This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft File: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json) Hash identifier: 4GHZ7VzY45fqF2LEMNe3mgI9cmS0dk6lilUFo/vL4qU= Subject key identifier: 4B:0D:83:39:C5:FB:16:69:79:D0:6E:10:2E:42:63:EF:E0:26:A5:E7 Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82 Certificate issuer: /CN=3a6b084426d9de0b10e0141d1de43c7629c19682 Certificate serial: 019B33B1FA634FC261D2A7254C823BC6D401 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft Manifest number: 0E37 Signing time: Thu 18 Dec 2025 23:01:00 +0000 Manifest this update: Thu 18 Dec 2025 23:01:00 +0000 Manifest next update: Fri 19 Dec 2025 23:01:00 +0000 Files and hashes: 1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: VqyZaiL6KHxYgJgNVZNgYdyM+kU0yM2R2NZlmYgVtVA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:fa:63:4f:c2:61:d2:a7:25:4c:82:3b:c6:d4:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682 Validity Not Before: Dec 18 23:01:00 2025 GMT Not After : Dec 19 23:01:00 2025 GMT Subject: CN=4b0d8339c5fb166979d06e102e4263efe026a5e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9c:73:9e:c6:5b:85:fb:e0:aa:56:e2:0c:ad: dd:17:5e:1f:f7:ea:40:24:6d:ff:d7:bb:2e:28:49: 01:5a:8d:57:bb:86:d7:b2:49:fc:9a:fe:34:c5:5e: 3b:11:1b:2b:c3:fe:16:64:2a:1e:f3:bf:73:fd:52: 4f:95:e2:59:38:5d:20:7f:34:24:1b:83:93:5e:0d: ca:91:17:2c:03:a3:02:74:93:82:3c:20:9d:7b:d8: f1:7e:de:9d:06:c2:ea:e0:84:99:d0:35:04:9b:25: 4d:98:74:cc:b8:ee:d7:b7:ee:cd:0d:07:13:60:b7: bd:8f:95:75:d6:64:cc:8a:e3:8c:aa:bd:fa:52:20: 7a:fa:0e:6a:12:ea:93:43:34:3e:83:b4:d7:ea:42: a0:5d:6b:09:17:eb:b7:95:ed:f1:40:1c:7d:26:71: 20:4e:9d:a9:43:96:8a:82:81:89:3e:e5:3d:87:d4: 66:7d:ba:32:9e:7a:83:cb:98:f5:f5:67:b0:1c:0b: 4c:a9:cb:f0:32:96:36:70:6f:7c:93:0f:3f:51:90: d7:af:56:07:50:e9:17:75:06:3f:63:86:ec:04:f3: da:e4:03:5e:44:20:32:b2:13:30:eb:ec:12:60:c2: 9e:3f:87:b5:6f:f7:92:44:bc:d8:9b:75:88:e7:3e: 37:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:0D:83:39:C5:FB:16:69:79:D0:6E:10:2E:42:63:EF:E0:26:A5:E7 X509v3 Authority Key Identifier: keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:b5:a9:b3:0e:a4:66:2a:76:cc:e1:2e:b4:f0:a7:d5:9f:fb: 1f:bf:f1:f4:ac:27:bd:ec:84:29:a5:08:32:49:d5:06:4d:27: 8c:6f:48:bc:ca:b8:1c:df:bc:7c:21:ba:a0:1e:ab:b9:76:c0: a2:0f:f0:7d:9f:3d:c6:3e:cd:90:3d:0b:c3:75:53:9d:da:4e: 76:53:ed:9a:1f:a6:4c:7b:bc:82:4e:19:3d:e2:98:6b:7a:37: f7:b6:67:36:dc:f7:5d:af:b1:47:8c:0b:25:bf:b4:20:9c:e5: 7b:67:c8:ed:aa:aa:a0:2a:ff:52:6d:01:1a:2c:b5:40:44:7c: 44:49:ed:ee:91:93:15:c1:63:56:00:a5:e3:0a:23:3f:bd:89: f0:06:c3:b7:2e:7e:4e:75:8c:84:ea:b8:5f:32:da:ea:fb:7e: b3:0b:4d:5a:b4:eb:1d:14:fe:c7:1a:38:af:c3:5f:9e:bd:a5: 8c:bf:ff:a1:a2:dc:e2:1c:27:46:1c:df:f0:fc:c0:33:fa:89: 08:84:92:99:4e:d3:0e:d8:db:46:0c:ef:58:1f:20:15:8f:26: 7a:1c:ef:9c:4e:29:23:f2:de:b1:77:0c:f4:1d:92:24:c8:9c: 32:da:e4:ce:ec:02:d3:90:d9:82:37:03:f5:e1:ef:34:ee:e9: 21:5e:6f:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsfpjT8Jh0qclTII7xtQBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj MTk2ODIwHhcNMjUxMjE4MjMwMTAwWhcNMjUxMjE5MjMwMTAwWjAzMTEwLwYDVQQD Eyg0YjBkODMzOWM1ZmIxNjY5NzlkMDZlMTAyZTQyNjNlZmUwMjZhNWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJxznsZbhfvgqlbiDK3dF14f9+pA JG3/17suKEkBWo1Xu4bXskn8mv40xV47ERsrw/4WZCoe879z/VJPleJZOF0gfzQk G4OTXg3KkRcsA6MCdJOCPCCde9jxft6dBsLq4ISZ0DUEmyVNmHTMuO7Xt+7NDQcT YLe9j5V11mTMiuOMqr36UiB6+g5qEuqTQzQ+g7TX6kKgXWsJF+u3le3xQBx9JnEg Tp2pQ5aKgoGJPuU9h9RmfboynnqDy5j19WewHAtMqcvwMpY2cG98kw8/UZDXr1YH UOkXdQY/Y4bsBPPa5ANeRCAyshMw6+wSYMKeP4e1b/eSRLzYm3WI5z43FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEsNgznF+xZpedBuEC5CY+/gJqXnMB8GA1UdIwQY MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2 LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbWpsw6k Zip2zOEutPCn1Z/7H7/x9KwnveyEKaUIMknVBk0njG9IvMq4HN+8fCG6oB6ruXbA og/wfZ89xj7NkD0Lw3VTndpOdlPtmh+mTHu8gk4ZPeKYa3o397ZnNtz3Xa+xR4wL Jb+0IJzle2fI7aqqoCr/Um0BGiy1QER8REnt7pGTFcFjVgCl4wojP72J8AbDty5+ TnWMhOq4XzLa6vt+swtNWrTrHRT+xxo4r8Nfnr2ljL//oaLc4hwnRhzf8PzAM/qJ CISSmU7TDtjbRgzvWB8gFY8mehzvnE4pI/LesXcM9B2SJMicMtrkzuwC05DZgjcD 9eHvNO7pIV5vjA== -----END CERTIFICATE-----Generated at Fri Dec 19 07:48:26 2025 by rpki-client