This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json) Hash identifier: quFLX70D9P4dPswVOnYzFwAaoYKeBnhYUvWfCESxc4A= Subject key identifier: 77:23:E0:33:10:40:1E:C8:68:A8:98:A4:2E:9E:DD:BB:DB:CE:CD:34 Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Certificate serial: 019B2664CB520FBAE617B33578E2693F9677 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft Manifest number: 0EFF Signing time: Tue 16 Dec 2025 09:01:38 +0000 Manifest this update: Tue 16 Dec 2025 09:01:38 +0000 Manifest next update: Wed 17 Dec 2025 09:01:38 +0000 Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: w+/r+DevR1HEUhcDGl49fVO/CZp29/8NW0SQDjgAXn4=) 2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 09:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:64:cb:52:0f:ba:e6:17:b3:35:78:e2:69:3f:96:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Validity Not Before: Dec 16 09:01:38 2025 GMT Not After : Dec 17 09:01:38 2025 GMT Subject: CN=7723e03310401ec868a898a42e9eddbbdbcecd34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:4a:a7:1f:33:66:2d:12:c4:dd:d9:97:dc:e5: cf:f1:4f:2f:3b:80:c2:73:63:3c:e4:48:81:c9:ba: 8c:65:5e:a3:47:98:3d:49:71:f0:71:b0:89:81:7f: a8:13:90:bc:48:05:8f:3c:1f:51:59:93:70:85:9e: fe:06:b3:00:b2:b3:a8:68:97:56:cf:21:08:45:50: 00:0b:93:26:6d:bd:0b:48:f7:f3:b2:55:42:fe:aa: 36:f5:74:49:a2:e4:12:0c:67:b0:ca:f2:48:6c:58: 93:de:99:5c:a2:8e:26:4f:a6:19:89:8b:65:35:b4: b4:ee:35:4c:39:94:55:b9:3f:0f:d8:c5:cc:8a:a0: 40:67:0e:97:a5:58:31:10:d5:c4:3f:fb:f1:57:d1: d8:b3:f6:bd:8e:fd:09:e9:7d:52:b2:ca:d8:29:79: 80:f2:81:c8:41:0e:9b:5c:d8:0f:91:cb:27:8e:7a: 15:7a:0a:33:17:a2:a3:dc:b6:a1:a1:bb:2c:2a:a5: c1:c6:95:db:08:a2:92:2f:df:45:a3:33:14:32:e1: 46:ba:53:9a:b5:82:39:54:21:a0:18:28:e9:eb:ad: f0:a9:d5:f7:ec:6b:ab:65:5a:2b:df:e1:e1:1a:f2: be:8c:ad:dc:de:b2:14:f2:e7:be:5a:48:82:9a:3b: e1:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:23:E0:33:10:40:1E:C8:68:A8:98:A4:2E:9E:DD:BB:DB:CE:CD:34 X509v3 Authority Key Identifier: keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:25:db:25:fa:a2:cc:3e:ad:6d:4e:84:b9:27:0c:e2:ee:31: 66:dd:a5:11:90:9f:b9:79:d9:e9:f5:98:44:7a:af:0b:e8:64: 20:8e:70:c9:c0:88:0d:d8:ba:fa:79:1d:a2:e2:1c:a7:34:44: 5f:6e:c0:06:8e:2d:72:03:59:80:ae:8a:0b:99:e7:5d:c3:ff: 72:b0:c1:05:a5:56:9f:85:1e:79:a6:1f:f0:8d:aa:00:ab:a5: 97:1f:8f:41:7d:72:db:51:c8:e3:c4:58:11:2b:40:0d:55:12: 5d:4f:ea:1f:7d:2e:9d:3c:bc:32:c5:4b:93:4c:ce:a1:5d:de: ed:f9:60:1a:c6:a9:2d:4a:f0:8d:c6:e1:86:d7:95:92:7e:64: dd:65:a7:8b:46:48:e3:be:f0:32:96:51:fa:b5:18:2e:ff:56: 08:60:77:ab:48:49:e1:48:87:85:f3:ae:a0:8a:69:38:fa:85: a9:15:99:44:46:29:ac:a1:35:ff:f0:04:fd:87:aa:5e:70:1d: 39:f6:7b:13:3f:90:73:eb:93:d7:25:ea:e1:f1:0b:27:c5:b7: 79:99:d4:09:76:4b:75:a8:66:79:fa:0b:23:74:b5:88:77:b5: 47:3d:c8:2a:85:01:d4:b6:5c:70:7b:26:20:2b:43:42:d6:76: 8e:7b:27:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmZMtSD7rmF7M1eOJpP5Z3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli ZDNhOWEwHhcNMjUxMjE2MDkwMTM4WhcNMjUxMjE3MDkwMTM4WjAzMTEwLwYDVQQD Eyg3NzIzZTAzMzEwNDAxZWM4NjhhODk4YTQyZTllZGRiYmRiY2VjZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkqnHzNmLRLE3dmX3OXP8U8vO4DC c2M85EiBybqMZV6jR5g9SXHwcbCJgX+oE5C8SAWPPB9RWZNwhZ7+BrMAsrOoaJdW zyEIRVAAC5Mmbb0LSPfzslVC/qo29XRJouQSDGewyvJIbFiT3plcoo4mT6YZiYtl NbS07jVMOZRVuT8P2MXMiqBAZw6XpVgxENXEP/vxV9HYs/a9jv0J6X1SssrYKXmA 8oHIQQ6bXNgPkcsnjnoVegozF6Kj3LahobssKqXBxpXbCKKSL99FozMUMuFGulOa tYI5VCGgGCjp663wqdX37GurZVor3+HhGvK+jK3c3rIU8ue+WkiCmjvhsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHcj4DMQQB7IaKiYpC6e3bvbzs00MB8GA1UdIwQY MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSXbJfqi zD6tbU6EuScM4u4xZt2lEZCfuXnZ6fWYRHqvC+hkII5wycCIDdi6+nkdouIcpzRE X27ABo4tcgNZgK6KC5nnXcP/crDBBaVWn4UeeaYf8I2qAKullx+PQX1y21HI48RY EStADVUSXU/qH30unTy8MsVLk0zOoV3e7flgGsapLUrwjcbhhteVkn5k3WWni0ZI 477wMpZR+rUYLv9WCGB3q0hJ4UiHhfOuoIppOPqFqRWZREYprKE1//AE/YeqXnAd OfZ7Ez+Qc+uT1yXq4fELJ8W3eZnUCXZLdahmefoLI3S1iHe1Rz3IKoUB1LZccHsm ICtDQtZ2jnsnRg== -----END CERTIFICATE-----Generated at Tue Dec 16 15:01:26 2025 by rpki-client