This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft File: OpL12TZ1K68tDfcTKZSZzs-p9I0.mft (raw, json) Hash identifier: 5V5Uax9e1qnkDuH2vyzAf+CNaXC2GSrTxId1oxt4fuw= Subject key identifier: C4:43:0E:3A:04:F8:39:1F:B8:C3:37:D8:0D:C7:C5:24:35:72:7F:79 Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d Certificate serial: 019B39B3C2EC1F3300F838C27748C7BAA91A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft Manifest number: 178D Signing time: Sat 20 Dec 2025 03:00:40 +0000 Manifest this update: Sat 20 Dec 2025 03:00:40 +0000 Manifest next update: Sun 21 Dec 2025 03:00:40 +0000 Files and hashes: 1: NJaotZFnvbCZC6dKCr_vEzEYn6M.roa (hash: dqeYK6phWm8PSJhw0mmBUevUz1KleMZYBxhoQuo4/mw=) 2: OpL12TZ1K68tDfcTKZSZzs-p9I0.crl (hash: 21S1FzeNrjWMDC/2Bcsh7bSsvKoM251fLdhGUWCdV/Q=) 3: abyvfDmy4Q3zVDJIfxfSkrtZdLo.roa (hash: IZm94vPLNr133XeI56Dl5DQUBKwgG1pbFRgf8ws+6Pw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b3:c2:ec:1f:33:00:f8:38:c2:77:48:c7:ba:a9:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d Validity Not Before: Dec 20 03:00:40 2025 GMT Not After : Dec 21 03:00:40 2025 GMT Subject: CN=c4430e3a04f8391fb8c337d80dc7c52435727f79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ae:6d:ac:cc:e2:e6:00:38:74:1a:82:46:6d: 11:3b:4f:89:ed:ee:8d:5a:fc:b7:ac:25:07:31:87: ec:fe:7a:11:48:1d:d2:7f:68:1c:74:74:4c:38:c1: cb:42:2d:51:98:85:0a:28:71:0f:b7:c2:dd:f8:5e: b9:57:46:38:67:04:d9:36:10:7b:5e:7d:d4:13:ec: 47:0f:5d:63:13:15:a1:7b:71:73:50:8d:78:62:85: 0c:b2:b2:53:5c:81:1d:ea:2f:29:dc:b1:d8:fa:e0: 49:c5:a9:f2:c1:e6:aa:d9:af:38:c0:3e:af:8d:c5: 73:43:e6:0c:40:91:95:ca:01:42:71:ad:50:82:6d: 81:ef:ad:5c:79:f9:0e:ae:dc:72:eb:ac:a9:57:d4: e4:b3:23:cf:e3:49:52:a5:f4:60:62:8f:fc:4b:8f: 43:a4:b5:fb:d1:9a:49:8c:3a:4c:3b:a3:ca:f6:9a: fc:49:4a:e2:8b:82:36:99:8b:0a:d3:7a:c8:a2:eb: 8b:d4:68:c4:8b:f9:21:15:44:e5:13:f1:59:ab:33: 80:e7:3a:5a:21:f2:b9:09:13:af:81:1b:08:de:ab: ad:97:56:9c:0e:68:93:f7:69:13:94:c1:00:60:57: 8b:0b:f0:12:70:42:d8:ca:12:12:46:70:51:4c:26: ce:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:43:0E:3A:04:F8:39:1F:B8:C3:37:D8:0D:C7:C5:24:35:72:7F:79 X509v3 Authority Key Identifier: keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:79:9c:00:c4:f6:d3:c9:2f:4e:db:70:6e:98:25:ce:e5:73: 5a:1c:3a:43:a9:3d:80:dc:1c:ee:eb:07:6b:fa:5f:c3:45:40: 49:26:c4:de:a6:40:a2:2e:b7:76:c9:e0:14:fa:88:29:b7:ba: 24:d8:c5:1c:fd:33:01:ed:9b:34:f6:7b:36:06:97:00:2d:3a: d7:4e:23:14:7e:d8:a4:be:8a:7a:27:cd:d9:76:0e:19:96:37: c9:88:dc:f9:ac:c3:bb:24:02:2e:aa:21:a0:00:1c:d0:bc:57: bf:b9:ff:5f:11:f2:14:a2:1a:82:ac:6f:40:79:ab:47:d1:c1: 67:a7:dc:35:c7:65:00:28:90:1e:ef:bd:9f:82:8e:d4:f9:9a: 01:7d:eb:27:fa:4a:d6:e7:23:b4:aa:49:0a:99:3a:31:6a:14: b4:9c:f2:4c:56:39:2e:bb:82:05:92:f1:35:81:f2:eb:56:75: 05:6a:4e:21:d5:9b:4f:cd:38:4d:9f:b6:86:6d:2a:b5:b8:c1: f7:ef:0f:ba:cb:a1:85:4d:4b:78:df:84:6e:32:9e:91:1b:64: 51:4d:b5:3a:25:92:ea:cc:0a:a8:30:94:15:22:31:8c:6b:c4: b4:f8:2f:dc:7e:9b:45:9f:a7:b1:80:f1:90:ab:da:4e:9b:5c: 47:d5:25:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5s8LsHzMA+DjCd0jHuqkaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh OWY0OGQwHhcNMjUxMjIwMDMwMDQwWhcNMjUxMjIxMDMwMDQwWjAzMTEwLwYDVQQD EyhjNDQzMGUzYTA0ZjgzOTFmYjhjMzM3ZDgwZGM3YzUyNDM1NzI3Zjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4K5trMzi5gA4dBqCRm0RO0+J7e6N Wvy3rCUHMYfs/noRSB3Sf2gcdHRMOMHLQi1RmIUKKHEPt8Ld+F65V0Y4ZwTZNhB7 Xn3UE+xHD11jExWhe3FzUI14YoUMsrJTXIEd6i8p3LHY+uBJxanyweaq2a84wD6v jcVzQ+YMQJGVygFCca1Qgm2B761cefkOrtxy66ypV9TksyPP40lSpfRgYo/8S49D pLX70ZpJjDpMO6PK9pr8SUrii4I2mYsK03rIouuL1GjEi/khFUTlE/FZqzOA5zpa IfK5CROvgRsI3qutl1acDmiT92kTlMEAYFeLC/AScELYyhISRnBRTCbOZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMRDDjoE+DkfuMM32A3HxSQ1cn95MB8GA1UdIwQY MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt MTY5NmIyNDZjZDUwLzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3mcAMT2 08kvTttwbpglzuVzWhw6Q6k9gNwc7usHa/pfw0VASSbE3qZAoi63dsngFPqIKbe6 JNjFHP0zAe2bNPZ7NgaXAC06104jFH7YpL6KeifN2XYOGZY3yYjc+azDuyQCLqoh oAAc0LxXv7n/XxHyFKIagqxvQHmrR9HBZ6fcNcdlACiQHu+9n4KO1PmaAX3rJ/pK 1ucjtKpJCpk6MWoUtJzyTFY5LruCBZLxNYHy61Z1BWpOIdWbT804TZ+2hm0qtbjB 9+8PusuhhU1LeN+EbjKekRtkUU21OiWS6swKqDCUFSIxjGvEtPgv3H6bRZ+nsYDx kKvaTptcR9Ul4A== -----END CERTIFICATE-----Generated at Sat Dec 20 09:09:51 2025 by rpki-client