This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft File: OJDnpFSaVx9otoja1PXO2OUpBos.mft (raw, json) Hash identifier: dGFgGW6gk1RYXJfCoxJ58oJaEv8q66cgXboH4V8cRXo= Subject key identifier: 1A:B8:A8:7D:17:A1:08:E2:8C:38:8E:5D:FD:EE:8E:B3:19:40:46:A1 Authority key identifier: 38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B Certificate issuer: /CN=3890e7a4549a571f68b688dad4f5ced8e529068b Certificate serial: 019B5977C66D9D03D9977A9922941D5438DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft Manifest number: 1797 Signing time: Fri 26 Dec 2025 07:03:00 +0000 Manifest this update: Fri 26 Dec 2025 07:03:00 +0000 Manifest next update: Sat 27 Dec 2025 07:03:00 +0000 Files and hashes: 1: OJDnpFSaVx9otoja1PXO2OUpBos.crl (hash: ECmBQzv//fqeFh+GzzLxN7D8zvNhJSk6iwyjObDLxK8=) 2: XaY9bUiZ_CFGYXPkNboje_P8adc.roa (hash: b9+EkuxILTVWiZrAAhWN9xohV/5GiE1XVfEOgozpLGc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:c6:6d:9d:03:d9:97:7a:99:22:94:1d:54:38:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3890e7a4549a571f68b688dad4f5ced8e529068b Validity Not Before: Dec 26 07:03:00 2025 GMT Not After : Dec 27 07:03:00 2025 GMT Subject: CN=1ab8a87d17a108e28c388e5dfdee8eb3194046a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b6:50:8c:4c:c6:51:5c:4c:23:47:93:1f:31: 86:47:f5:b0:68:d4:93:75:81:f6:27:6a:5c:81:f4: 72:10:03:83:5e:31:60:cc:9a:03:b0:bc:b1:4d:ae: 80:c4:37:2d:a3:c5:9e:7d:2c:6b:d3:9f:d4:c3:f6: c4:cd:19:ac:0d:64:63:f6:8b:1a:a6:30:9f:94:fc: 95:08:5e:11:02:5d:64:36:d1:40:5b:dc:43:03:ab: 92:d8:fa:89:c9:0e:c0:23:da:5a:a8:10:a4:f9:7b: 27:50:55:65:ed:f1:19:e5:15:ac:10:1e:ae:a1:db: 9f:b2:0b:36:03:0d:66:db:4d:e8:2a:92:b2:cb:05: c9:20:78:4c:7e:db:55:1f:19:14:49:63:6a:a5:6d: fb:64:1e:bb:85:4f:a2:bc:f5:f7:d5:74:67:67:4e: b3:31:05:36:99:5a:a4:00:99:16:bc:50:44:d6:c7: 24:e2:61:7d:38:20:87:7e:11:ad:9d:a4:f6:38:e1: 75:ef:f2:0d:4f:55:67:1f:d9:c3:7e:3f:75:1b:ae: 68:4d:4e:65:c6:9a:84:1b:47:9c:b1:74:e9:fa:32: eb:be:f7:f0:11:22:17:87:0e:5c:05:b7:aa:8c:b3: 12:3f:81:b1:89:57:07:f2:68:45:a0:d2:df:13:0c: dc:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:B8:A8:7D:17:A1:08:E2:8C:38:8E:5D:FD:EE:8E:B3:19:40:46:A1 X509v3 Authority Key Identifier: keyid:38:90:E7:A4:54:9A:57:1F:68:B6:88:DA:D4:F5:CE:D8:E5:29:06:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJDnpFSaVx9otoja1PXO2OUpBos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/25df4e-afc5-4c50-8de2-94812c7f449e/1/OJDnpFSaVx9otoja1PXO2OUpBos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:f2:af:89:79:d2:9c:d2:4d:bd:40:8b:fe:74:26:08:93:b2: