This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft File: oy2niZiHqsRJlYu5DrU1lRqXOgA.mft (raw, json) Hash identifier: 5/wP32343Y1CNrYGATcsWg4cxZxNF3artOBWldXD870= Subject key identifier: 2B:E9:CF:8B:84:3F:AF:99:6D:B1:B0:48:5D:AD:99:5C:71:D2:8A:8F Authority key identifier: A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00 Certificate issuer: /CN=a32da7899887aac449958bb90eb535951a973a00 Certificate serial: 019B38A180A219938299F46609A1878FE899 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft Manifest number: 1085 Signing time: Fri 19 Dec 2025 22:01:06 +0000 Manifest this update: Fri 19 Dec 2025 22:01:06 +0000 Manifest next update: Sat 20 Dec 2025 22:01:06 +0000 Files and hashes: 1: oy2niZiHqsRJlYu5DrU1lRqXOgA.crl (hash: n7z71ZoNsXJ4NX184fOqwugNZNNhRxTL2HpGe5kfFfg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:80:a2:19:93:82:99:f4:66:09:a1:87:8f:e8:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a32da7899887aac449958bb90eb535951a973a00 Validity Not Before: Dec 19 22:01:06 2025 GMT Not After : Dec 20 22:01:06 2025 GMT Subject: CN=2be9cf8b843faf996db1b0485dad995c71d28a8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:91:59:b7:2a:c1:f3:24:30:9e:0b:1c:d9:8d: 50:16:6f:ce:a3:92:67:1b:c5:f4:34:91:97:b8:bc: 4f:d2:04:95:96:f5:54:e3:c7:16:cf:4d:40:22:05: dc:ff:1c:98:15:e7:75:95:da:20:1c:81:e9:54:be: f6:7f:48:f1:58:41:c1:b1:26:a1:84:5b:8b:e8:0e: ce:ae:d7:2e:d2:ec:91:87:1b:d2:dc:ad:3c:8e:b3: ec:32:32:de:f7:6e:7d:3c:88:43:5b:73:eb:76:ae: 48:66:93:21:d0:5f:a4:ee:f0:25:cc:84:8a:f4:db: ec:ad:77:cb:02:cd:3f:21:5f:21:c9:11:1d:48:f0: 8b:85:2b:d2:d6:9e:63:c5:d5:4e:fa:c4:1c:48:bb: 54:c1:cb:c3:15:51:b1:35:c3:c2:37:ec:9c:73:86: b4:ae:9c:d2:b3:a8:1a:d9:61:6d:48:89:a1:14:b0: a3:ad:e9:6a:cc:6a:44:37:bd:87:0f:df:d1:8e:cc: 11:87:1a:00:5a:57:0e:ce:d4:99:5a:76:ce:32:33: 91:39:ed:08:f1:fb:28:19:72:29:8c:b9:6b:0c:b0: 22:b7:ee:cf:8b:75:8a:41:1a:51:1a:a1:c2:c7:7f: 24:1c:09:90:60:87:22:05:df:32:6c:a5:bf:29:b9: 53:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:E9:CF:8B:84:3F:AF:99:6D:B1:B0:48:5D:AD:99:5C:71:D2:8A:8F X509v3 Authority Key Identifier: keyid:A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:f2:a2:e6:c9:48:0e:f9:78:67:9d:73:c3:8b:e2:8b:8c:0c: 99:d6:7d:c7:3c:60:84:5d:63:28:b5:ca:ad:ac:b7:89:2f:08: e2:e9:f2:55:0e:76:e5:81:bf:fa:d1:82:fc:33:ab:53:c1:a8: 2a:aa:8a:81:30:9a:3d:50:d5:59:f3:ba:f1:4b:63:89:af:11: 54:e2:ae:15:39:3a:c2:93:60:8e:ac:a0:60:2b:c6:7e:f6:a1: 2e:f9:50:93:05:c6:98:d0:b1:45:a3:35:f3:cc:52:7a:f7:58: ce:96:0d:bb:b3:86:e5:3c:64:81:7a:1a:6a:00:8d:e8:0e:3d: 7f:66:52:17:d9:64:11:02:a8:0e:47:67:55:7f:8a:66:1f:88: d6:8c:6f:d6:30:21:62:57:f3:7b:ae:14:da:d9:42:3f:21:ab: 57:12:cb:b3:bf:1f:20:be:cd:ed:ab:b5:e6:00:60:bf:3d:fd: 66:1c:be:e3:e8:da:55:af:3c:08:e4:c8:95:dd:8f:cf:77:cb: ce:69:f5:47:f1:e2:60:6d:31:ce:ce:1c:c5:f1:14:f4:53:5f: ae:6c:1e:6e:8d:4c:53:31:ba:f6:cf:b2:7c:56:14:8b:33:7f: c7:0c:6b:ec:52:29:e6:74:3a:b9:47:aa:67:1c:25:92:85:c8: 41:8c:74:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oYCiGZOCmfRmCaGHj+iZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMmRhNzg5OTg4N2FhYzQ0OTk1OGJiOTBlYjUzNTk1MWE5 NzNhMDAwHhcNMjUxMjE5MjIwMTA2WhcNMjUxMjIwMjIwMTA2WjAzMTEwLwYDVQQD EygyYmU5Y2Y4Yjg0M2ZhZjk5NmRiMWIwNDg1ZGFkOTk1YzcxZDI4YThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpFZtyrB8yQwngsc2Y1QFm/Oo5Jn G8X0NJGXuLxP0gSVlvVU48cWz01AIgXc/xyYFed1ldogHIHpVL72f0jxWEHBsSah hFuL6A7Ortcu0uyRhxvS3K08jrPsMjLe9259PIhDW3Prdq5IZpMh0F+k7vAlzISK 9NvsrXfLAs0/IV8hyREdSPCLhSvS1p5jxdVO+sQcSLtUwcvDFVGxNcPCN+ycc4a0 rpzSs6ga2WFtSImhFLCjrelqzGpEN72HD9/RjswRhxoAWlcOztSZWnbOMjOROe0I 8fsoGXIpjLlrDLAit+7Pi3WKQRpRGqHCx38kHAmQYIciBd8ybKW/KblTzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCvpz4uEP6+ZbbGwSF2tmVxx0oqPMB8GA1UdIwQY MBaAFKMtp4mYh6rESZWLuQ61NZUalzoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUt ZDMzMzJmOTA0NGVjLzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUtZDMzMzJmOTA0NGVj LzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdPKi5slI Dvl4Z51zw4vii4wMmdZ9xzxghF1jKLXKray3iS8I4unyVQ525YG/+tGC/DOrU8Go KqqKgTCaPVDVWfO68Utjia8RVOKuFTk6wpNgjqygYCvGfvahLvlQkwXGmNCxRaM1 88xSevdYzpYNu7OG5TxkgXoaagCN6A49f2ZSF9lkEQKoDkdnVX+KZh+I1oxv1jAh Ylfze64U2tlCPyGrVxLLs78fIL7N7au15gBgvz39Zhy+4+jaVa88COTIld2Pz3fL zmn1R/HiYG0xzs4cxfEU9FNfrmwebo1MUzG69s+yfFYUizN/xwxr7FIp5nQ6uUeq ZxwlkoXIQYx0vQ== -----END CERTIFICATE-----Generated at Sat Dec 20 00:16:52 2025 by rpki-client