This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft File: OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json) Hash identifier: IOT2J3k0alCFhG/U7l/6qYyFnxX+dSDmh0pObToSLl8= Subject key identifier: F5:A2:36:29:4B:43:88:F5:CA:94:9F:48:B1:56:DC:CF:84:7D:99:12 Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B Certificate issuer: /CN=381b2c59729a53b84112aaf2ca1228f34247a39b Certificate serial: 019B3C7DF8D1522B0D3413E057DB3BF4E92C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft Manifest number: 1784 Signing time: Sat 20 Dec 2025 16:00:47 +0000 Manifest this update: Sat 20 Dec 2025 16:00:47 +0000 Manifest next update: Sun 21 Dec 2025 16:00:47 +0000 Files and hashes: 1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: UqATgaiArM4+FbzidmyHo82N5fqxxY9NU3mAR6noFy8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:f8:d1:52:2b:0d:34:13:e0:57:db:3b:f4:e9:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b Validity Not Before: Dec 20 16:00:47 2025 GMT Not After : Dec 21 16:00:47 2025 GMT Subject: CN=f5a236294b4388f5ca949f48b156dccf847d9912 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:38:e8:f6:a9:56:01:e9:36:0e:71:37:8c:d8: 33:8b:ed:7b:07:34:c2:82:76:73:12:25:51:7b:19: 51:38:2b:ea:13:64:88:f1:23:b0:e2:ae:a9:b9:53: ee:d2:e0:75:b5:10:65:15:dd:5e:fc:3d:ba:92:73: cd:ea:1c:fc:7c:44:eb:b1:0f:e9:e9:4c:e6:fe:52: 13:4b:66:53:c7:1e:25:c7:4c:1b:3f:da:7d:73:d4: c7:70:29:2b:6e:52:e7:a1:64:c6:e3:84:11:30:71: e8:cb:ef:d5:1e:72:8d:b7:b7:c0:ac:87:30:27:6e: e7:7c:46:01:7c:65:4f:56:82:fa:e9:85:fb:eb:7f: 7a:71:e7:4f:ec:be:10:ae:6e:82:6a:27:92:1a:64: 8a:06:81:3c:06:bc:b1:0f:d9:49:9e:08:af:51:7e: da:75:a8:dd:c8:b4:20:fb:b8:f4:9f:95:f4:3a:4b: 59:12:c5:2e:7c:2f:ed:4d:73:2e:d1:bf:af:e1:87: 71:1c:97:2b:6d:d6:17:5b:d3:86:0b:1b:d2:80:8e: b6:f7:8d:59:4c:c2:df:58:3b:d1:57:d2:1b:28:74: a4:5b:62:c2:f2:9e:d7:6f:c7:71:08:72:6f:cc:78: 85:1c:dc:b5:43:29:da:ad:3f:fc:3d:ac:3b:ec:1b: a9:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:A2:36:29:4B:43:88:F5:CA:94:9F:48:B1:56:DC:CF:84:7D:99:12 X509v3 Authority Key Identifier: keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:42:70:5a:49:9f:f4:04:5e:97:fe:4a:1e:dc:28:e2:ec:07: 66:08:38:44:ff:d9:23:75:46:a7:c3:5a:b9:c1:60:98:76:17: 94:c4:db:dd:1e:3c:b3:0a:80:d6:db:e2:a1:49:11:81:63:41: f6:cb:a4:40:cb:4d:3c:2f:6c:7a:82:fb:e9:f3:7f:77:91:77: bc:48:b1:03:d9:a5:fd:72:96:44:cc:e4:dc:b2:95:9a:ae:42: 89:db:0c:70:3f:23:dc:e6:7d:e7:ac:98:53:e4:74:c2:ae:05: d6:e6:42:b0:92:b6:37:a4:3b:e8:f5:10:62:15:ef:ec:98:fe: 62:d4:e6:aa:93:f6:90:f1:49:b5:e8:1c:d3:b7:5f:fa:6c:87: 11:37:c9:6a:f1:87:76:d6:ab:31:b0:31:57:9d:7d:9f:83:23: 1f:7d:ab:0d:3f:24:8a:56:85:95:db:c0:64:f8:7b:4f:57:05: 80:0e:f9:7b:af:63:9c:d6:f7:33:ba:42:04:51:0c:74:18:43: 41:10:84:d5:2d:df:4c:79:45:09:07:15:6b:cc:27:c0:a6:39: 46:c9:61:b8:91:bc:c1:ef:e6:f4:9d:97:52:0c:54:c7:a1:2d: 62:3b:85:da:12:dc:3a:de:d9:c3:bf:dd:5a:d3:0b:b2:00:9a: 79:9b:4d:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8ffjRUisNNBPgV9s79OksMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0 N2EzOWIwHhcNMjUxMjIwMTYwMDQ3WhcNMjUxMjIxMTYwMDQ3WjAzMTEwLwYDVQQD EyhmNWEyMzYyOTRiNDM4OGY1Y2E5NDlmNDhiMTU2ZGNjZjg0N2Q5OTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tjo9qlWAek2DnE3jNgzi+17BzTC gnZzEiVRexlROCvqE2SI8SOw4q6puVPu0uB1tRBlFd1e/D26knPN6hz8fETrsQ/p 6Uzm/lITS2ZTxx4lx0wbP9p9c9THcCkrblLnoWTG44QRMHHoy+/VHnKNt7fArIcw J27nfEYBfGVPVoL66YX76396cedP7L4Qrm6CaieSGmSKBoE8BryxD9lJngivUX7a dajdyLQg+7j0n5X0OktZEsUufC/tTXMu0b+v4YdxHJcrbdYXW9OGCxvSgI62941Z TMLfWDvRV9IbKHSkW2LC8p7Xb8dxCHJvzHiFHNy1QynarT/8Paw77BupZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPWiNilLQ4j1ypSfSLFW3M+EfZkSMB8GA1UdIwQY MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoUJwWkmf 9ARel/5KHtwo4uwHZgg4RP/ZI3VGp8NaucFgmHYXlMTb3R48swqA1tvioUkRgWNB 9sukQMtNPC9seoL76fN/d5F3vEixA9ml/XKWRMzk3LKVmq5CidsMcD8j3OZ956yY U+R0wq4F1uZCsJK2N6Q76PUQYhXv7Jj+YtTmqpP2kPFJtegc07df+myHETfJavGH dtarMbAxV519n4MjH32rDT8kilaFldvAZPh7T1cFgA75e69jnNb3M7pCBFEMdBhD QRCE1S3fTHlFCQcVa8wnwKY5RslhuJG8we/m9J2XUgxUx6EtYjuF2hLcOt7Zw7/d WtMLsgCaeZtN/w== -----END CERTIFICATE-----Generated at Sat Dec 20 20:02:03 2025 by rpki-client