This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.mft File: o2YZQnwoP6Oyu3tFzDWlEoY5iWE.mft (raw, json) Hash identifier: K2r2OsHkrCPqKE9PpdyrfgpWQWqkWHT+la/awPZdS0E= Subject key identifier: CD:4C:62:59:73:38:8E:4E:95:E5:1A:A8:66:8C:DE:7E:C2:F4:16:1E Authority key identifier: A3:66:19:42:7C:28:3F:A3:B2:BB:7B:45:CC:35:A5:12:86:39:89:61 Certificate issuer: /CN=a36619427c283fa3b2bb7b45cc35a51286398961 Certificate serial: 019B0E9373349CD214EBEE1175D940637E41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.mft Manifest number: 23 Signing time: Thu 11 Dec 2025 18:01:42 +0000 Manifest this update: Thu 11 Dec 2025 18:01:42 +0000 Manifest next update: Fri 12 Dec 2025 18:01:42 +0000 Files and hashes: 1: o2YZQnwoP6Oyu3tFzDWlEoY5iWE.crl (hash: pCx9F3sNEY+UoulaXL2zhQ/ZYOs1IL9lPmCC91TdNTs=) 2: xl2dBFAq27Jc7XAbjqmjx5SGLQg.roa (hash: LWS6130jm9DNYynRHuAyBdYfUPrAY2AEwbKHUYPs/I0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.mft rsync://rpki.ripe.net/repository/DEFAULT/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:93:73:34:9c:d2:14:eb:ee:11:75:d9:40:63:7e:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a36619427c283fa3b2bb7b45cc35a51286398961 Validity Not Before: Dec 11 18:01:42 2025 GMT Not After : Dec 12 18:01:42 2025 GMT Subject: CN=cd4c625973388e4e95e51aa8668cde7ec2f4161e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f9:09:9f:1c:ce:d8:b9:0f:67:75:81:01:3b: c4:e0:6c:b1:3c:56:cf:72:c7:77:11:cf:16:05:60: f0:3f:bf:fd:8d:e1:6d:9a:ba:1b:83:5c:18:53:ff: 6e:54:09:c4:40:bb:d3:36:a0:95:a8:76:37:07:30: d4:fb:de:ac:64:47:87:e7:ad:4a:27:67:4c:71:d6: d4:77:f2:29:04:81:d5:5a:08:0a:ce:5e:e4:75:c0: 9d:ce:7f:c1:2a:fa:82:04:46:53:fc:be:0c:7e:21: 1b:e8:a6:27:0b:d8:05:fe:bf:4d:f9:96:5d:54:76: a3:ca:8b:f3:1f:f3:09:e6:1b:d5:37:ef:78:16:c2: 93:86:66:b2:e4:47:e0:26:ab:44:de:1e:7e:f2:5e: ec:c6:80:9c:68:cd:1f:66:70:43:9a:f4:a4:98:05: e2:ab:bd:d3:7e:e1:b9:c1:7a:60:22:d0:cd:9b:26: 6e:59:e4:58:ee:37:54:ea:6a:11:fa:44:33:9e:62: ee:25:20:8e:32:9f:0e:80:d9:7f:ca:52:b0:fd:50: ab:89:80:a1:34:f0:3e:0c:d7:31:b7:64:1c:5d:2c: 83:a6:15:ff:5b:de:ee:ae:fb:7f:1e:bd:44:d3:03: a9:e4:f0:01:dc:bc:85:a9:5f:9b:83:69:c8:18:0d: 50:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:4C:62:59:73:38:8E:4E:95:E5:1A:A8:66:8C:DE:7E:C2:F4:16:1E X509v3 Authority Key Identifier: keyid:A3:66:19:42:7C:28:3F:A3:B2:BB:7B:45:CC:35:A5:12:86:39:89:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0fa280-02dd-4517-89a7-3b8178dbb94c/1/o2YZQnwoP6Oyu3tFzDWlEoY5iWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:cc:a1:d2:b0:45:87:34:f4:6e:92:be:1a:b4:70:2a:23:2d: 