This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.mft File: o3F-pUuVlC-tgalD7bHBD535Svs.mft (raw, json) Hash identifier: /ljHqXUAv2Tcscbw+UWObvZTnQy7p8smwtTYwjhf5b0= Subject key identifier: E5:7B:DC:B9:AE:E0:1A:75:45:1B:F3:F3:D1:12:5F:D0:37:F3:9D:52 Authority key identifier: A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB Certificate issuer: /CN=a3717ea54b95942fad81a943edb1c10f9df94afb Certificate serial: 019B3BA2AC34AC08B37105DA3430EF304B4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.mft Manifest number: 170F Signing time: Sat 20 Dec 2025 12:01:14 +0000 Manifest this update: Sat 20 Dec 2025 12:01:14 +0000 Manifest next update: Sun 21 Dec 2025 12:01:14 +0000 Files and hashes: 1: o3F-pUuVlC-tgalD7bHBD535Svs.crl (hash: KKDLLGQWanubHvJ7z/+rhq8hYtTYQEMQAQ2alJStgp0=) 2: pg44eaa6uLO77ZBpldSyzPpFh88.roa (hash: 0sb9vGZUz6J5OEzKPCflxf4EwPkYpEMJhVhuM9KBJfs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.mft rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:ac:34:ac:08:b3:71:05:da:34:30:ef:30:4b:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3717ea54b95942fad81a943edb1c10f9df94afb Validity Not Before: Dec 20 12:01:14 2025 GMT Not After : Dec 21 12:01:14 2025 GMT Subject: CN=e57bdcb9aee01a75451bf3f3d1125fd037f39d52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:d2:33:39:13:ca:85:38:fa:0a:ff:46:45:b3: 27:7c:db:a4:51:94:bc:fd:52:38:41:57:73:e8:e1: 59:3b:d5:ee:99:ee:ab:58:6c:1d:82:c4:bc:49:fe: 62:b6:0e:6e:ce:a4:03:ac:81:b6:81:9f:28:b2:18: 02:be:63:40:de:1f:fd:f8:b0:62:28:27:60:07:38: be:56:5b:66:10:f9:9a:e7:9a:51:62:a1:c6:92:e5: 04:7d:89:a0:e3:f0:55:a4:17:0d:b0:21:f2:fc:c2: 81:3d:4d:30:a4:11:ac:fe:89:9f:55:ae:a6:1d:d4: 95:c1:b8:d6:ec:f5:89:3b:0a:cc:f5:86:31:61:92: 66:17:87:c5:be:7e:22:da:08:83:83:ce:57:88:36: ca:ec:db:d3:f4:c6:09:ac:27:8a:f8:ee:3a:6d:68: 94:90:30:f2:47:f7:21:39:53:9b:0e:ec:ff:55:80: b5:d0:1e:f9:e8:83:85:96:ba:4a:27:57:4b:99:eb: 6a:ca:2e:41:bd:e7:1b:d4:f1:d8:11:43:f4:66:8a: df:aa:b7:19:b8:bd:5a:ae:e2:c7:59:f5:43:e8:20: 7b:dc:06:1f:29:3c:14:e8:83:9d:66:9e:00:21:f8: 66:0c:cd:15:98:7e:49:43:58:df:50:e0:ce:b1:02: 30:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:7B:DC:B9:AE:E0:1A:75:45:1B:F3:F3:D1:12:5F:D0:37:F3:9D:52 X509v3 Authority Key Identifier: keyid:A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:d7:a8:28:2d:8c:19:03:7a:0a:a0:78:96:4b:de:6e:6a:ba: 0d:9f:3d:0d:3f:6e:63:ef:15:f6:04:10:11:88:8b:6b:39:d4: 63:07:23:e8:18:18:ea:08:40:55:f1:6c:b8:6d:74:92:b2:fe: 87:da:d4:ed:65:99:05:d7:7a:52:ec:59:ad:88:c1:a4:49:a4: 21:06:f2:b0:92:08:a1:a8:93:1b:d2:7e:b0:74:c8:bc:65:65: fb:1e:b4:79:2a:b0:c9:90:38:5e:00:95:d6:70:e9:74:9c:0c: 92:a4:de:df:22:b0:60:18:14:d4:88:eb:09:6a:ff:06:cb:86: 8d:75:c8:41:c9:ac:9b:d9:85:73:40:c8:af:51:ab:fa:b6:4f: 4d:9b:91:5b:f7:b3:fd:a6:6d:69:95:7c:63:92:b1:99:b2:5b: f8:be:82:14:c4:d8:6b:c3:76:21:49:8d:c8:37:9f:ae:a9:df: a3:b7:11:e1:0d:18:74:c1:ab:0b:5b:6c:d9:84:e9:ce:10:a3: 91:ab:1d:a9:f0:fe:38:fb:c8:a1:e2:9d:f2:c3:c7:73:01:52: 82:e4:6e:85:49:c1:a3:a0:b0:c2:f6:8e:00:42:d6:35:33:cf: c3:ba:f5:48:9c:09:76:83:8a:d8:5a:c0:56:fb:77:21:54:f1: fd:78:03:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7oqw0rAizcQXaNDDvMEtLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNzE3ZWE1NGI5NTk0MmZhZDgxYTk0M2VkYjFjMTBmOWRm OTRhZmIwHhcNMjUxMjIwMTIwMTE0WhcNMjUxMjIxMTIwMTE0WjAzMTEwLwYDVQQD EyhlNTdiZGNiOWFlZTAxYTc1NDUxYmYzZjNkMTEyNWZkMDM3ZjM5ZDUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9IzORPKhTj6Cv9GRbMnfNukUZS8 /VI4QVdz6OFZO9Xume6rWGwdgsS8Sf5itg5uzqQDrIG2gZ8oshgCvmNA3h/9+LBi KCdgBzi+VltmEPma55pRYqHGkuUEfYmg4/BVpBcNsCHy/MKBPU0wpBGs/omfVa6m HdSVwbjW7PWJOwrM9YYxYZJmF4fFvn4i2giDg85XiDbK7NvT9MYJrCeK+O46bWiU kDDyR/chOVObDuz/VYC10B756IOFlrpKJ1dLmetqyi5Bvecb1PHYEUP0ZorfqrcZ uL1aruLHWfVD6CB73AYfKTwU6IOdZp4AIfhmDM0VmH5JQ1jfUODOsQIw0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOV73Lmu4Bp1RRvz89ESX9A3851SMB8GA1UdIwQY MBaAFKNxfqVLlZQvrYGpQ+2xwQ+d+Ur7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTct MTU3YWQwYWM1MjBhLzEvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTctMTU3YWQwYWM1MjBh LzEvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNeoKC2M GQN6CqB4lkvebmq6DZ89DT9uY+8V9gQQEYiLaznUYwcj6BgY6ghAVfFsuG10krL+ h9rU7WWZBdd6UuxZrYjBpEmkIQbysJIIoaiTG9J+sHTIvGVl+x60eSqwyZA4XgCV 1nDpdJwMkqTe3yKwYBgU1IjrCWr/BsuGjXXIQcmsm9mFc0DIr1Gr+rZPTZuRW/ez /aZtaZV8Y5KxmbJb+L6CFMTYa8N2IUmNyDefrqnfo7cR4Q0YdMGrC1ts2YTpzhCj kasdqfD+OPvIoeKd8sPHcwFSguRuhUnBo6CwwvaOAELWNTPPw7r1SJwJdoOK2FrA Vvt3IVTx/XgDRA== -----END CERTIFICATE-----Generated at Sat Dec 20 16:18:15 2025 by rpki-client