This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json) Hash identifier: gRz1a5mWGIUuVplXjzS340Yik8yoDDOroqFd4Y4cNTk= Subject key identifier: 1A:D2:88:A8:0C:8B:5C:AA:12:66:B6:00:FF:F3:A7:5A:8B:7E:47:FA Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Certificate serial: 019B37C5D444C5445147FFD49AF7C5EF89E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft Manifest number: 0F08 Signing time: Fri 19 Dec 2025 18:01:10 +0000 Manifest this update: Fri 19 Dec 2025 18:01:10 +0000 Manifest next update: Sat 20 Dec 2025 18:01:10 +0000 Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: eKj7+P2tE9B8tGEKxG2h24Ib/D+NgCFhze63HH5WBgI=) 2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:c5:d4:44:c5:44:51:47:ff:d4:9a:f7:c5:ef:89:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Validity Not Before: Dec 19 18:01:10 2025 GMT Not After : Dec 20 18:01:10 2025 GMT Subject: CN=1ad288a80c8b5caa1266b600fff3a75a8b7e47fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:86:3c:61:62:e3:51:84:18:2e:4b:5f:fd:9f: 48:2b:f3:cf:2d:65:d2:3f:6d:bb:92:eb:62:10:6e: 59:da:9e:66:21:30:f9:0f:13:c3:ad:df:f2:22:a1: 34:cf:07:f7:3e:21:12:bf:69:7e:f5:67:0a:70:6b: 02:aa:4d:b2:79:ee:1f:33:40:21:06:f8:2b:3b:06: 3d:c8:51:84:69:5d:32:a1:08:66:a4:e0:f5:78:f0: 04:3d:a0:52:8d:1e:14:ea:ce:c1:9c:a1:2b:99:ed: a8:1f:ac:98:7b:dd:80:e5:d4:5c:19:2b:4e:0a:8c: a1:ce:7f:ea:45:e0:1a:90:1c:c6:65:15:6e:ca:2a: b3:74:38:8d:6f:5c:b9:2a:78:c8:5e:67:db:eb:7d: 4f:9d:95:ba:76:85:7e:d4:ce:74:44:e7:9a:f0:bb: 58:05:4b:f0:6a:46:4a:ed:f7:b0:f9:54:49:34:e5: fa:cb:e3:d2:e0:df:80:a8:5e:f1:2e:c9:ea:e6:fa: bf:62:d4:bf:11:e2:c0:e6:32:17:45:26:57:93:6d: 6c:c8:d2:d3:b1:2e:23:fb:15:fe:7e:93:b0:53:42: 35:f6:ca:37:63:dd:b5:0f:8c:28:d2:25:12:5d:09: c8:b2:36:b7:e7:09:92:a9:bf:8a:d9:bf:53:77:8c: 58:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:D2:88:A8:0C:8B:5C:AA:12:66:B6:00:FF:F3:A7:5A:8B:7E:47:FA X509v3 Authority Key Identifier: keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:4a:82:b0:ed:d5:68:1f:27:76:8d:0f:e9:a7:0b:28:99:62: ad:c4:51:5b:ec:65:4a:04:c1:c9:8d:9d:b5:a9:5b:60:04:36: 5f:25:b0:f1:65:e1:be:9e:58:30:48:a7:b9:67:82:66:06:99: f0:c8:f6:d8:48:86:70:25:c3:93:90:b8:c2:8f:a4:f4:62:f8: b0:8c:7f:a8:b8:0c:2d:ae:5e:69:d7:7c:92:41:17:49:6b:3f: a4:31:4e:0e:1b:ad:e6:9f:8b:b5:d8:28:79:fa:3e:8f:de:3f: a8:cc:52:30:b7:aa:62:eb:11:94:34:c4:75:1c:96:92:3d:64: 7e:fa:11:76:e8:d7:63:2f:61:a2:f7:bb:1c:91:e9:3a:e1:47: ed:f4:6a:f9:2e:67:37:c3:d0:7e:03:df:d6:96:42:59:83:fe: 1d:28:68:d4:fe:fc:b6:a0:21:2d:82:0f:33:6c:fc:d6:1e:f5: bf:57:18:1d:df:27:4d:ff:d4:9b:e8:1c:64:35:f8:08:de:0c: dd:e8:69:ff:8e:99:84:ab:92:73:b1:8f:5e:30:bd:14:76:3a: 5f:d2:22:24:82:ab:02:06:b9:12:7e:fa:d0:51:c7:3a:cd:a1: d8:4a:50:fb:00:32:33:28:b3:36:92:f3:30:26:fc:a0:9e:92: 0c:d8:d6:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3xdRExURRR//UmvfF74nmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli ZDNhOWEwHhcNMjUxMjE5MTgwMTEwWhcNMjUxMjIwMTgwMTEwWjAzMTEwLwYDVQQD EygxYWQyODhhODBjOGI1Y2FhMTI2NmI2MDBmZmYzYTc1YThiN2U0N2ZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoY8YWLjUYQYLktf/Z9IK/PPLWXS P227kutiEG5Z2p5mITD5DxPDrd/yIqE0zwf3PiESv2l+9WcKcGsCqk2yee4fM0Ah BvgrOwY9yFGEaV0yoQhmpOD1ePAEPaBSjR4U6s7BnKErme2oH6yYe92A5dRcGStO Coyhzn/qReAakBzGZRVuyiqzdDiNb1y5KnjIXmfb631PnZW6doV+1M50ROea8LtY BUvwakZK7few+VRJNOX6y+PS4N+AqF7xLsnq5vq/YtS/EeLA5jIXRSZXk21syNLT sS4j+xX+fpOwU0I19so3Y921D4wo0iUSXQnIsja35wmSqb+K2b9Td4xYswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBrSiKgMi1yqEma2AP/zp1qLfkf6MB8GA1UdIwQY MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkqCsO3V aB8ndo0P6acLKJlircRRW+xlSgTByY2dtalbYAQ2XyWw8WXhvp5YMEinuWeCZgaZ 8Mj22EiGcCXDk5C4wo+k9GL4sIx/qLgMLa5eadd8kkEXSWs/pDFODhut5p+Ltdgo efo+j94/qMxSMLeqYusRlDTEdRyWkj1kfvoRdujXYy9hove7HJHpOuFH7fRq+S5n N8PQfgPf1pZCWYP+HSho1P78tqAhLYIPM2z81h71v1cYHd8nTf/Um+gcZDX4CN4M 3ehp/46ZhKuSc7GPXjC9FHY6X9IiJIKrAga5En760FHHOs2h2EpQ+wAyMyizNpLz MCb8oJ6SDNjW6g== -----END CERTIFICATE-----Generated at Fri Dec 19 22:39:11 2025 by rpki-client