82:12:ed:be:a8:05:eb:f3:fc:ae:49:ff:34:3f:40:05:cb:af: 21:57:84:b3:d5:e7:bc:4d:04:41:ea:5a:60:f4:c9:92:b7:7b: 32:ab:4e:92:75:9a:22:83:3b:ed:5d:19:1c:57:04:a1:5f:0b: d7:34:2f:76:d0:fd:b7:d9:1a:35:ee:2e:f6:f6:c5:ba:3d:67: 33:d9:4b:2f:25:e3:36:28:43:20:5c:09:9e:fb:cd:13:22:1c: a3:05:4f:ae:15:2e:81:5e:f2:57:df:0b:a1:b7:06:4a:0a:cc: 3f:5c:2f:35:a9:5a:9e:eb:25:3d:35:bf:4a:cb:3e:3c:c1:9a: a0:1b:ca:7b:7d:ca:f8:e3:92:03:ca:80:38:86:4e:ea:93:e8: 5e:99:fa:83:07:b3:35:55:d6:27:37:85:2a:61:9e:8f:54:c7: 30:08:af:15:84:c4:44:1f:8f:b4:13:e9:8a:90:80:77:dd:62: f7:2d:57:63:db:0c:99:ed:31:99:08:68:97:6a:7f:91:0c:62: e4:36:de:63:7e:14:90:0b:7b:bd:40:25:e4:4a:17:11:6a:7f: c2:37:c8:3b:ca:4f:3d:0d:2c:ed:a0:8e:9e:06:c9:9d:3b:7f: d8:5c:09:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOk3M0nNIU6+4RddlAY35BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjYxOTQyN2MyODNmYTNiMmJiN2I0NWNjMzVhNTEyODYz OTg5NjEwHhcNMjUxMjExMTgwMTQyWhcNMjUxMjEyMTgwMTQyWjAzMTEwLwYDVQQD EyhjZDRjNjI1OTczMzg4ZTRlOTVlNTFhYTg2NjhjZGU3ZWMyZjQxNjFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfkJnxzO2LkPZ3WBATvE4GyxPFbP csd3Ec8WBWDwP7/9jeFtmrobg1wYU/9uVAnEQLvTNqCVqHY3BzDU+96sZEeH561K J2dMcdbUd/IpBIHVWggKzl7kdcCdzn/BKvqCBEZT/L4MfiEb6KYnC9gF/r9N+ZZd VHajyovzH/MJ5hvVN+94FsKThmay5EfgJqtE3h5+8l7sxoCcaM0fZnBDmvSkmAXi q73TfuG5wXpgItDNmyZuWeRY7jdU6moR+kQznmLuJSCOMp8OgNl/ylKw/VCriYCh NPA+DNcxt2QcXSyDphX/W97urvt/Hr1E0wOp5PAB3LyFqV+bg2nIGA1QEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1MYllzOI5OleUaqGaM3n7C9BYeMB8GA1UdIwQY MBaAFKNmGUJ8KD+jsrt7Rcw1pRKGOYlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJZWlFud29QNk95dTN0RnpEV2xFb1k1aVdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wZmEyODAtMDJkZC00NTE3LTg5YTct M2I4MTc4ZGJiOTRjLzEvbzJZWlFud29QNk95dTN0RnpEV2xFb1k1aVdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS8wZmEyODAtMDJkZC00NTE3LTg5YTctM2I4MTc4ZGJiOTRj LzEvbzJZWlFud29QNk95dTN0RnpEV2xFb1k1aVdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMyh0rBF hzT0bpK+GrRwKiMtghLtvqgF6/P8rkn/ND9ABcuvIVeEs9XnvE0EQepaYPTJkrd7 MqtOknWaIoM77V0ZHFcEoV8L1zQvdtD9t9kaNe4u9vbFuj1nM9lLLyXjNihDIFwJ nvvNEyIcowVPrhUugV7yV98LobcGSgrMP1wvNalanuslPTW/Sss+PMGaoBvKe33K +OOSA8qAOIZO6pPoXpn6gwezNVXWJzeFKmGej1THMAivFYTERB+PtBPpipCAd91i 9y1XY9sMme0xmQhol2p/kQxi5DbeY34UkAt7vUAl5EoXEWp/wjfIO8pPPQ0s7aCO ngbJnTt/2FwJUA== -----END CERTIFICATE-----Generated at Thu Dec 11 23:59:41 2025 by rpki-client