This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft File: OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft (raw, json) Hash identifier: foM7SvcqBb6oieK7dmIJx/29PGotsBcE3ba9wgI8/s0= Subject key identifier: A9:DF:4E:C3:B4:15:6C:88:E6:E3:0F:FF:34:32:B7:49:3A:48:A7:0C Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7 Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7 Certificate serial: 019B18DF9A621AD98278F2A4CEC11D706962 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft Manifest number: 1706 Signing time: Sat 13 Dec 2025 18:01:05 +0000 Manifest this update: Sat 13 Dec 2025 18:01:05 +0000 Manifest next update: Sun 14 Dec 2025 18:01:05 +0000 Files and hashes: 1: OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl (hash: PNd/nriUhApHpb+1O6sdifIYfbOY9/0wVZx8V15V6dE=) 2: VwXHoptHeR9mWbeRFzNgE273Y_Y.roa (hash: O7PmmfQJftPOiteORNgrKpX/pUfGsXyieeu22jdpW5U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:df:9a:62:1a:d9:82:78:f2:a4:ce:c1:1d:70:69:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7 Validity Not Before: Dec 13 18:01:05 2025 GMT Not After : Dec 14 18:01:05 2025 GMT Subject: CN=a9df4ec3b4156c88e6e30fff3432b7493a48a70c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:e3:00:25:a5:f5:d5:09:ff:bd:92:a3:dc:99: 82:70:5c:c2:b2:f9:36:d6:0f:97:17:1a:cc:2a:f4: 5b:6e:09:9a:e6:20:ed:d1:94:d5:15:e6:b7:29:d4: a6:36:0e:13:62:da:ad:aa:03:97:b0:e5:86:29:4c: 01:69:46:50:7d:ea:82:59:ab:29:2b:de:dc:a5:d3: a8:cd:64:40:72:b4:05:c6:9b:45:23:5a:97:3b:73: 34:11:bc:32:a9:58:19:0f:db:b4:de:62:de:9f:65: 27:fe:0a:f1:3d:60:60:3c:d1:cc:ff:4e:3b:a0:1d: fa:44:85:8a:ad:e0:a1:b4:4f:00:be:ae:b2:aa:70: df:23:20:dd:92:a0:0d:c0:4f:1c:4e:1e:90:13:53: b2:92:94:6b:5b:25:2d:d3:22:dc:5d:1e:ea:13:30: 65:d6:b3:13:70:9e:e3:f0:28:8c:96:cd:33:d0:3f: 5b:2f:4b:a7:56:bf:40:c6:03:90:b5:85:93:a7:dc: ac:85:cf:1d:c4:91:4a:4b:57:f0:57:c0:f7:a0:62: 82:2c:16:60:03:a3:a1:88:04:7f:3c:0a:b8:7a:cc: 85:e8:6a:bd:4f:20:e1:45:a4:94:df:08:c6:c5:dd: 59:1f:47:13:4f:5a:09:ad:46:91:75:d7:3b:58:9d: e0:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:DF:4E:C3:B4:15:6C:88:E6:E3:0F:FF:34:32:B7:49:3A:48:A7:0C X509v3 Authority Key Identifier: keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:d5:eb:84:c5:f9:03:3d:a8:51:e4:04:51:84:20:2a:bb:2d: 40:d6:84:b1:a8:14:4a:51:54:1d:b8:24:51:41:66:50:56:16: 6d:dd:d9:ee:5b:6d:64:cd:f5:01:95:f6:fc:ae:8d:4c:da:90: 04:4a:f6:d8:61:02:55:bf:97:d4:5f:6d:5c:f1:89:88:a0:e8: d0:f8:46:43:ed:82:6e:0f:32:75:06:9f:23:fd:37:c8:d4:7e: 0c:24:f7:04:65:2b:8c:20:4b:7c:df:20:bc:bd:c6:98:f5:a0: 3a:e8:37:6e:7e:fd:9d:74:98:1c:5a:f1:c4:81:57:d8:54:07: d3:4a:24:ea:fa:eb:91:02:bb:c6:f5:cd:0e:6e:20:58:cb:ab: 27:64:e5:2d:56:ba:da:b0:58:41:84:6c:63:e9:e0:21:99:10: 70:bb:05:d4:48:ec:07:e9:cc:ec:cd:35:9f:24:3c:8d:b1:42: 7b:91:69:b4:b9:ee:61:6e:2a:24:a5:b7:ce:55:a2:97:1e:f7: 79:21:c1:99:90:48:ff:e7:fe:96:92:45:d2:05:52:cb:8b:74: 6f:d4:a8:b4:c9:9b:26:72:4b:1d:76:5e:b7:bb:be:69:05:21: fe:d2:36:5c:e3:ef:21:7f:04:51:b8:2d:c7:ea:05:c3:fb:91: 5a:91:bb:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsY35piGtmCePKkzsEdcGliMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1 MjI1YzcwHhcNMjUxMjEzMTgwMTA1WhcNMjUxMjE0MTgwMTA1WjAzMTEwLwYDVQQD EyhhOWRmNGVjM2I0MTU2Yzg4ZTZlMzBmZmYzNDMyYjc0OTNhNDhhNzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eMAJaX11Qn/vZKj3JmCcFzCsvk2 1g+XFxrMKvRbbgma5iDt0ZTVFea3KdSmNg4TYtqtqgOXsOWGKUwBaUZQfeqCWasp K97cpdOozWRAcrQFxptFI1qXO3M0EbwyqVgZD9u03mLen2Un/grxPWBgPNHM/047 oB36RIWKreChtE8Avq6yqnDfIyDdkqANwE8cTh6QE1OykpRrWyUt0yLcXR7qEzBl 1rMTcJ7j8CiMls0z0D9bL0unVr9AxgOQtYWTp9yshc8dxJFKS1fwV8D3oGKCLBZg A6OhiAR/PAq4esyF6Gq9TyDhRaSU3wjGxd1ZH0cTT1oJrUaRddc7WJ3gzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKnfTsO0FWyI5uMP/zQyt0k6SKcMMB8GA1UdIwQY MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt ZDViYzIzOWY2YTk4LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4 LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtXrhMX5 Az2oUeQEUYQgKrstQNaEsagUSlFUHbgkUUFmUFYWbd3Z7lttZM31AZX2/K6NTNqQ BEr22GECVb+X1F9tXPGJiKDo0PhGQ+2Cbg8ydQafI/03yNR+DCT3BGUrjCBLfN8g vL3GmPWgOug3bn79nXSYHFrxxIFX2FQH00ok6vrrkQK7xvXNDm4gWMurJ2TlLVa6 2rBYQYRsY+ngIZkQcLsF1EjsB+nM7M01nyQ8jbFCe5FptLnuYW4qJKW3zlWilx73 eSHBmZBI/+f+lpJF0gVSy4t0b9SotMmbJnJLHXZet7u+aQUh/tI2XOPvIX8EUbgt x+oFw/uRWpG7zA== -----END CERTIFICATE-----Generated at Sun Dec 14 01:52:27 2025 by rpki-client