This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft File: O-_lCkD7FzJUHoqXRQq13ndHcdg.mft (raw, json) Hash identifier: crWvkK0QIqiQsiDkQxGRF1qPC+Z99cFNQr1WqFD64CY= Subject key identifier: 39:A5:62:1F:34:C7:1C:C5:65:5D:DF:50:FF:12:22:D1:CD:7A:4E:C2 Authority key identifier: 3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8 Certificate issuer: /CN=3befe50a40fb1732541e8a97450ab5de774771d8 Certificate serial: 019B3DFEA6EF0E1BBA1E793F285F19625E5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft Manifest number: 051A Signing time: Sat 20 Dec 2025 23:00:57 +0000 Manifest this update: Sat 20 Dec 2025 23:00:57 +0000 Manifest next update: Sun 21 Dec 2025 23:00:57 +0000 Files and hashes: 1: 7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa (hash: cTRZ7K6oUrn2Rqx5R/D6Zllm9PmQV/y/ARWXdG55cmE=) 2: O-_lCkD7FzJUHoqXRQq13ndHcdg.crl (hash: 6X1q4IPTPy02fm1MHe2t2W383XFR7/0rJThVNRA32dw=) 3: YOqzdqJgWVyd_2LgxM2J8gMVqBI.roa (hash: va3bKDhWKpgZL3Z4ed7EIl2pjSDDXrOal9gvmMpvSE0=) 4: aBnhuCyVg4pVl4Cu-1q0sSCGSow.roa (hash: VQIqr/RAqzgxu4SPZE6Psd9Jss+IRfVZ1r0b7rL29Wo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:a6:ef:0e:1b:ba:1e:79:3f:28:5f:19:62:5e:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3befe50a40fb1732541e8a97450ab5de774771d8 Validity Not Before: Dec 20 23:00:57 2025 GMT Not After : Dec 21 23:00:57 2025 GMT Subject: CN=39a5621f34c71cc5655ddf50ff1222d1cd7a4ec2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:c1:2a:6f:25:bf:6c:8f:2a:59:ca:54:1a:9c: 5a:f4:f2:dc:28:af:f7:7a:2b:88:bb:3d:ea:29:0e: bf:04:71:3e:61:23:9a:12:29:97:d4:8c:b4:b4:67: 42:4f:bc:e8:fa:94:19:db:60:42:20:dd:6e:c1:db: 84:bb:e4:ca:fc:f9:21:45:67:db:c6:1a:ad:03:a8: 9a:c6:c6:db:8c:f4:ee:11:6b:8d:73:e7:f9:b7:17: 6d:c5:d5:30:b6:13:72:c6:07:d5:fc:03:cd:d1:19: 45:cb:a9:a2:ac:76:ff:bf:33:b1:74:4a:8d:e1:01: 79:da:11:13:22:b6:f8:74:4a:9d:e2:e8:a2:c8:31: e9:68:25:75:c9:3c:1d:03:06:90:4e:d9:b6:b5:e5: be:fc:85:fd:6f:4b:e1:83:87:03:7f:a4:bd:97:c1: f5:f6:cc:23:78:5c:ad:9d:92:ea:6d:62:10:7f:88: 82:05:ac:71:c1:18:9b:52:ab:f6:1d:b2:11:81:3e: 25:80:b0:75:79:c0:85:ed:c0:49:4d:00:4c:40:55: 49:99:04:c6:6f:69:ff:ea:a8:41:64:16:a7:de:f2: 92:91:dc:c0:c9:cf:44:32:2d:aa:bd:9a:13:0e:d1: 52:63:47:69:16:61:be:0b:5b:59:4c:45:85:e3:f2: 9d:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:A5:62:1F:34:C7:1C:C5:65:5D:DF:50:FF:12:22:D1:CD:7A:4E:C2 