This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft File: o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft (raw, json) Hash identifier: wOXUmE3xZGC+YFP7piVRCqbyiTfRzyNxGhd7MHtzCfQ= Subject key identifier: 0F:14:EA:24:89:34:F7:71:6B:DB:34:A6:B4:79:30:ED:CA:88:71:AE Authority key identifier: A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB Certificate issuer: /CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab Certificate serial: 019B5976970F81E829C5070A088C706BAFA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft Manifest number: 1789 Signing time: Fri 26 Dec 2025 07:01:42 +0000 Manifest this update: Fri 26 Dec 2025 07:01:42 +0000 Manifest next update: Sat 27 Dec 2025 07:01:42 +0000 Files and hashes: 1: JQFRevUesYnGzWy86if_lRLWdpc.roa (hash: t3BYwJZyAAH5HRBi+AIKc99FxTLmFzwx0nZw4AplB88=) 2: o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl (hash: lIDRMZv62geVWjlleHawCFLfqdTxK6OypLae18r6zeY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:97:0f:81:e8:29:c5:07:0a:08:8c:70:6b:af:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab Validity Not Before: Dec 26 07:01:42 2025 GMT Not After : Dec 27 07:01:42 2025 GMT Subject: CN=0f14ea248934f7716bdb34a6b47930edca8871ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:a6:1d:6d:3c:d2:c2:60:2a:5b:dd:77:0f:d2: 5e:34:2f:e6:2a:d9:12:b8:25:3f:81:ed:d1:b4:fb: 12:b1:0b:c8:1a:88:d2:31:a1:3b:49:3e:f6:26:bb: 25:a4:5f:67:b0:be:dc:e5:dd:d1:c3:96:45:f6:92: a4:e5:5f:9f:04:a3:a0:05:ef:07:34:1c:0f:9a:17: a0:8e:ab:39:5d:eb:a8:10:ee:92:85:be:61:7c:0a: fa:f4:ef:46:69:b3:03:fc:25:7d:2e:2b:9d:7e:a0: 17:90:28:dc:da:b6:f2:d1:87:1d:94:d1:0d:cf:9d: bf:9c:0d:ff:1d:4e:4a:19:2b:03:22:9b:48:58:bc: ca:ee:25:5d:01:b5:41:d4:a9:9b:61:4b:38:5a:49: 87:f0:3d:ae:46:e0:91:7b:f6:be:61:02:51:ce:c3: 5e:71:81:cd:7c:5e:e5:aa:42:15:77:eb:08:4c:2d: a2:c7:52:e8:bc:1d:a4:7d:cb:1e:38:b2:b6:58:a9: 6d:84:d3:98:93:02:fd:61:9b:8a:38:ca:03:86:f8: 9f:57:e4:19:63:a1:11:7c:46:b9:11:38:2d:1d:90: 95:c8:2e:de:71:96:03:9d:dd:9d:7f:61:2a:98:65: aa:66:5f:93:31:5a:5b:0b:c0:67:13:b3:2f:57:00: 81:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:14:EA:24:89:34:F7:71:6B:DB:34:A6:B4:79:30:ED:CA:88:71:AE X509v3 Authority Key Identifier: keyid:A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:02:db:86:89:4f:97:a4:08:d7:58:b7:64:1d:03:92:c9:8d: 8a:6e:15:66:51:eb:d4:61:ef:07:2a:27:65:c3:8f:68:4d:b6: 8e:81:85:a0:ae:0d:d7:e2:c6:bf:4c:28:2e:42:a2:d3:17:33: 2a:76:71:75:2f:6e:b7:16:6f:e0:bd:ee:89:14:73:e2:3c:7b: 60:43:f3:cc:0e:13:9b:fb:b4:cf:5d:c8:d8:98:96:5a:1f:72: 89:bb:b1:58:82:e0:c0:c2:46:cb:b9:b6:8c:36:eb:dd:69:c6: e9:64:1b:ea:9e:2a:eb:2d:8c:c0:63:76:55:6c:b6:60:ac:45: 79:54:4e:97:e5:f1:e3:a1:95:72:b1:1c:b2:d2:fe:00:65:ac: eb:a6:3b:26:a4:f1:39:48:f9:e4:af:17:c9:1c:46:8a:b7:cd: 12:8a:15:ba:37:d6:65:35:78:22:ff:1b:5c:92:6d:ef:36:52: 38:06:ed:ff:e8:f8:0d:9e:b0:5d:c2:20:55:fe:07:4f:62:c2: 29:65:bf:08:ff:95:ba:5c:10:3f:eb:a0:1a:5c:bc:f9:0a:c1: fb:ac:02:fd:d3:22:35:77:f1:cc:12:81:82:4d:55:fe:ce:36: 40:47:09:74:27:29:c5:dd:47:7d:31:fc:f5:1b:80:e1:8d:e0: 8c:a8:a0:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdpcPgegpxQcKCIxwa6+oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjZmMzViYWM2MWEwYWJmNzFkMThkNmIxMDYzZDVjOTMz YTI0YWIwHhcNMjUxMjI2MDcwMTQyWhcNMjUxMjI3MDcwMTQyWjAzMTEwLwYDVQQD EygwZjE0ZWEyNDg5MzRmNzcxNmJkYjM0YTZiNDc5MzBlZGNhODg3MWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qYdbTzSwmAqW913D9JeNC/mKtkS uCU/ge3RtPsSsQvIGojSMaE7ST72JrslpF9nsL7c5d3Rw5ZF9pKk5V+fBKOgBe8H NBwPmhegjqs5XeuoEO6Shb5hfAr69O9GabMD/CV9LiudfqAXkCjc2rby0YcdlNEN z52/nA3/HU5KGSsDIptIWLzK7iVdAbVB1KmbYUs4WkmH8D2uRuCRe/a+YQJRzsNe cYHNfF7lqkIVd+sITC2ix1LovB2kfcseOLK2WKlthNOYkwL9YZuKOMoDhvifV+QZ Y6ERfEa5ETgtHZCVyC7ecZYDnd2df2EqmGWqZl+TMVpbC8BnE7MvVwCBawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA8U6iSJNPdxa9s0prR5MO3KiHGuMB8GA1UdIwQY MBaAFKNm81usYaCr9x0Y1rEGPVyTOiSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEt MzE5MDc5NWU4NjNiLzEvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEtMzE5MDc5NWU4NjNi LzEvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcwLbholP l6QI11i3ZB0DksmNim4VZlHr1GHvByonZcOPaE22joGFoK4N1+LGv0woLkKi0xcz KnZxdS9utxZv4L3uiRRz4jx7YEPzzA4Tm/u0z13I2JiWWh9yibuxWILgwMJGy7m2 jDbr3WnG6WQb6p4q6y2MwGN2VWy2YKxFeVROl+Xx46GVcrEcstL+AGWs66Y7JqTx OUj55K8XyRxGirfNEooVujfWZTV4Iv8bXJJt7zZSOAbt/+j4DZ6wXcIgVf4HT2LC KWW/CP+VulwQP+ugGly8+QrB+6wC/dMiNXfxzBKBgk1V/s42QEcJdCcpxd1HfTH8 9RuA4Y3gjKigEg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:56 2025 by rpki-client