This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft File: OEzdzXTQQilYPSwr7tBz4AlrozU.mft (raw, json) Hash identifier: Bk/9kkHEkrmoSkSUc64yz9h2xg/034xqON263SvAxOg= Subject key identifier: 06:F7:3B:E7:11:06:65:40:33:6B:EB:DB:92:2C:BA:24:EA:49:73:2D Authority key identifier: 38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35 Certificate issuer: /CN=384cddcd74d04229583d2c2beed073e0096ba335 Certificate serial: 019B38A239F3AE74A707A87D75815D9BD314 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft Manifest number: 07D8 Signing time: Fri 19 Dec 2025 22:01:54 +0000 Manifest this update: Fri 19 Dec 2025 22:01:54 +0000 Manifest next update: Sat 20 Dec 2025 22:01:54 +0000 Files and hashes: 1: OEzdzXTQQilYPSwr7tBz4AlrozU.crl (hash: xSUKPwoLu6UVWkXOgSaO9qVuCTxrKTlTh77MakoP3x8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:39:f3:ae:74:a7:07:a8:7d:75:81:5d:9b:d3:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=384cddcd74d04229583d2c2beed073e0096ba335 Validity Not Before: Dec 19 22:01:54 2025 GMT Not After : Dec 20 22:01:54 2025 GMT Subject: CN=06f73be711066540336bebdb922cba24ea49732d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:63:39:7c:c0:8b:66:71:26:e7:57:28:82:c6: 71:36:69:b0:8b:64:f4:13:e1:1a:9c:e8:07:6f:36: 70:e9:b5:fa:aa:b4:53:f4:37:67:cc:cc:15:10:b0: 35:11:91:d4:eb:25:6a:d5:07:8b:a6:31:06:d6:9d: 2a:97:92:9b:eb:10:e6:f5:af:e6:71:eb:2c:a7:5b: fd:c8:79:b3:27:ca:8a:4c:8a:d4:06:4f:04:91:bd: 16:6f:5b:09:cc:ea:d3:6e:1d:07:35:7f:97:f6:9f: 96:94:85:1a:b4:dd:59:13:63:71:11:4a:5a:10:0a: 8a:62:5f:a5:e6:36:ca:cc:e2:4e:ba:9a:7d:75:51: 35:26:c4:b6:2b:7d:5e:69:69:66:af:81:5e:93:b3: b9:62:87:a3:af:2c:9f:cc:7c:0a:17:ca:3f:aa:67: c0:dd:c7:47:5d:7a:04:c1:bf:b9:a3:4d:46:ed:41: 91:34:0c:d9:03:4c:fa:04:f8:09:f0:7b:44:5a:f8: 7d:4e:53:2f:80:4c:62:58:8e:b3:0a:da:31:f6:a0: 04:30:88:2f:a4:83:a1:97:d6:7f:9d:37:95:9b:02: cb:18:c3:da:bd:8d:2f:a8:65:3c:32:7e:bd:e5:7b: fc:0a:64:a2:7e:b8:2a:2b:34:b0:1f:4a:4e:c5:fd: 04:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:F7:3B:E7:11:06:65:40:33:6B:EB:DB:92:2C:BA:24:EA:49:73:2D X509v3 Authority Key Identifier: keyid:38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:7b:2e:04:c8:82:c6:1d:6f:2c:26:59:06:f8:4a:48:99:85: 86:aa:23:20:13:ad:1e:52:67:70:c1:3c:86:6b:b9:34:d4:b8: ef:6f:02:bc:82:37:fd:ba:4e:7e:83:71:b4:38:a4:85:5b:2f: 8e:63:d2:12:d0:bd:31:f3:bc:07:9a:f8:2a:f7:6c:c8:d6:03: 35:fd:86:da:f9:94:73:c6:0e:bf:82:cf:cf:0a:89:65:2c:1e: 5c:88:7e:a7:8f:6d:bb:a0:32:dd:2e:f4:d5:bf:5a:a5:8b:94: ba:39:63:33:a3:70:91:30:f5:ce:ff:f8:49:dc:94:7e:a6:02: cf:af:03:27:28:35:3e:f0:28:00:ca:73:ac:1f:f5:c8:6c:2a: 73:d6:d4:bf:e8:c7:36:90:be:f3:de:e5:2e:a4:92:f5:88:25: af:7c:14:5f:6d:5b:7f:35:29:04:25:ab:57:e5:d4:f1:ac:78: 3d:80:1d:7d:e0:fa:d8:02:9d:9d:3d:19:e0:d7:7a:17:b6:84: 7f:e9:06:fe:a6:9e:fe:4f:f1:2b:cc:fd:72:32:97:9d:cc:0b: 2a:bf:26:7d:83:bb:64:f4:d6:42:5b:93:33:94:07:72:6c:79: 25:2b:39:d3:f6:56:86:eb:9f:42:22:62:c0:cf:f6:e2:01:73: 6a:1a:b8:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4ojnzrnSnB6h9dYFdm9MUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NGNkZGNkNzRkMDQyMjk1ODNkMmMyYmVlZDA3M2UwMDk2 YmEzMzUwHhcNMjUxMjE5MjIwMTU0WhcNMjUxMjIwMjIwMTU0WjAzMTEwLwYDVQQD EygwNmY3M2JlNzExMDY2NTQwMzM2YmViZGI5MjJjYmEyNGVhNDk3MzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+2M5fMCLZnEm51cogsZxNmmwi2T0 E+EanOgHbzZw6bX6qrRT9DdnzMwVELA1EZHU6yVq1QeLpjEG1p0ql5Kb6xDm9a/m cessp1v9yHmzJ8qKTIrUBk8Ekb0Wb1sJzOrTbh0HNX+X9p+WlIUatN1ZE2NxEUpa EAqKYl+l5jbKzOJOupp9dVE1JsS2K31eaWlmr4Fek7O5YoejryyfzHwKF8o/qmfA 3cdHXXoEwb+5o01G7UGRNAzZA0z6BPgJ8HtEWvh9TlMvgExiWI6zCtox9qAEMIgv pIOhl9Z/nTeVmwLLGMPavY0vqGU8Mn695Xv8CmSifrgqKzSwH0pOxf0EOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAb3O+cRBmVAM2vr25IsuiTqSXMtMB8GA1UdIwQY MBaAFDhM3c100EIpWD0sK+7Qc+AJa6M1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzIt OTk4YWQ1MGY0YTJhLzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzItOTk4YWQ1MGY0YTJh LzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsXsuBMiC xh1vLCZZBvhKSJmFhqojIBOtHlJncME8hmu5NNS4728CvII3/bpOfoNxtDikhVsv jmPSEtC9MfO8B5r4KvdsyNYDNf2G2vmUc8YOv4LPzwqJZSweXIh+p49tu6Ay3S70 1b9apYuUujljM6NwkTD1zv/4SdyUfqYCz68DJyg1PvAoAMpzrB/1yGwqc9bUv+jH NpC+897lLqSS9Yglr3wUX21bfzUpBCWrV+XU8ax4PYAdfeD62AKdnT0Z4Nd6F7aE f+kG/qae/k/xK8z9cjKXncwLKr8mfYO7ZPTWQluTM5QHcmx5JSs50/ZWhuufQiJi wM/24gFzahq4Og== -----END CERTIFICATE-----Generated at Sat Dec 20 07:17:05 2025 by rpki-client