X509v3 Authority Key Identifier: keyid:3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:c8:4c:2c:91:da:36:72:fc:d3:52:cb:53:72:ee:2e:b6:15: c9:1a:26:a6:1b:5f:3f:ef:70:8b:b3:ae:d9:32:37:27:34:8d: fa:fe:83:c8:e6:04:ad:c9:17:e7:85:5a:5c:b1:8e:b8:4e:1b: 8c:27:40:ec:9c:02:c4:df:bf:c2:f6:76:a4:31:4e:fa:0a:22: 46:2c:c1:6d:8a:19:92:0f:b3:db:27:dc:d2:a6:03:50:0c:91: da:b1:89:a6:4d:21:d9:f3:f1:3c:b9:32:09:a6:0d:9e:3b:a0: ea:5f:8d:d3:47:9b:fb:a1:92:22:98:0f:d6:60:af:33:71:fa: e1:ef:8b:d2:5b:bb:d5:e3:98:5b:9a:ad:4c:05:c5:65:fc:b7: b4:be:fb:c8:87:87:73:55:c5:1b:09:69:cd:ca:78:0e:14:00: c6:38:29:d0:20:bf:ce:5c:f8:66:bf:43:0a:7c:ad:36:44:e4: ce:45:27:e9:da:ae:96:a9:c8:c9:2b:7a:14:a7:9e:d2:ba:e6: a2:42:4a:6d:c2:6f:5e:ff:1c:77:b1:b1:49:6c:28:0f:51:35: 56:16:30:91:46:35:e4:53:81:21:d4:03:aa:56:78:a7:d5:78: 15:07:fe:53:5a:df:8e:04:8c:17:d1:82:b2:36:1e:48:d6:02: d3:a6:d3:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/qbvDhu6Hnk/KF8ZYl5cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZWZlNTBhNDBmYjE3MzI1NDFlOGE5NzQ1MGFiNWRlNzc0 NzcxZDgwHhcNMjUxMjIwMjMwMDU3WhcNMjUxMjIxMjMwMDU3WjAzMTEwLwYDVQQD EygzOWE1NjIxZjM0YzcxY2M1NjU1ZGRmNTBmZjEyMjJkMWNkN2E0ZWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMEqbyW/bI8qWcpUGpxa9PLcKK/3 eiuIuz3qKQ6/BHE+YSOaEimX1Iy0tGdCT7zo+pQZ22BCIN1uwduEu+TK/PkhRWfb xhqtA6iaxsbbjPTuEWuNc+f5txdtxdUwthNyxgfV/APN0RlFy6mirHb/vzOxdEqN 4QF52hETIrb4dEqd4uiiyDHpaCV1yTwdAwaQTtm2teW+/IX9b0vhg4cDf6S9l8H1 9swjeFytnZLqbWIQf4iCBaxxwRibUqv2HbIRgT4lgLB1ecCF7cBJTQBMQFVJmQTG b2n/6qhBZBan3vKSkdzAyc9EMi2qvZoTDtFSY0dpFmG+C1tZTEWF4/KdcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDmlYh80xxzFZV3fUP8SItHNek7CMB8GA1UdIwQY MBaAFDvv5QpA+xcyVB6Kl0UKtd53R3HYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDkt ZTYxNTQ5MzExN2QyLzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDktZTYxNTQ5MzExN2Qy LzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMhMLJHa NnL801LLU3LuLrYVyRomphtfP+9wi7Ou2TI3JzSN+v6DyOYErckX54VaXLGOuE4b jCdA7JwCxN+/wvZ2pDFO+goiRizBbYoZkg+z2yfc0qYDUAyR2rGJpk0h2fPxPLky CaYNnjug6l+N00eb+6GSIpgP1mCvM3H64e+L0lu71eOYW5qtTAXFZfy3tL77yIeH c1XFGwlpzcp4DhQAxjgp0CC/zlz4Zr9DCnytNkTkzkUn6dqulqnIySt6FKee0rrm okJKbcJvXv8cd7GxSWwoD1E1VhYwkUY15FOBIdQDqlZ4p9V4FQf+U1rfjgSMF9GC sjYeSNYC06bTBQ== -----END CERTIFICATE-----Generated at Sun Dec 21 02:36:36 2025 by rpki-client