This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft File: oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json) Hash identifier: yy4uHtuvyNgIBj66zBrIcQzjEwforWAO/7Xf28S67ZA= Subject key identifier: 3E:E6:44:CE:A3:8F:A8:AA:75:60:77:95:CF:EC:24:08:FF:C3:C5:17 Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 Certificate issuer: /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Certificate serial: 019B42B775417CE603911943D390570CB435 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft Manifest number: 1787 Signing time: Sun 21 Dec 2025 21:01:17 +0000 Manifest this update: Sun 21 Dec 2025 21:01:17 +0000 Manifest next update: Mon 22 Dec 2025 21:01:17 +0000 Files and hashes: 1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: c6Cr2hEmNFa9mIqo5lmTI5+TVs4oESUTuUAahZ3oAjQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:75:41:7c:e6:03:91:19:43:d3:90:57:0c:b4:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Validity Not Before: Dec 21 21:01:17 2025 GMT Not After : Dec 22 21:01:17 2025 GMT Subject: CN=3ee644cea38fa8aa75607795cfec2408ffc3c517 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bf:b0:4b:2c:e7:ea:e2:75:61:f5:0a:bd:a4: 78:25:13:2f:5f:4f:88:0d:a6:9b:81:db:bc:a8:48: 8a:cd:47:6f:f8:b3:e5:ef:8f:89:96:db:47:4f:0c: 22:09:e7:d8:94:97:29:6b:33:83:a2:9a:fa:f4:11: a6:58:89:7b:00:06:b5:da:29:cc:02:71:fd:0a:ca: b4:01:45:4b:08:8b:5f:9c:05:d7:32:75:87:7f:aa: 96:54:ef:4f:ed:09:34:ab:79:5a:fe:cb:97:48:dd: 03:59:85:b4:79:93:d2:0c:4e:17:7a:0d:db:b2:a5: 5a:73:d6:d6:50:f7:ac:3a:a5:85:40:78:c7:0f:16: b9:f3:ee:27:9e:bf:c0:38:de:fa:7a:4d:da:a3:4c: 42:20:18:b0:32:27:5c:26:90:ae:90:a2:db:1f:d1: cb:22:64:15:fa:4c:11:8c:d5:a5:0a:a8:ad:0e:4d: 85:fa:a1:98:86:90:b3:95:88:8f:e4:69:7d:5f:55: f9:d7:74:fe:00:0f:2b:e7:a3:be:c4:45:64:7d:fb: 7a:22:70:20:f4:27:f3:c3:8f:d8:97:35:61:6c:cc: 37:ba:d7:24:82:32:2d:62:42:91:da:c3:e5:3a:6d: 37:28:30:5e:08:51:d3:c7:da:4b:01:c9:4f:35:29: e3:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:E6:44:CE:A3:8F:A8:AA:75:60:77:95:CF:EC:24:08:FF:C3:C5:17 X509v3 Authority Key Identifier: keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:90:22:6d:c4:7b:e2:4d:3f:0c:c7:0a:85:80:cc:ea:ef:ae: 2a:5d:6e:a3:2e:21:b9:fd:12:53:31:1c:38:0c:0c:85:57:b7: 14:80:48:77:57:7e:f7:67:02:42:74:dc:e1:5a:99:14:c4:03: 54:41:d8:5e:59:ff:1f:14:64:29:4a:74:05:ee:74:ab:d2:24: 5c:ec:26:ca:b7:b7:64:aa:d3:2b:d1:4e:01:e2:bc:ab:e7:d2: e8:6e:dc:aa:62:18:e3:45:01:80:4f:f7:92:94:58:85:87:c9: ab:ec:7d:11:ca:e1:8d:36:ae:4f:5a:41:29:d2:bd:07:13:26: af:cf:a5:0a:92:2e:b8:34:38:46:d5:21:58:4b:f8:df:57:2c: d2:25:cd:a0:63:1e:58:83:96:0e:69:51:45:bd:a4:c1:73:08: 34:3e:3d:8a:ea:af:86:51:22:0e:fb:ec:c3:c9:c9:88:d4:30: 35:0d:ae:12:63:29:a4:e4:ea:06:bb:c7:3b:c2:28:ef:8c:20: 74:6d:03:3a:61:59:1a:3d:a5:e6:7f:83:bd:31:ef:c6:d2:55: 55:15:53:e1:cc:01:b4:3a:db:ef:91:8e:03:64:08:06:3f:dd: 4d:37:ee:8f:5f:19:b9:5f:ad:e5:3b:cf:44:9f:3d:1d:6f:2f: 50:a1:82:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt3VBfOYDkRlD05BXDLQ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm MjI0NzQwHhcNMjUxMjIxMjEwMTE3WhcNMjUxMjIyMjEwMTE3WjAzMTEwLwYDVQQD EygzZWU2NDRjZWEzOGZhOGFhNzU2MDc3OTVjZmVjMjQwOGZmYzNjNTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r+wSyzn6uJ1YfUKvaR4JRMvX0+I Daabgdu8qEiKzUdv+LPl74+JlttHTwwiCefYlJcpazODopr69BGmWIl7AAa12inM AnH9Csq0AUVLCItfnAXXMnWHf6qWVO9P7Qk0q3la/suXSN0DWYW0eZPSDE4Xeg3b sqVac9bWUPesOqWFQHjHDxa58+4nnr/AON76ek3ao0xCIBiwMidcJpCukKLbH9HL ImQV+kwRjNWlCqitDk2F+qGYhpCzlYiP5Gl9X1X513T+AA8r56O+xEVkfft6InAg 9Cfzw4/YlzVhbMw3utckgjItYkKR2sPlOm03KDBeCFHTx9pLAclPNSnjpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD7mRM6jj6iqdWB3lc/sJAj/w8UXMB8GA1UdIwQY MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1 LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpAibcR7 4k0/DMcKhYDM6u+uKl1uoy4huf0SUzEcOAwMhVe3FIBId1d+92cCQnTc4VqZFMQD VEHYXln/HxRkKUp0Be50q9IkXOwmyre3ZKrTK9FOAeK8q+fS6G7cqmIY40UBgE/3 kpRYhYfJq+x9EcrhjTauT1pBKdK9BxMmr8+lCpIuuDQ4RtUhWEv431cs0iXNoGMe WIOWDmlRRb2kwXMIND49iuqvhlEiDvvsw8nJiNQwNQ2uEmMppOTqBrvHO8Io74wg dG0DOmFZGj2l5n+DvTHvxtJVVRVT4cwBtDrb75GOA2QIBj/dTTfuj18ZuV+t5TvP RJ89HW8vUKGCPg== -----END CERTIFICATE-----Generated at Mon Dec 22 06:52:20 2025 by rpki-client