This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json) Hash identifier: 3QBwOR60TFycN7mvHlcqBwawBJ0fWe+kE/Q3DjauZ8M= Subject key identifier: 3D:2D:1B:FB:90:B6:41:37:B1:F4:24:86:C6:B4:2F:BB:88:A3:5B:D6 Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7 Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7 Certificate serial: 019B0F37CCF71A27BF64299FC2ECD61951AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft Manifest number: 1701 Signing time: Thu 11 Dec 2025 21:01:13 +0000 Manifest this update: Thu 11 Dec 2025 21:01:13 +0000 Manifest next update: Fri 12 Dec 2025 21:01:13 +0000 Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: 7RCdXq2tUQCSM0v2JPr089ViIIluk0luKRnLBA332y0=) 2: VwXHoptHeR9mWbeRFzNgE273Y_Y.roa (hash: O7PmmfQJftPOiteORNgrKpX/pUfGsXyieeu22jdpW5U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:cc:f7:1a:27:bf:64:29:9f:c2:ec:d6:19:51:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7 Validity Not Before: Dec 11 21:01:13 2025 GMT Not After : Dec 12 21:01:13 2025 GMT Subject: CN=3d2d1bfb90b64137b1f42486c6b42fbb88a35bd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e3:7d:55:2b:f1:14:64:9b:bb:b6:2f:87:6f: 24:70:0f:73:51:1f:36:03:4e:9f:5b:dd:b7:71:db: da:d4:3d:63:9f:de:bb:da:67:5f:ac:4c:6f:55:e7: c1:1e:2f:2f:28:96:72:0a:51:43:25:6d:eb:43:99: d7:2c:d1:25:e7:a7:18:d9:2b:a8:27:50:2a:5a:ab: d5:99:ef:7a:d0:65:0b:10:05:1a:1b:3b:20:af:a9: 95:0a:fc:d8:ca:e7:76:6e:46:c2:51:52:00:ed:28: b7:23:5e:80:23:7b:58:2b:b5:c3:c1:35:2a:4c:3f: 6a:3a:ae:64:ed:df:6c:33:d1:13:91:37:95:b5:14: 19:c0:16:bb:a3:9b:b4:e3:3e:cb:e4:67:0b:05:16: 87:19:86:1e:3d:b6:79:e5:b0:7a:1c:db:aa:d9:48: 4d:7e:4a:7d:22:7c:72:81:1e:c4:3a:7f:fe:80:3d: df:bd:0b:63:01:ac:21:88:87:1f:68:94:10:05:9a: 01:5d:44:51:da:c3:df:b9:73:a3:95:04:b1:57:3c: 53:6e:fe:d6:a0:01:ef:19:5c:40:e1:76:af:7c:3f: a0:70:5f:0d:5b:08:3a:0f:ff:b2:c2:62:55:30:c1: 4f:1f:18:84:35:46:22:54:2d:57:e4:5e:bb:02:63: 0f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:2D:1B:FB:90:B6:41:37:B1:F4:24:86:C6:B4:2F:BB:88:A3:5B:D6 X509v3 Authority Key Identifier: keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:05:13:aa:69:81:27:61:62:8d:23:7a:ee:d4:76:2b:d3:0a: 06:49:bb:5f:ff:6f:0e:5c:9b:2c:68:ce:9a:36:a4:60:a5:ed: f8:62:69:13:b1:59:c7:e9:80:70:2a:e0:00:61:0d:3e:98:a1: b0:3f:29:c4:b6:57:b0:af:25:ef:a0:69:2c:89:87:18:86:ba: 32:ce:f4:96:b5:96:29:f0:b4:8f:fd:86:f4:af:8b:d9:89:2e: 0a:9b:aa:8b:de:2e:b9:50:bd:22:18:e4:50:d5:0f:5c:b5:45: 86:73:f5:92:63:2c:a4:fa:6c:10:86:48:af:16:8d:be:c4:1e: 7d:e3:fc:ed:23:b6:8d:cc:45:72:fa:85:89:66:7e:56:04:30: 9a:18:ba:6d:d1:f3:0e:a8:25:35:d4:65:38:24:fc:4c:2a:4a: bd:12:80:6d:3a:6c:d2:86:a0:ea:3f:55:9d:af:09:01:c0:30: fa:14:d4:97:fc:cc:5b:71:3f:2e:97:cc:a4:b0:a5:e7:72:84: 20:3a:ee:4c:25:0c:9b:42:16:6b:ee:c4:bf:7a:2f:7b:a7:d6: 8a:1d:4f:72:ef:21:63:de:1a:89:a0:05:72:55:be:81:e5:4e: e0:c9:6c:ab:4b:99:ca:af:72:6a:9a:11:cd:5f:3c:1a:23:0b: 91:6b:f5:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPN8z3Gie/ZCmfwuzWGVGtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1 MjI1YzcwHhcNMjUxMjExMjEwMTEzWhcNMjUxMjEyMjEwMTEzWjAzMTEwLwYDVQQD EygzZDJkMWJmYjkwYjY0MTM3YjFmNDI0ODZjNmI0MmZiYjg4YTM1YmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuN9VSvxFGSbu7Yvh28kcA9zUR82 A06fW923cdva1D1jn9672mdfrExvVefBHi8vKJZyClFDJW3rQ5nXLNEl56cY2Suo J1AqWqvVme960GULEAUaGzsgr6mVCvzYyud2bkbCUVIA7Si3I16AI3tYK7XDwTUq TD9qOq5k7d9sM9ETkTeVtRQZwBa7o5u04z7L5GcLBRaHGYYePbZ55bB6HNuq2UhN fkp9InxygR7EOn/+gD3fvQtjAawhiIcfaJQQBZoBXURR2sPfuXOjlQSxVzxTbv7W oAHvGVxA4XavfD+gcF8NWwg6D/+ywmJVMMFPHxiENUYiVC1X5F67AmMPdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD0tG/uQtkE3sfQkhsa0L7uIo1vWMB8GA1UdIwQY MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4 LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKgUTqmmB J2FijSN67tR2K9MKBkm7X/9vDlybLGjOmjakYKXt+GJpE7FZx+mAcCrgAGENPpih sD8pxLZXsK8l76BpLImHGIa6Ms70lrWWKfC0j/2G9K+L2YkuCpuqi94uuVC9Ihjk UNUPXLVFhnP1kmMspPpsEIZIrxaNvsQefeP87SO2jcxFcvqFiWZ+VgQwmhi6bdHz DqglNdRlOCT8TCpKvRKAbTps0oag6j9Vna8JAcAw+hTUl/zMW3E/LpfMpLCl53KE IDruTCUMm0IWa+7Ev3ove6fWih1Pcu8hY94aiaAFclW+geVO4Mlsq0uZyq9yapoR zV88GiMLkWv13w== -----END CERTIFICATE-----Generated at Thu Dec 11 22:53:09 2025 by rpki-client