OX282VJ8hlRmYc0+NoZ3RsVFLGeN2Yy E4G6GQ4kdeimKeW52hZesHeQsmK2KjVmlspBw5i/ft1LS0wtCUPPcIRHhl663QLi X11hVOxsLRr5gA== -----END CERTIFICATE-----Generated at Fri Dec 19 14:38:24 2025 by rpki-client