This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json) Hash identifier: YlSQFP18zw4pExtjtg6YiMxRpqYw78CKBCUXCJtYjOA= Subject key identifier: 34:36:55:A6:71:17:80:53:2D:D3:98:A1:73:2E:44:34:25:86:2A:4C Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c Certificate serial: 019B42EEC7035234103ABF7D9F6E50BC28B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft Manifest number: 178E Signing time: Sun 21 Dec 2025 22:01:43 +0000 Manifest this update: Sun 21 Dec 2025 22:01:43 +0000 Manifest next update: Mon 22 Dec 2025 22:01:43 +0000 Files and hashes: 1: 1-9Z39awtCUNqeCcuYwIOQubEoEY.roa (hash: AJvelHrJ42adBWeCqNbgdbqaGB/A4YMI32J/x3+LlBI=) 2: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: L3UKg2g9MBoUNv3ADAYE2Fj4s5br7YcfqiGJRnh0V9M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:c7:03:52:34:10:3a:bf:7d:9f:6e:50:bc:28:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c Validity Not Before: Dec 21 22:01:43 2025 GMT Not After : Dec 22 22:01:43 2025 GMT Subject: CN=343655a6711780532dd398a1732e443425862a4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b4:3f:d0:eb:cf:44:ac:b4:a2:05:a2:df:e7: c7:29:e3:f8:74:a5:5a:b2:70:cc:df:21:0d:a3:cd: e0:33:fd:c5:1e:73:1a:79:96:95:ca:a6:c2:df:13: bf:00:b2:c6:f8:e2:2a:48:a7:d2:d9:a5:7c:24:ef: 75:6e:b3:d2:4d:8d:72:a0:71:63:25:e4:b1:40:3e: 55:16:d7:2d:0d:a5:4e:f5:fc:72:5e:41:75:a5:7e: 5f:22:28:2f:d6:f4:a0:1b:eb:e4:27:a1:72:2e:07: 03:aa:f7:84:5b:46:69:f0:3c:bb:c0:ac:d8:86:e7: 1a:ad:e9:c6:62:59:e9:d5:e5:50:5f:13:fa:ce:98: 85:53:43:60:aa:27:9c:9e:9d:64:6e:dc:83:2f:be: 16:18:0b:79:dc:f7:f6:de:98:2c:58:cd:25:45:32: f4:36:1e:5f:3d:3b:0e:3b:36:6f:73:95:45:03:d7: c1:36:5c:6b:2b:93:f5:85:90:6a:90:67:bf:29:12: 00:ef:0d:2f:61:8a:71:e3:cd:bc:9f:6a:ad:ee:96: 04:67:e9:78:9d:2f:70:14:a5:62:d6:bc:15:8d:71: cd:51:d9:52:4f:b7:17:f9:ef:c1:07:63:bd:79:ea: b8:ba:4f:cd:59:97:9b:f4:d7:02:9e:0b:8a:d9:7c: 01:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:36:55:A6:71:17:80:53:2D:D3:98:A1:73:2E:44:34:25:86:2A:4C X509v3 Authority Key Identifier: keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:88:a6:50:83:db:18:0a:9d:d0:cd:24:20:71:10:9b:6c:ce: 9d:d9:69:6c:78:4e:93:0f:a5:7a:0d:db:8a:bf:bd:a4:4d:fc: 54:e5:99:f2:0b:98:32:ea:7d:98:cd:51:85:74:db:88:1f:e7: 81:13:26:f7:1e:85:f8:68:e3:c8:b7:b6:90:1f:08:d5:dd:77: 51:57:9f:83:c9:75:f3:5a:96:31:68:09:78:af:d5:1c:b2:e9: 48:8d:7b:e3:44:b3:e3:50:1b:11:4f:2b:0b:de:5d:4a:dd:69: 50:49:3c:78:4c:6e:1a:09:b5:56:b8:13:8b:08:bc:f3:32:58: 39:d0:b0:b1:2f:42:7b:1f:60:a0:94:58:4d:e6:fe:08:fc:39: d2:ec:84:37:52:6f:c6:2c:0a:3e:7e:5f:51:e1:5b:c3:88:2c: c0:be:7e:2d:21:50:03:0c:1e:1c:96:d7:84:1c:57:f0:ad:6d: b0:99:fc:93:51:9b:01:d4:c5:43:de:a5:32:77:03:e2:d4:04: c2:67:2f:0d:92:8c:ec:bf:2c:37:e5:d8:4b:6f:d5:4b:80:1d: af:a0:34:e7:01:80:51:c9:78:4b:18:8f:a4:76:93:2b:09:0e: c6:f4:66:5d:49:a2:57:b9:71:57:59:28:00:45:c5:09:0d:d4: 62:dd:d0:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7scDUjQQOr99n25QvCiwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh OWIxOGMwHhcNMjUxMjIxMjIwMTQzWhcNMjUxMjIyMjIwMTQzWjAzMTEwLwYDVQQD EygzNDM2NTVhNjcxMTc4MDUzMmRkMzk4YTE3MzJlNDQzNDI1ODYyYTRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQ/0OvPRKy0ogWi3+fHKeP4dKVa snDM3yENo83gM/3FHnMaeZaVyqbC3xO/ALLG+OIqSKfS2aV8JO91brPSTY1yoHFj JeSxQD5VFtctDaVO9fxyXkF1pX5fIigv1vSgG+vkJ6FyLgcDqveEW0Zp8Dy7wKzY hucarenGYlnp1eVQXxP6zpiFU0Ngqiecnp1kbtyDL74WGAt53Pf23pgsWM0lRTL0 Nh5fPTsOOzZvc5VFA9fBNlxrK5P1hZBqkGe/KRIA7w0vYYpx4828n2qt7pYEZ+l4 nS9wFKVi1rwVjXHNUdlST7cX+e/BB2O9eeq4uk/NWZeb9NcCnguK2XwBNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQ2VaZxF4BTLdOYoXMuRDQlhipMMB8GA1UdIwQY MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIimUIPb GAqd0M0kIHEQm2zOndlpbHhOkw+leg3bir+9pE38VOWZ8guYMup9mM1RhXTbiB/n gRMm9x6F+GjjyLe2kB8I1d13UVefg8l181qWMWgJeK/VHLLpSI1740Sz41AbEU8r C95dSt1pUEk8eExuGgm1VrgTiwi88zJYOdCwsS9Cex9goJRYTeb+CPw50uyEN1Jv xiwKPn5fUeFbw4gswL5+LSFQAwweHJbXhBxX8K1tsJn8k1GbAdTFQ96lMncD4tQE wmcvDZKM7L8sN+XYS2/VS4Adr6A05wGAUcl4SxiPpHaTKwkOxvRmXUmiV7lxV1ko AEXFCQ3UYt3QfQ== -----END CERTIFICATE-----Generated at Mon Dec 22 06:52:46 2025 by rpki-client