bc:83:10:de:87:0d:ea:6f:15:9b:1f:b9:22:30:b5:03:50:34: ad:e3:f6:06:25:bc:01:1d:0b:e1:3e:3f:e3:bc:dd:f9:c7:99: d8:70:5e:a9:e8:44:40:b2:e6:36:f3:e0:cd:08:5e:68:88:a7: b5:2f:ed:0b:15:f6:a1:36:d9:22:ab:ce:43:1c:27:56:2e:00: 17:94:4a:71:80:36:a7:4b:e6:83:1d:c9:94:7b:4c:11:dc:1a: 7d:e8:3f:6b:d2:e7:d7:6f:1f:3c:00:c7:8a:b4:76:04:e5:a6: cc:f9:53:ff:fe:49:95:e3:f9:80:ff:13:1d:02:1d:d0:2e:44: 4f:9c:01:29:3c:1d:68:a0:f9:59:03:b3:14:a1:df:e8:3c:7d: bd:ec:c2:33:98:9f:4f:88:28:bd:f8:2f:49:cb:24:9c:a7:28: 6b:13:e9:c3:f4:9e:4d:c9:b4:cb:e4:ee:b8:e1:5f:f8:56:19: a9:d9:bb:a3:e9:de:00:64:4f:62:9c:db:67:00:e8:87:69:cf: a5:d2:62:f9:93:4b:90:35:6e:32:bd:1b:a1:4d:98:de:73:f1: d1:23:51:89:94:c9:dc:26:26:b5:50:20:8a:d5:e2:da:ec:43: bd:df:50:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd8ZtnQPZl3qZIpQdVDjdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OTBlN2E0NTQ5YTU3MWY2OGI2ODhkYWQ0ZjVjZWQ4ZTUy OTA2OGIwHhcNMjUxMjI2MDcwMzAwWhcNMjUxMjI3MDcwMzAwWjAzMTEwLwYDVQQD EygxYWI4YTg3ZDE3YTEwOGUyOGMzODhlNWRmZGVlOGViMzE5NDA0NmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybZQjEzGUVxMI0eTHzGGR/WwaNST dYH2J2pcgfRyEAODXjFgzJoDsLyxTa6AxDcto8WefSxr05/Uw/bEzRmsDWRj9osa pjCflPyVCF4RAl1kNtFAW9xDA6uS2PqJyQ7AI9paqBCk+XsnUFVl7fEZ5RWsEB6u odufsgs2Aw1m203oKpKyywXJIHhMfttVHxkUSWNqpW37ZB67hU+ivPX31XRnZ06z MQU2mVqkAJkWvFBE1sck4mF9OCCHfhGtnaT2OOF17/INT1VnH9nDfj91G65oTU5l xpqEG0ecsXTp+jLrvvfwESIXhw5cBbeqjLMSP4GxiVcH8mhFoNLfEwzcfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBq4qH0XoQjijDiOXf3ujrMZQEahMB8GA1UdIwQY MBaAFDiQ56RUmlcfaLaI2tT1ztjlKQaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTIt OTQ4MTJjN2Y0NDllLzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8yNWRmNGUtYWZjNS00YzUwLThkZTItOTQ4MTJjN2Y0NDll LzEvT0pEbnBGU2FWeDlvdG9qYTFQWE8yT1VwQm9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/KviXnS nNJNvUCL/nQmCJOyvIMQ3ocN6m8Vmx+5IjC1A1A0reP2BiW8AR0L4T4/47zd+ceZ 2HBeqehEQLLmNvPgzQheaIintS/tCxX2oTbZIqvOQxwnVi4AF5RKcYA2p0vmgx3J lHtMEdwafeg/a9Ln128fPADHirR2BOWmzPlT//5JleP5gP8THQId0C5ET5wBKTwd aKD5WQOzFKHf6Dx9vezCM5ifT4govfgvScsknKcoaxPpw/SeTcm0y+TuuOFf+FYZ qdm7o+neAGRPYpzbZwDoh2nPpdJi+ZNLkDVuMr0boU2Y3nPx0SNRiZTJ3CYmtVAg itXi2uxDvd9QMQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:40 2025 by rpki-client