This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft File: OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft (raw, json) Hash identifier: 94kqauRZ9No+ck4u/rVs1m4DfG3N94+ZtGbjzVhv3RQ= Subject key identifier: 3B:6A:F4:20:C5:8B:1C:37:D7:38:64:ED:9E:05:9B:C6:57:2E:86:B2 Authority key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D Certificate issuer: /CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d Certificate serial: 019B495E1B038618B8EFA2538C70A95EAE0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft Manifest number: 142B Signing time: Tue 23 Dec 2025 04:01:02 +0000 Manifest this update: Tue 23 Dec 2025 04:01:02 +0000 Manifest next update: Wed 24 Dec 2025 04:01:02 +0000 Files and hashes: 1: OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl (hash: SR9LqSp6mkmpa+YBsoyQ7tp1U4G2UOu75mvyGskFqmY=) 2: PQhWLSkGUa_VMVGVuYBQSUZ_P_A.roa (hash: 3kRwsyvbLLbFqSNU/EJCsmBYkp3oO56TR7kGsRhAuv4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:5e:1b:03:86:18:b8:ef:a2:53:8c:70:a9:5e:ae:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d Validity Not Before: Dec 23 04:01:02 2025 GMT Not After : Dec 24 04:01:02 2025 GMT Subject: CN=3b6af420c58b1c37d73864ed9e059bc6572e86b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e8:ba:b5:10:17:9f:18:6f:0d:fd:a6:5b:52: a9:4b:21:91:54:49:eb:8d:5f:3b:25:98:e1:72:10: 37:17:44:77:13:d9:41:38:bb:05:4d:fc:1f:69:9e: 8f:c6:cb:31:3c:19:c6:e9:b8:6d:4e:b9:02:29:87: bc:52:74:d4:f6:27:21:d9:e7:43:5b:4a:e7:37:09: b9:73:78:f7:7f:c9:85:05:5d:49:4b:8e:da:ab:3d: a6:bc:3a:11:34:48:f2:51:2c:fd:05:3d:2b:f5:89: 8b:87:8c:28:bc:f5:a5:e8:7d:d8:36:b6:f7:e9:a7: 8a:b1:b2:ad:be:1d:e4:ea:9b:60:9d:bf:dd:07:e3: 43:47:ad:62:75:2c:1e:df:8e:15:93:ec:4a:1c:32: 2b:58:b7:19:37:80:7d:fd:07:fa:cf:e1:50:6d:25: 9e:4b:36:c2:7d:9c:59:08:e5:48:05:d9:4c:7d:04: 2c:0e:80:70:30:f2:b1:71:48:9d:1e:48:44:65:56: ed:74:45:98:37:e4:e0:ac:64:de:55:a2:f4:b3:5d: b5:2c:0d:0a:a3:89:5c:3b:d6:ea:05:de:68:be:0f: 76:6c:a1:79:30:e8:86:6c:3d:ed:ec:14:cc:60:18: 9b:bd:18:cd:cc:af:48:c8:e4:e1:91:0d:30:c1:3d: 27:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:6A:F4:20:C5:8B:1C:37:D7:38:64:ED:9E:05:9B:C6:57:2E:86:B2 X509v3 Authority Key Identifier: keyid:38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:2f:9f:68:8b:df:84:7a:05:ba:d7:3c:77:53:53:59:60:c5: 17:36:aa:dd:a5:3c:e2:3a:54:aa:71:03:38:08:a5:4b:f2:55: 87:7d:be:cf:3c:91:66:84:4f:43:c1:3a:ac:dd:29:1a:58:17: 80:2c:d0:b7:a9:d5:d6:eb:0c:56:d4:94:9d:9e:68:4c:b4:99: 8f:28:6d:76:16:66:49:b3:1c:c9:e5:ef:fa:55:5d:26:71:43: 76:86:af:72:25:e4:7e:01:b0:86:74:51:56:8d:52:58:48:a3: c1:5b:fd:26:dc:18:1f:7c:5a:a9:20:44:d3:58:14:a9:ee:23: 00:dd:34:5b:df:d2:ca:bb:cc:c5:f3:cb:1b:c0:8f:e4:11:e0: 69:31:7f:b6:7d:de:2f:78:a1:4a:9b:6d:e2:e9:7b:23:a3:e3: 0e:1b:bb:5e:8c:86:a9:a8:e7:1a:46:a2:73:96:21:0a:78:e4: c9:c5:25:b7:db:01:25:e0:74:f9:26:b8:fb:1d:ff:62:54:08: aa:af:bd:bd:c6:57:45:a4:c8:d0:d9:19:0f:6b:a4:ed:68:0d: 47:80:cf:f1:cf:0d:57:6b:ae:32:ed:8c:66:68:e5:91:84:42: 3e:0d:1a:68:f0:b8:36:3f:75:50:2a:ea:56:1c:38:b9:cc:df: b8:3b:95:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJXhsDhhi476JTjHCpXq4OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NTNhZjUwMTQ0OTliMmZiNWNkMmMxZTY4YTI0ZmY4MjU2 ZDBkMGQwHhcNMjUxMjIzMDQwMTAyWhcNMjUxMjI0MDQwMTAyWjAzMTEwLwYDVQQD EygzYjZhZjQyMGM1OGIxYzM3ZDczODY0ZWQ5ZTA1OWJjNjU3MmU4NmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Oi6tRAXnxhvDf2mW1KpSyGRVEnr jV87JZjhchA3F0R3E9lBOLsFTfwfaZ6PxssxPBnG6bhtTrkCKYe8UnTU9ich2edD W0rnNwm5c3j3f8mFBV1JS47aqz2mvDoRNEjyUSz9BT0r9YmLh4wovPWl6H3YNrb3 6aeKsbKtvh3k6ptgnb/dB+NDR61idSwe344Vk+xKHDIrWLcZN4B9/Qf6z+FQbSWe SzbCfZxZCOVIBdlMfQQsDoBwMPKxcUidHkhEZVbtdEWYN+TgrGTeVaL0s121LA0K o4lcO9bqBd5ovg92bKF5MOiGbD3t7BTMYBibvRjNzK9IyOThkQ0wwT0nKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtq9CDFixw31zhk7Z4Fm8ZXLoayMB8GA1UdIwQY MBaAFDhTr1AUSZsvtc0sHmiiT/glbQ0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5Zjgt ZGNiNTZhY2I3NzdmLzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5ZjgtZGNiNTZhY2I3Nzdm LzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXC+faIvf hHoFutc8d1NTWWDFFzaq3aU84jpUqnEDOAilS/JVh32+zzyRZoRPQ8E6rN0pGlgX gCzQt6nV1usMVtSUnZ5oTLSZjyhtdhZmSbMcyeXv+lVdJnFDdoavciXkfgGwhnRR Vo1SWEijwVv9JtwYH3xaqSBE01gUqe4jAN00W9/SyrvMxfPLG8CP5BHgaTF/tn3e L3ihSptt4ul7I6PjDhu7XoyGqajnGkaic5YhCnjkycUlt9sBJeB0+Sa4+x3/YlQI qq+9vcZXRaTI0NkZD2uk7WgNR4DP8c8NV2uuMu2MZmjlkYRCPg0aaPC4Nj91UCrq Vhw4uczfuDuVww== -----END CERTIFICATE-----Generated at Tue Dec 23 06:07:46 2025 by rpki-client