This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json) Hash identifier: 2RiBmelzk7UeVi6jpekANE/WBrTk90DVfATmOxuCVQI= Subject key identifier: FC:1F:89:29:34:13:B7:3F:EB:69:48:EA:BA:9C:A4:73:17:AE:4C:C6 Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0 Certificate serial: 019B329F00529D14EA08C5D8B894B031B028 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 18:00:39 +0000 Manifest this update: Thu 18 Dec 2025 18:00:39 +0000 Manifest next update: Fri 19 Dec 2025 18:00:39 +0000 Files and hashes: 1: 7_8yBJLyqtyIR9OHFg7LU1M1Onc.roa (hash: RwjNHeRVHQ2HqUbmJiZCyAxBMEck7wiXEWN73Kexaq4=) 2: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: s0BioM1qLGID5KvMlv/wZQ+DBXAHgXcpRwlayDh/U7c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 18:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:9f:00:52:9d:14:ea:08:c5:d8:b8:94:b0:31:b0:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0 Validity Not Before: Dec 18 18:00:39 2025 GMT Not After : Dec 19 18:00:39 2025 GMT Subject: CN=fc1f89293413b73feb6948eaba9ca47317ae4cc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:31:cf:4e:e2:7a:4f:2b:dc:e0:8d:e9:91:4d: 9b:26:9b:c3:34:aa:6f:ae:52:63:14:30:19:74:69: f8:d0:10:18:76:e5:58:0e:1f:82:16:9a:fe:5e:cb: 2c:e6:ff:91:b5:af:1d:07:d8:57:dc:05:b0:b7:4a: 7c:d3:f5:64:b8:be:85:fb:57:f5:bd:a3:91:33:cf: 02:c8:1d:fd:e2:c7:7c:1a:af:4d:0c:35:9a:c8:4e: 52:7d:11:4e:3a:2a:1a:d3:ce:9f:f7:d3:98:88:c5: 92:d6:93:6b:7a:80:1e:0c:f6:db:f2:0a:ae:09:da: 88:53:3c:48:b4:14:77:6f:cf:e6:2e:f9:6f:02:52: 13:77:d5:ad:fa:9a:4e:05:52:7e:ee:d1:bb:78:29: 6f:49:83:90:3d:6f:24:59:e7:7e:81:b9:c2:e4:4d: 82:87:6d:d7:fd:8e:df:48:0a:04:41:61:af:31:79: 64:9e:62:25:5b:ad:77:30:bd:9d:9b:b8:4c:3b:63: 11:8e:69:1e:15:1e:0c:65:91:48:12:f5:f9:84:3a: c7:1e:a3:e4:34:56:c1:1d:0d:54:6d:12:a5:db:9a: ed:db:65:58:2c:cf:a2:06:78:8d:91:43:5d:b8:0b: 1d:09:c1:4a:e0:d6:0e:2b:07:fb:1d:05:ce:15:27: cf:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:1F:89:29:34:13:B7:3F:EB:69:48:EA:BA:9C:A4:73:17:AE:4C:C6 X509v3 Authority Key Identifier: keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:91:04:0c:59:a0:eb:2a:ce:94:5d:46:e6:8b:bf:33:27:9c: eb:10:be:ad:42:c8:5e:63:0b:65:cb:a2:5e:9c:2e:fc:61:f9: cd:04:f7:f0:a6:ee:71:a2:f0:e7:06:ce:e1:94:c3:7e:98:75: 70:dd:db:f1:57:9d:ee:13:03:f9:fe:8e:f9:59:f1:9f:86:4d: ff:02:87:74:d0:5d:77:13:9b:67:06:06:e7:6f:88:e9:68:f0: 94:e2:29:63:18:37:33:cb:1a:39:84:f9:19:43:ff:14:96:b7: 33:12:7d:e8:05:eb:16:37:23:5c:3d:11:8c:94:f6:3f:f9:00: 81:d1:29:f6:cf:70:a9:31:67:82:84:72:42:5f:f3:ba:f8:16: a4:86:a6:22:e8:0b:22:a1:d8:0d:1e:32:16:b4:77:de:9f:1f: c2:11:9e:8d:27:4c:f7:06:0a:b4:c3:8a:7a:da:80:bb:6e:ef: 55:5c:3b:40:f5:66:8c:9b:ed:53:2c:af:e3:77:2d:ec:14:24: 5a:d2:34:69:fd:f4:da:bd:6c:48:b3:65:33:c6:90:b9:b2:5e: 0c:2a:e6:73:fe:8d:e3:2d:17:a0:05:5f:f4:8d:17:09:af:c7: 36:3f:59:8e:ba:03:b6:51:99:32:03:79:a8:01:ff:01:2c:89: 04:76:db:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsynwBSnRTqCMXYuJSwMbAoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz NjdjZTAwHhcNMjUxMjE4MTgwMDM5WhcNMjUxMjE5MTgwMDM5WjAzMTEwLwYDVQQD EyhmYzFmODkyOTM0MTNiNzNmZWI2OTQ4ZWFiYTljYTQ3MzE3YWU0Y2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzHPTuJ6Tyvc4I3pkU2bJpvDNKpv rlJjFDAZdGn40BAYduVYDh+CFpr+Xsss5v+Rta8dB9hX3AWwt0p80/VkuL6F+1f1 vaORM88CyB394sd8Gq9NDDWayE5SfRFOOioa086f99OYiMWS1pNreoAeDPbb8gqu CdqIUzxItBR3b8/mLvlvAlITd9Wt+ppOBVJ+7tG7eClvSYOQPW8kWed+gbnC5E2C h23X/Y7fSAoEQWGvMXlknmIlW613ML2dm7hMO2MRjmkeFR4MZZFIEvX5hDrHHqPk NFbBHQ1UbRKl25rt22VYLM+iBniNkUNduAsdCcFK4NYOKwf7HQXOFSfPgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwfiSk0E7c/62lI6rqcpHMXrkzGMB8GA1UdIwQY MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0 LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnpEEDFmg 6yrOlF1G5ou/Myec6xC+rULIXmMLZcuiXpwu/GH5zQT38KbucaLw5wbO4ZTDfph1 cN3b8Ved7hMD+f6O+Vnxn4ZN/wKHdNBddxObZwYG52+I6WjwlOIpYxg3M8saOYT5 GUP/FJa3MxJ96AXrFjcjXD0RjJT2P/kAgdEp9s9wqTFngoRyQl/zuvgWpIamIugL IqHYDR4yFrR33p8fwhGejSdM9wYKtMOKetqAu27vVVw7QPVmjJvtUyyv43ct7BQk WtI0af302r1sSLNlM8aQubJeDCrmc/6N4y0XoAVf9I0XCa/HNj9ZjroDtlGZMgN5 qAH/ASyJBHbblQ== -----END CERTIFICATE-----Generated at Fri Dec 19 01:09:22 2025 by rpki-client