This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json) Hash identifier: eDR2UB+ATMbVJcIXOPlYF/xqaQ9Gibtz8wpK//WtDuw= Subject key identifier: 68:D1:88:6F:EE:5B:82:13:27:76:F4:F8:E4:2E:EE:E5:A0:7E:FD:A8 Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Certificate serial: 019B1D9797C92B9A61C53B39DBB677AF7A43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft Manifest number: 047D Signing time: Sun 14 Dec 2025 16:00:32 +0000 Manifest this update: Sun 14 Dec 2025 16:00:32 +0000 Manifest next update: Mon 15 Dec 2025 16:00:32 +0000 Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=) 2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: bRxpGclwjcpzp6MV9OnRS9YdWDC9eA9zPKUnhkw14ts=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:97:97:c9:2b:9a:61:c5:3b:39:db:b6:77:af:7a:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Validity Not Before: Dec 14 16:00:32 2025 GMT Not After : Dec 15 16:00:32 2025 GMT Subject: CN=68d1886fee5b82132776f4f8e42eeee5a07efda8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c5:eb:e1:ea:ea:42:d2:f5:a2:7b:1b:ef:53: af:0d:e9:54:c1:b6:92:d5:f2:87:46:2f:5b:6e:4d: d3:d1:9c:7e:41:70:36:bc:c6:bc:86:50:b5:30:f3: cb:67:f1:fa:89:c2:ee:01:85:cd:d0:a7:d1:ed:7f: eb:92:ed:4f:90:79:fc:ca:05:50:4f:4e:2a:7c:a6: 9f:ce:e0:ff:c6:03:9b:79:5d:18:5e:5f:aa:11:46: f1:8f:0b:33:11:13:41:7f:4f:ed:d7:21:2c:61:ac: 08:bc:4b:e8:ac:57:6c:09:42:d2:89:13:01:62:30: cc:c7:93:e4:b6:f3:b0:18:57:48:5e:c0:15:15:e5: 9b:64:32:bd:b1:46:c1:16:36:5d:9e:b1:18:71:8d: bd:41:b2:15:91:6c:a5:0d:b4:77:d0:32:0b:76:8c: 16:27:87:34:f6:b2:95:0a:92:ee:25:9e:d1:f6:58: d0:76:a7:dc:56:9e:96:0f:b5:11:19:d3:ee:98:67: ca:10:c5:1d:92:17:4a:70:3a:77:59:be:ea:bc:16: 46:3a:69:02:e2:ca:39:e8:57:2a:64:ed:12:9a:46: b6:d1:6a:7e:aa:70:79:bc:b0:58:2a:ca:fb:c4:5e: 61:0b:8a:e8:a6:f0:fb:91:02:21:c8:b0:60:33:11: e6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D1:88:6F:EE:5B:82:13:27:76:F4:F8:E4:2E:EE:E5:A0:7E:FD:A8 X509v3 Authority Key Identifier: keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:59:c2:88:85:33:c2:8c:29:ac:99:83:9f:8f:46:ee:ea:a6: 96:6d:5f:89:d2:d8:99:2b:66:46:86:89:67:51:93:31:3d:a1: 62:74:48:54:da:d6:ba:d4:08:52:e2:ed:fc:6b:bd:69:42:71: 79:13:4d:79:15:5b:8d:78:95:99:2a:0e:fa:5b:2b:6d:ef:ea: 58:45:ed:87:66:a9:66:88:b2:a5:52:35:7d:84:d0:37:34:74: 18:d3:e2:4e:12:bd:69:b6:fe:e9:83:ca:f6:72:4d:7d:32:4b: 28:f9:b2:00:fc:c9:88:66:6d:10:82:5a:bc:f4:a8:e8:86:a8: 4b:5e:48:da:14:65:e5:ec:03:5b:a3:ec:44:f4:81:e5:99:7f: ed:1a:d0:a8:a6:c9:11:00:c0:ff:b2:84:4e:1d:be:4a:94:ca: 30:e3:10:10:88:14:6a:bf:8a:a9:66:a0:7d:fa:cb:9c:1c:1c: 01:84:63:92:5f:c8:c3:14:a9:a3:4a:10:1a:37:bf:1c:8a:89: 4a:17:68:07:00:e8:8a:8a:2a:03:68:78:17:f7:d4:11:c1:7b: 1d:58:12:27:7e:64:8a:01:3e:d7:6d:d6:03:f9:76:ee:84:ec: 91:8b:ec:43:30:91:68:e1:fa:c9:84:85:fb:a9:fa:a3:ad:82: 25:d6:09:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsdl5fJK5phxTs527Z3r3pDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0 M2ViNzkwHhcNMjUxMjE0MTYwMDMyWhcNMjUxMjE1MTYwMDMyWjAzMTEwLwYDVQQD Eyg2OGQxODg2ZmVlNWI4MjEzMjc3NmY0ZjhlNDJlZWVlNWEwN2VmZGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sXr4erqQtL1onsb71OvDelUwbaS 1fKHRi9bbk3T0Zx+QXA2vMa8hlC1MPPLZ/H6icLuAYXN0KfR7X/rku1PkHn8ygVQ T04qfKafzuD/xgObeV0YXl+qEUbxjwszERNBf0/t1yEsYawIvEvorFdsCULSiRMB YjDMx5PktvOwGFdIXsAVFeWbZDK9sUbBFjZdnrEYcY29QbIVkWylDbR30DILdowW J4c09rKVCpLuJZ7R9ljQdqfcVp6WD7URGdPumGfKEMUdkhdKcDp3Wb7qvBZGOmkC 4so56FcqZO0Smka20Wp+qnB5vLBYKsr7xF5hC4ropvD7kQIhyLBgMxHmJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGjRiG/uW4ITJ3b0+OQu7uWgfv2oMB8GA1UdIwQY MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4 LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFnCiIUz wowprJmDn49G7uqmlm1fidLYmStmRoaJZ1GTMT2hYnRIVNrWutQIUuLt/Gu9aUJx eRNNeRVbjXiVmSoO+lsrbe/qWEXth2apZoiypVI1fYTQNzR0GNPiThK9abb+6YPK 9nJNfTJLKPmyAPzJiGZtEIJavPSo6IaoS15I2hRl5ewDW6PsRPSB5Zl/7RrQqKbJ EQDA/7KETh2+SpTKMOMQEIgUar+KqWagffrLnBwcAYRjkl/IwxSpo0oQGje/HIqJ ShdoBwDoiooqA2h4F/fUEcF7HVgSJ35kigE+123WA/l27oTskYvsQzCRaOH6yYSF +6n6o62CJdYJFw== -----END CERTIFICATE-----Generated at Sun Dec 14 21:34:46 2025 by rpki-client