This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft File: OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json) Hash identifier: tBR/G1PgOwdhffVOrB+ciKfFndFWjspy4TVRerxv4DU= Subject key identifier: 4B:15:DB:E2:8D:A1:6B:19:B2:7A:D1:32:86:8E:A1:3A:7A:B0:06:D5 Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD Certificate issuer: /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Certificate serial: 019B5AF63147BC462CDC2457E055ADD37C58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft Manifest number: 0371 Signing time: Fri 26 Dec 2025 14:00:42 +0000 Manifest this update: Fri 26 Dec 2025 14:00:42 +0000 Manifest next update: Sat 27 Dec 2025 14:00:42 +0000 Files and hashes: 1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: W9SzEkGHSeHVviaszZkasb1TNiF8fUTHOlt+FDsOrW0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:31:47:bc:46:2c:dc:24:57:e0:55:ad:d3:7c:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Validity Not Before: Dec 26 14:00:42 2025 GMT Not After : Dec 27 14:00:42 2025 GMT Subject: CN=4b15dbe28da16b19b27ad132868ea13a7ab006d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:4f:96:47:e6:0b:76:9c:8c:76:aa:7a:5f:21: 71:bd:93:3f:72:ae:c2:83:37:ac:08:c0:bb:c5:38: cd:db:03:b7:9e:6b:cc:6e:95:4a:32:24:85:09:b4: fa:4f:02:54:f0:08:64:60:69:95:78:cd:6a:2d:2f: b2:84:d0:a5:8d:8f:12:30:a6:8c:c6:da:10:ff:0e: 2c:a0:d7:ca:af:e2:0a:ea:23:0e:a5:f0:55:cb:99: 11:29:0d:4b:c1:c0:74:9b:7a:0e:46:22:d0:74:ec: 2b:d6:dc:ec:07:73:80:44:3d:a8:a5:f0:dd:e2:f8: 7b:35:62:97:e2:0b:b6:a7:51:6f:73:48:bf:ea:ef: 1c:83:cf:f9:37:24:a9:c8:80:05:ef:51:eb:12:a6: 8e:f7:7a:39:8a:e2:00:f4:a6:ee:8c:e2:3d:e5:94: 31:5f:f4:b3:72:e7:dd:49:7e:5e:5a:5a:49:0f:46: eb:57:74:9f:c0:bb:5c:b3:d2:29:95:5c:9b:c9:77: 36:7b:9e:4d:52:3e:13:46:48:c4:83:7b:9f:60:57: 58:2c:04:5e:96:5f:c0:13:46:39:29:60:b9:50:21: 20:ea:3e:94:73:f1:b0:b7:6a:70:ee:71:fc:86:a6: c6:bb:c1:5e:2b:54:68:55:c4:94:d7:a3:94:1c:dc: 2c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:15:DB:E2:8D:A1:6B:19:B2:7A:D1:32:86:8E:A1:3A:7A:B0:06:D5 X509v3 Authority Key Identifier: keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:18:b7:61:e9:fc:18:f7:33:3f:e5:d4:8e:ad:df:a9:2a:c8: 4a:dc:41:b9:15:00:da:61:67:80:50:97:2e:32:35:2d:d3:da: 2e:03:df:28:90:de:15:4b:d0:c0:ea:f8:2d:78:0b:4e:e1:4e: 7c:be:c5:d7:bd:aa:20:78:a9:c9:31:60:8a:58:24:62:af:c4: 17:6e:75:cf:47:84:f2:8d:3d:db:e0:0e:34:1d:94:e4:52:3f: 6a:38:95:f5:4b:96:45:d7:6d:03:6a:4a:f5:09:3e:2c:1c:0c: 92:45:37:e3:b4:97:cc:f7:86:77:df:28:25:33:29:dc:5b:0e: 1f:5e:a0:66:49:85:22:88:1a:4f:61:24:40:65:33:83:c2:03: ae:fe:2d:d9:36:0c:f3:dd:13:a4:2d:0a:53:13:f3:57:bd:fb: 3e:0f:5f:5e:0c:43:44:56:bc:ef:a9:6e:fc:bc:54:a8:a9:c8: 5a:71:48:32:88:4b:e9:f3:64:7e:32:a1:41:c1:8c:17:eb:bd: 92:e5:1c:d8:fb:e7:76:03:f1:f7:5d:2d:94:aa:a3:47:ca:c1: b4:bc:00:54:c7:a1:38:ef:98:ef:c4:c0:75:b0:4e:6d:c7:47: 3a:67:27:ac:06:ed:6a:3a:2f:98:09:93:eb:99:3b:a2:e0:1d: d2:67:16:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9jFHvEYs3CRX4FWt03xYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2 NjYxYWQwHhcNMjUxMjI2MTQwMDQyWhcNMjUxMjI3MTQwMDQyWjAzMTEwLwYDVQQD Eyg0YjE1ZGJlMjhkYTE2YjE5YjI3YWQxMzI4NjhlYTEzYTdhYjAwNmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1E+WR+YLdpyMdqp6XyFxvZM/cq7C gzesCMC7xTjN2wO3nmvMbpVKMiSFCbT6TwJU8AhkYGmVeM1qLS+yhNCljY8SMKaM xtoQ/w4soNfKr+IK6iMOpfBVy5kRKQ1LwcB0m3oORiLQdOwr1tzsB3OARD2opfDd 4vh7NWKX4gu2p1Fvc0i/6u8cg8/5NySpyIAF71HrEqaO93o5iuIA9KbujOI95ZQx X/SzcufdSX5eWlpJD0brV3SfwLtcs9IplVybyXc2e55NUj4TRkjEg3ufYFdYLARe ll/AE0Y5KWC5UCEg6j6Uc/Gwt2pw7nH8hqbGu8FeK1RoVcSU16OUHNwsowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEsV2+KNoWsZsnrRMoaOoTp6sAbVMB8GA1UdIwQY MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0 LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALBi3Yen8 GPczP+XUjq3fqSrIStxBuRUA2mFngFCXLjI1LdPaLgPfKJDeFUvQwOr4LXgLTuFO fL7F172qIHipyTFgilgkYq/EF251z0eE8o092+AONB2U5FI/ajiV9UuWRddtA2pK 9Qk+LBwMkkU347SXzPeGd98oJTMp3FsOH16gZkmFIogaT2EkQGUzg8IDrv4t2TYM 890TpC0KUxPzV737Pg9fXgxDRFa876lu/LxUqKnIWnFIMohL6fNkfjKhQcGMF+u9 kuUc2PvndgPx910tlKqjR8rBtLwAVMehOO+Y78TAdbBObcdHOmcnrAbtajovmAmT 65k7ouAd0mcWoQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:05:22 2025 by rpki-client