This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json) Hash identifier: wlx8Ki2hc2ul4ZdXgEXmBW1pEkRld6uTdbOcSRT6Raw= Subject key identifier: B6:B7:AB:19:3F:27:BB:F2:37:14:51:C8:A8:96:09:D5:82:99:EB:CB Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0 Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0 Certificate serial: 019B5A51504B9C83CF76C5D63CAFF3F20529 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft Manifest number: 0CDE Signing time: Fri 26 Dec 2025 11:00:36 +0000 Manifest this update: Fri 26 Dec 2025 11:00:36 +0000 Manifest next update: Sat 27 Dec 2025 11:00:36 +0000 Files and hashes: 1: KI_OzKHWNWDApgfZA8fhKRHWYNw.roa (hash: KgInzOYraW/0zKTqbj1OirpA4x6saReBh+LdfK4ZXdI=) 2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: dRUoDqFVztrUl8+MZO+o2xjWZ7JrC8Ijz2mLs/lqP7Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:50:4b:9c:83:cf:76:c5:d6:3c:af:f3:f2:05:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0 Validity Not Before: Dec 26 11:00:36 2025 GMT Not After : Dec 27 11:00:36 2025 GMT Subject: CN=b6b7ab193f27bbf2371451c8a89609d58299ebcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:35:8c:cf:48:dc:1f:12:50:02:7f:69:de:aa: b8:aa:a2:86:4d:80:22:01:85:aa:10:a6:a8:5e:49: 0c:6f:a5:ca:1c:99:5e:97:7b:c7:53:32:57:d8:97: 1e:11:5c:c8:8e:50:53:0f:b8:54:bd:ee:42:74:ec: 33:97:98:10:9f:af:be:4a:85:3f:16:d6:2e:7e:a8: 2b:6e:a9:29:ed:f9:96:0c:cc:00:0d:ae:c7:cb:ae: bc:d7:12:b9:32:99:34:f6:4b:8d:4c:ee:a6:a2:73: c2:be:a0:95:2a:5b:dd:bf:bc:78:33:1c:f8:3f:1e: ac:41:4e:38:68:63:31:e5:d8:2c:a0:7f:f0:03:3e: df:9d:60:04:b4:f6:fa:b3:9c:30:31:00:db:38:0a: a1:8c:17:86:77:84:de:92:03:49:9c:03:e4:26:3c: 57:f9:0e:07:7b:05:d2:47:16:95:1e:7f:44:9c:08: 2b:63:77:7e:52:6d:e5:c6:82:49:10:9b:3b:91:4b: 90:6a:1e:8b:ad:92:0a:15:10:5e:4f:01:e1:bc:98: 1e:87:e3:f6:a3:48:cb:0c:3e:4c:76:60:0b:fc:79: e5:36:17:66:b2:e4:52:6c:d0:f8:7c:43:37:d2:74: 73:d0:57:b8:21:b4:4a:8a:6b:cb:0e:ab:8f:6b:98: 04:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:B7:AB:19:3F:27:BB:F2:37:14:51:C8:A8:96:09:D5:82:99:EB:CB X509v3 Authority Key Identifier: keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:ab:7a:49:2f:a0:b8:06:02:6f:40:65:9f:32:69:f6:6a:4e: c7:29:14:5a:6b:ed:06:df:18:34:2a:25:8b:4c:13:ad:bc:44: 43:fa:95:9f:71:96:d7:d4:60:e6:f0:14:00:3f:f6:4a:84:63: 20:6d:04:de:2c:c8:32:9b:ea:b1:b0:c3:c7:5f:0d:b9:b2:c4: 0b:41:4e:ae:5f:fb:db:ca:a7:6b:da:fc:ce:1a:25:21:2b:57: 51:9b:09:6d:cc:16:bc:19:ad:19:e9:a7:ea:dd:12:0a:2b:b5: 63:83:ab:f1:3c:64:b4:cd:86:74:53:7d:62:5c:e1:f1:8d:4e: 3e:8a:ec:53:84:73:bf:7b:e7:0c:5f:4d:a8:f0:f7:20:bc:99: 95:47:5e:34:c2:27:34:a1:2f:24:4a:d1:98:c5:e7:cf:b9:39: 85:87:f1:a1:d5:b7:ae:de:17:2f:21:58:5e:58:2e:6f:4f:b5: 08:10:ff:c8:ab:a3:bd:21:0c:e0:9f:61:33:44:2d:35:c8:45: 25:bf:6e:14:07:89:0a:48:9c:6b:24:b4:7b:2b:9d:a5:a7:c2: 5d:44:67:57:27:5e:31:99:e6:ab:d4:59:94:f1:78:24:f1:0f: b5:89:92:dd:6c:d6:3a:bc:3b:61:5b:ee:10:a0:be:7a:0e:74: 13:f0:6d:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUVBLnIPPdsXWPK/z8gUpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw ODUwZTAwHhcNMjUxMjI2MTEwMDM2WhcNMjUxMjI3MTEwMDM2WjAzMTEwLwYDVQQD EyhiNmI3YWIxOTNmMjdiYmYyMzcxNDUxYzhhODk2MDlkNTgyOTllYmNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzWMz0jcHxJQAn9p3qq4qqKGTYAi AYWqEKaoXkkMb6XKHJlel3vHUzJX2JceEVzIjlBTD7hUve5CdOwzl5gQn6++SoU/ FtYufqgrbqkp7fmWDMwADa7Hy6681xK5Mpk09kuNTO6monPCvqCVKlvdv7x4Mxz4 Px6sQU44aGMx5dgsoH/wAz7fnWAEtPb6s5wwMQDbOAqhjBeGd4TekgNJnAPkJjxX +Q4HewXSRxaVHn9EnAgrY3d+Um3lxoJJEJs7kUuQah6LrZIKFRBeTwHhvJgeh+P2 o0jLDD5MdmAL/HnlNhdmsuRSbND4fEM30nRz0Fe4IbRKimvLDquPa5gE1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLa3qxk/J7vyNxRRyKiWCdWCmevLMB8GA1UdIwQY MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2 LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6t6SS+g uAYCb0BlnzJp9mpOxykUWmvtBt8YNColi0wTrbxEQ/qVn3GW19Rg5vAUAD/2SoRj IG0E3izIMpvqsbDDx18NubLEC0FOrl/728qna9r8zholIStXUZsJbcwWvBmtGemn 6t0SCiu1Y4Or8TxktM2GdFN9Ylzh8Y1OPorsU4Rzv3vnDF9NqPD3ILyZlUdeNMIn NKEvJErRmMXnz7k5hYfxodW3rt4XLyFYXlgub0+1CBD/yKujvSEM4J9hM0QtNchF Jb9uFAeJCkicayS0eyudpafCXURnVydeMZnmq9RZlPF4JPEPtYmS3WzWOrw7YVvu EKC+eg50E/BtNQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:19 2025 by rpki-client