This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft File: OQJ3OPl4_tokqdh7DLi7mqevVA0.mft (raw, json) Hash identifier: VBSZho/CkrQnKAGkHSCqUsljJUvMzXZmmlZuH7/iShY= Subject key identifier: CE:E9:8D:30:E2:CD:E4:03:DC:1D:56:D2:58:CA:0E:2A:36:BA:F2:8B Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d Certificate serial: 019B1C17C34C6C8E37747AE830B12453D80F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft Manifest number: 1781 Signing time: Sun 14 Dec 2025 09:01:17 +0000 Manifest this update: Sun 14 Dec 2025 09:01:17 +0000 Manifest next update: Mon 15 Dec 2025 09:01:17 +0000 Files and hashes: 1: OQJ3OPl4_tokqdh7DLi7mqevVA0.crl (hash: zmwlmepBl20Py7n3q/NukH3u9qOX2QVXanS2oS8t0Lk=) 2: THEjTsFNcxDVZEOdq3GfXqXC4zc.roa (hash: x5CBmcScUC+Y/Wuw5WgYT+dNtpSqSEasQSVqzZJLzc4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 09:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1c:17:c3:4c:6c:8e:37:74:7a:e8:30:b1:24:53:d8:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d Validity Not Before: Dec 14 09:01:17 2025 GMT Not After : Dec 15 09:01:17 2025 GMT Subject: CN=cee98d30e2cde403dc1d56d258ca0e2a36baf28b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3e:8d:12:61:9f:c1:45:3c:8a:f7:a7:c6:bb: 77:1e:52:cf:90:15:57:89:ef:12:ed:59:68:32:bb: 3d:25:46:b7:7a:7f:7e:cb:9b:9f:a5:c5:08:32:8c: de:39:48:6d:dd:4c:01:d6:5a:de:1f:c6:88:1f:b8: 5b:33:2e:82:9e:ba:aa:7e:2a:c6:ec:49:38:bf:45: 27:40:f1:27:1b:d3:13:5d:5a:ce:f0:a9:16:96:6e: cc:ea:fb:10:f9:37:f5:54:64:8f:83:8f:9a:bf:16: c1:64:92:5b:89:73:c5:cf:6d:65:9d:83:a5:06:45: 2f:a1:f3:00:b4:e6:58:12:db:dd:aa:4b:88:36:a9: 4d:45:77:d9:56:40:0b:24:3d:6a:9c:16:83:67:33: c2:36:f6:14:56:a5:98:ca:3b:58:e2:ec:0c:14:93: 90:c3:50:73:8b:f8:cf:27:87:57:cb:3b:5c:ff:64: ca:d6:b9:dd:22:aa:bf:16:a2:76:75:5d:77:44:cc: 05:bf:bb:cf:2d:9a:01:36:69:66:8a:94:8f:dd:e1: 95:e6:e0:32:da:17:f8:37:66:13:d1:45:03:88:47: cb:8a:5a:8e:2c:3c:30:15:44:76:1a:97:21:cd:9b: d3:e9:b1:be:51:d8:7a:27:5a:32:7a:c9:43:53:bd: 9a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:E9:8D:30:E2:CD:E4:03:DC:1D:56:D2:58:CA:0E:2A:36:BA:F2:8B X509v3 Authority Key Identifier: keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:98:76:23:29:07:7d:32:3d:09:da:c6:a1:ed:b5:b2:a7:a6: 03:ca:fd:0b:b8:12:58:24:a8:c9:9b:6c:0d:6d:9f:60:00:2f: 6f:30:31:f7:63:f6:c5:b7:f5:a4:e1:df:d1:11:c4:81:e9:8f: f0:a5:e1:0e:52:3a:52:55:e1:ba:c9:f5:e2:ea:50:2a:91:19: c5:df:f3:e9:04:91:08:51:1d:4b:5c:fc:07:c1:a8:da:ae:f6: ba:06:81:22:7e:35:98:9b:4d:cd:ef:28:48:77:05:ec:1c:9a: c9:04:91:35:04:10:17:7c:88:8c:9f:95:1d:f7:1d:bd:3e:98: e6:00:a0:2b:2e:35:f0:37:80:f7:35:66:40:23:96:e2:8d:eb: c4:97:90:05:3f:d0:a8:6e:8c:67:1c:d1:ff:01:28:e5:d0:a7: 41:69:9c:4b:34:67:8f:5a:6c:98:64:6b:c0:8b:ed:7b:c5:20: 26:d5:36:1a:84:20:ce:08:f9:48:d5:36:78:f7:ef:90:6c:9d: 54:e6:89:fc:43:8e:b8:ca:b8:61:5d:56:96:0f:2b:35:bc:d9: 25:98:39:7a:9f:5f:8c:2c:24:7b:13:be:85:4e:6a:38:c4:96: 13:7f:84:b5:9d:7a:43:e4:5a:b7:5d:04:31:7e:0d:6e:c9:be: 8e:af:15:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZscF8NMbI43dHroMLEkU9gPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh ZjU0MGQwHhcNMjUxMjE0MDkwMTE3WhcNMjUxMjE1MDkwMTE3WjAzMTEwLwYDVQQD EyhjZWU5OGQzMGUyY2RlNDAzZGMxZDU2ZDI1OGNhMGUyYTM2YmFmMjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj6NEmGfwUU8ivenxrt3HlLPkBVX ie8S7VloMrs9JUa3en9+y5ufpcUIMozeOUht3UwB1lreH8aIH7hbMy6CnrqqfirG 7Ek4v0UnQPEnG9MTXVrO8KkWlm7M6vsQ+Tf1VGSPg4+avxbBZJJbiXPFz21lnYOl BkUvofMAtOZYEtvdqkuINqlNRXfZVkALJD1qnBaDZzPCNvYUVqWYyjtY4uwMFJOQ w1Bzi/jPJ4dXyztc/2TK1rndIqq/FqJ2dV13RMwFv7vPLZoBNmlmipSP3eGV5uAy 2hf4N2YT0UUDiEfLilqOLDwwFUR2GpchzZvT6bG+Udh6J1oyeslDU72a8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM7pjTDizeQD3B1W0ljKDio2uvKLMB8GA1UdIwQY MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt ZjVkOGFiN2MxNWYwLzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJh2IykH fTI9CdrGoe21sqemA8r9C7gSWCSoyZtsDW2fYAAvbzAx92P2xbf1pOHf0RHEgemP 8KXhDlI6UlXhusn14upQKpEZxd/z6QSRCFEdS1z8B8Go2q72ugaBIn41mJtNze8o SHcF7ByayQSRNQQQF3yIjJ+VHfcdvT6Y5gCgKy418DeA9zVmQCOW4o3rxJeQBT/Q qG6MZxzR/wEo5dCnQWmcSzRnj1psmGRrwIvte8UgJtU2GoQgzgj5SNU2ePfvkGyd VOaJ/EOOuMq4YV1Wlg8rNbzZJZg5ep9fjCwkexO+hU5qOMSWE3+EtZ16Q+Rat10E MX4Nbsm+jq8VRA== -----END CERTIFICATE-----Generated at Sun Dec 14 17:26:11 2025 by rpki-client