This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.mft File: OzNj5H5p68XRwiUd3V2sfJiYmSI.mft (raw, json) Hash identifier: R3bJlGHwkW+n/+8AJ7iRKWpcu7NUn0nNVeHhIKCl2iQ= Subject key identifier: 3D:D9:97:38:4E:8F:8E:61:C4:3B:41:16:A6:8D:17:A2:17:5B:01:B5 Authority key identifier: 3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22 Certificate issuer: /CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922 Certificate serial: 019B1F871751F27A3AD2FAA0AED7181AECBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.mft Manifest number: 177A Signing time: Mon 15 Dec 2025 01:01:45 +0000 Manifest this update: Mon 15 Dec 2025 01:01:45 +0000 Manifest next update: Tue 16 Dec 2025 01:01:45 +0000 Files and hashes: 1: OzNj5H5p68XRwiUd3V2sfJiYmSI.crl (hash: aegZa1wdBhzu3d8KnNmqVU2x6jqYYlIxB92wzZPex+Y=) 2: vYaPE7wk6Qo5Lm2fpqZ1rhvLpDU.roa (hash: ZL2srvtFB3ZUj0RuUE6dDGpy3UL8CY63qkKeS+BMJ20=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.crl rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.mft rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:87:17:51:f2:7a:3a:d2:fa:a0:ae:d7:18:1a:ec:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922 Validity Not Before: Dec 15 01:01:45 2025 GMT Not After : Dec 16 01:01:45 2025 GMT Subject: CN=3dd997384e8f8e61c43b4116a68d17a2175b01b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e4:e6:05:8b:fe:e5:ed:54:e8:09:c8:ac:25: 2c:b6:eb:21:13:a5:8c:e8:bf:06:d7:70:60:6a:4b: e9:c6:a2:b2:06:ad:7d:93:ff:2b:dc:e4:cf:4a:30: eb:4c:49:3c:60:0c:2d:a0:60:f3:20:db:2b:9a:44: 9f:06:03:7f:94:81:af:68:9c:65:d9:8e:b2:4f:07: af:e7:b4:81:46:be:12:66:fb:26:c3:c6:f9:be:4b: 43:ea:c2:72:3f:4c:30:1c:9e:7b:e4:2b:23:ed:9f: b9:d7:da:78:32:34:a5:b2:b5:ee:e6:95:a5:a6:88: 9a:40:34:b5:e9:1e:51:94:f0:8a:ca:3b:81:21:a2: 8c:e8:63:d3:90:21:3a:56:8f:f9:7b:02:0b:9e:56: b6:9f:ba:1d:90:61:8c:8f:6f:bf:ee:a1:f6:6d:66: c7:c1:fb:7f:47:0b:07:10:38:23:c1:e8:73:69:3c: 03:a3:52:dd:79:1c:12:0d:c2:7f:f7:58:77:92:31: 44:7f:0c:06:35:2a:bb:04:a9:19:39:a3:62:55:55: 96:fa:0e:96:44:6a:02:39:e4:c6:27:d9:c8:82:cc: 3d:3a:d5:86:37:bf:43:ee:04:97:c8:b2:51:57:85: c0:95:c0:9a:72:99:e8:58:99:56:77:d3:ac:24:d6: b0:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:D9:97:38:4E:8F:8E:61:C4:3B:41:16:A6:8D:17:A2:17:5B:01:B5 X509v3 Authority Key Identifier: keyid:3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:a8:56:c4:a2:b2:65:6d:12:c2:0a:bc:41:85:f2:93:4a:ce: 3f:ba:85:57:af:49:b7:9d:1a:81:99:09:15:95:ca:d4:39:66: a6:86:e9:13:cb:d8:71:e7:92:2e:29:e9:01:e7:bc:12:4c:c4: 29:c6:c5:97:75:b2:85:af:97:b6:b2:03:be:56:35:91:f6:a0: d2:9b:5a:7e:3a:de:09:81:06:85:00:ab:8e:90:b3:59:cd:c7: 77:ec:1e:54:d5:01:65:2a:21:ca:30:d3:01:85:7d:78:bb:50: 48:6e:4f:a2:b0:ed:2c:0c:9e:93:26:db:24:9b:c3:3a:61:39: bc:e3:76:af:36:ec:03:7f:e2:81:6f:dd:f7:15:ff:71:f5:04: d1:4d:33:ee:d5:50:7a:12:2d:c5:33:92:d7:2e:fa:4e:14:a9: ee:c4:3a:a2:e7:ab:a8:f6:fc:ee:69:e0:b9:e4:36:5c:da:a2: b5:6a:4d:63:58:c7:3f:b5:47:89:a2:1f:bb:5b:76:80:7e:bc: c6:ab:78:e5:e4:3c:b7:ab:d4:e2:13:cc:a9:a4:1a:30:1e:96: 67:8e:e6:d4:ed:1a:db:25:6c:f0:2c:b2:10:6c:51:83:02:d9: a4:2d:b7:3a:93:bd:b3:c6:ac:f9:a6:1e:4f:47:ab:e1:93:de: 4a:0a:09:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfhxdR8no60vqgrtcYGuy/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiMzM2M2U0N2U2OWViYzVkMWMyMjUxZGRkNWRhYzdjOTg5 ODk5MjIwHhcNMjUxMjE1MDEwMTQ1WhcNMjUxMjE2MDEwMTQ1WjAzMTEwLwYDVQQD EygzZGQ5OTczODRlOGY4ZTYxYzQzYjQxMTZhNjhkMTdhMjE3NWIwMWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+TmBYv+5e1U6AnIrCUstushE6WM 6L8G13BgakvpxqKyBq19k/8r3OTPSjDrTEk8YAwtoGDzINsrmkSfBgN/lIGvaJxl 2Y6yTwev57SBRr4SZvsmw8b5vktD6sJyP0wwHJ575Csj7Z+519p4MjSlsrXu5pWl poiaQDS16R5RlPCKyjuBIaKM6GPTkCE6Vo/5ewILnla2n7odkGGMj2+/7qH2bWbH wft/RwsHEDgjwehzaTwDo1LdeRwSDcJ/91h3kjFEfwwGNSq7BKkZOaNiVVWW+g6W RGoCOeTGJ9nIgsw9OtWGN79D7gSXyLJRV4XAlcCacpnoWJlWd9OsJNaw+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD3ZlzhOj45hxDtBFqaNF6IXWwG1MB8GA1UdIwQY MBaAFDszY+R+aevF0cIlHd1drHyYmJkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMt Y2NkYWRmN2Y2NWYyLzEvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMtY2NkYWRmN2Y2NWYy LzEvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMahWxKKy ZW0Swgq8QYXyk0rOP7qFV69Jt50agZkJFZXK1DlmpobpE8vYceeSLinpAee8EkzE KcbFl3Wyha+XtrIDvlY1kfag0ptafjreCYEGhQCrjpCzWc3Hd+weVNUBZSohyjDT AYV9eLtQSG5PorDtLAyekybbJJvDOmE5vON2rzbsA3/igW/d9xX/cfUE0U0z7tVQ ehItxTOS1y76ThSp7sQ6ouerqPb87mngueQ2XNqitWpNY1jHP7VHiaIfu1t2gH68 xqt45eQ8t6vU4hPMqaQaMB6WZ47m1O0a2yVs8CyyEGxRgwLZpC23OpO9s8as+aYe T0er4ZPeSgoJ8Q== -----END CERTIFICATE-----Generated at Mon Dec 15 06:49:47 2025 by rpki-client