This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft File: O3vGRy6lJXXOlb3KeCbppR-qzkk.mft (raw, json) Hash identifier: bbrxEp6tFmZuUKTOZqubhm6f1vsh6rQfe5Yo3HMEKk8= Subject key identifier: 6F:73:E4:06:50:86:02:1E:F2:65:41:4A:2F:03:FA:0A:3A:6C:E4:97 Authority key identifier: 3B:7B:C6:47:2E:A5:25:75:CE:95:BD:CA:78:26:E9:A5:1F:AA:CE:49 Certificate issuer: /CN=3b7bc6472ea52575ce95bdca7826e9a51faace49 Certificate serial: 019AF653FA5E8741FE7D116DFC3FAD1138DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft Manifest number: 0254 Signing time: Sun 07 Dec 2025 01:01:29 +0000 Manifest this update: Sun 07 Dec 2025 01:01:29 +0000 Manifest next update: Mon 08 Dec 2025 01:01:29 +0000 Files and hashes: 1: 9kI0xW5MbOx76ceEc1r6lL1zLqw.roa (hash: EBfX8OboRteLfAyp7yvYOpYG1nnQo1fO08vfwQ0PAY0=) 2: O3vGRy6lJXXOlb3KeCbppR-qzkk.crl (hash: HS2GWu4GEvvUgizIfr3op69v0DkeEFKeDqa6R48iEYI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:53:fa:5e:87:41:fe:7d:11:6d:fc:3f:ad:11:38:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b7bc6472ea52575ce95bdca7826e9a51faace49 Validity Not Before: Dec 7 01:01:29 2025 GMT Not After : Dec 8 01:01:29 2025 GMT Subject: CN=6f73e4065086021ef265414a2f03fa0a3a6ce497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:59:e9:9d:80:8b:4a:79:a1:b3:68:6c:39:5f: 97:ff:45:4e:c5:bf:a8:c6:42:aa:5a:57:e8:3d:63: b5:b5:01:b4:f2:e1:1b:41:02:31:81:6a:0b:cd:10: e7:59:e2:03:52:ab:b2:04:04:0a:61:64:0c:0a:b9: e6:dc:15:3f:8e:1c:0c:53:a2:ee:76:de:99:88:41: 4e:11:66:11:7a:75:ef:8a:7b:18:05:1e:53:bf:9e: b9:de:8e:60:ae:75:0e:39:c8:f5:ab:52:ea:78:94: 6f:da:b8:23:5a:4c:1c:26:9b:f3:5c:c5:02:aa:2d: c8:54:a9:4e:e5:44:1a:88:f6:47:5c:74:10:e1:19: d8:e4:af:c7:65:1e:6c:75:11:aa:52:7c:ce:60:1e: bf:1d:61:44:7c:fc:be:75:c2:79:56:1e:f3:90:54: 59:46:5f:0b:15:49:47:9a:bd:b4:55:b2:71:a2:19: 95:4b:28:b0:23:0e:84:18:b9:53:a7:46:3c:d1:4d: 44:5f:b7:66:f4:22:f8:a4:cb:cc:71:ef:b3:ea:2b: af:e0:22:d7:5e:e1:7f:e0:92:15:f2:26:0a:eb:90: 7b:97:5a:d3:1b:d3:58:cd:36:8d:d8:5c:9a:bd:f7: 91:bc:2d:04:85:90:37:18:3b:72:73:86:04:53:38: ab:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:73:E4:06:50:86:02:1E:F2:65:41:4A:2F:03:FA:0A:3A:6C:E4:97 X509v3 Authority Key Identifier: keyid:3B:7B:C6:47:2E:A5:25:75:CE:95:BD:CA:78:26:E9:A5:1F:AA:CE:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:ba:b7:fd:ae:2b:5d:56:d4:2e:fc:18:e9:b2:c8:70:45:f9: 76:8f:2d:a6:35:4c:e1:a4:12:d6:7b:08:c3:fb:ba:94:c8:35: a9:aa:d1:2b:25:ac:db:bd:38:09:e0:2a:98:da:2f:6f:49:2f: a2:e5:b5:f4:68:f3:49:52:fd:38:87:af:26:ca:2f:de:aa:11: 5d:76:8f:68:69:83:45:d1:81:7f:3e:47:d1:df:6c:d7:1e:c3: 60:8a:d0:2e:67:b3:83:28:f5:c2:24:81:24:20:e3:ed:b2:e1: e9:c9:73:34:da:58:c4:0b:72:51:37:29:c6:99:cd:4f:93:d7: 0a:22:1f:67:df:2d:cf:5b:bc:35:3e:5f:04:33:73:02:0b:f9: 2a:48:f4:c3:eb:f9:7c:d5:a0:a8:f8:33:f2:3a:00:17:8c:28: fe:9a:97:9c:be:38:ec:69:82:f0:99:dc:ed:9f:b2:b4:b2:a2: 68:be:30:ba:38:1f:bd:a6:13:09:64:8c:2f:50:fd:ac:7a:b7: b0:f3:e4:9f:01:9c:b5:b9:b0:b5:7f:b0:b3:a5:c0:52:51:21: b5:55:29:f4:d8:df:a9:36:8c:57:fa:dd:3a:93:21:62:53:b3: dc:a4:fa:5c:34:07:20:a6:6d:39:b1:75:f8:b0:57:93:7d:6d: e5:14:a6:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2U/peh0H+fRFt/D+tETjfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiN2JjNjQ3MmVhNTI1NzVjZTk1YmRjYTc4MjZlOWE1MWZh YWNlNDkwHhcNMjUxMjA3MDEwMTI5WhcNMjUxMjA4MDEwMTI5WjAzMTEwLwYDVQQD Eyg2ZjczZTQwNjUwODYwMjFlZjI2NTQxNGEyZjAzZmEwYTNhNmNlNDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVnpnYCLSnmhs2hsOV+X/0VOxb+o xkKqWlfoPWO1tQG08uEbQQIxgWoLzRDnWeIDUquyBAQKYWQMCrnm3BU/jhwMU6Lu dt6ZiEFOEWYRenXvinsYBR5Tv5653o5grnUOOcj1q1LqeJRv2rgjWkwcJpvzXMUC qi3IVKlO5UQaiPZHXHQQ4RnY5K/HZR5sdRGqUnzOYB6/HWFEfPy+dcJ5Vh7zkFRZ Rl8LFUlHmr20VbJxohmVSyiwIw6EGLlTp0Y80U1EX7dm9CL4pMvMce+z6iuv4CLX XuF/4JIV8iYK65B7l1rTG9NYzTaN2FyavfeRvC0EhZA3GDtyc4YEUzirLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG9z5AZQhgIe8mVBSi8D+go6bOSXMB8GA1UdIwQY MBaAFDt7xkcupSV1zpW9yngm6aUfqs5JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80OTNkMjktNDdhOS00OWViLTgwODAt OTIyNmIzYWM0ZTlkLzEvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS80OTNkMjktNDdhOS00OWViLTgwODAtOTIyNmIzYWM0ZTlk LzEvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrq3/a4r XVbULvwY6bLIcEX5do8tpjVM4aQS1nsIw/u6lMg1qarRKyWs2704CeAqmNovb0kv ouW19GjzSVL9OIevJsov3qoRXXaPaGmDRdGBfz5H0d9s1x7DYIrQLmezgyj1wiSB JCDj7bLh6clzNNpYxAtyUTcpxpnNT5PXCiIfZ98tz1u8NT5fBDNzAgv5Kkj0w+v5 fNWgqPgz8joAF4wo/pqXnL447GmC8Jnc7Z+ytLKiaL4wujgfvaYTCWSML1D9rHq3 sPPknwGctbmwtX+ws6XAUlEhtVUp9NjfqTaMV/rdOpMhYlOz3KT6XDQHIKZtObF1 +LBXk31t5RSmEA== -----END CERTIFICATE-----Generated at Sun Dec 7 05:19:08 2025 by rpki-client