This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft File: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft (raw, json) Hash identifier: weqvKOxo9XVFhDO5KD1R/l99HrSTu+jvlmcWNgNOldQ= Subject key identifier: F3:D0:3F:5B:DB:54:AA:1E:28:E0:B1:78:25:C4:B2:AC:C4:AD:78:87 Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Certificate serial: 019B0F6E816E53B65506E9A73E9E572FDBF9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft Manifest number: 0C3E Signing time: Thu 11 Dec 2025 22:00:58 +0000 Manifest this update: Thu 11 Dec 2025 22:00:58 +0000 Manifest next update: Fri 12 Dec 2025 22:00:58 +0000 Files and hashes: 1: F3oEv0QBT7ejRZnF2aTKoyEK5cI.roa (hash: MTTLBQPL1aOScQOGtAiCwXpSCEzlrz60TWKC9wTFgO4=) 2: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl (hash: KmSMB899GJ1iNjWvzY+4xc1gZXrVsSOXUm58fCuaC4w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:81:6e:53:b6:55:06:e9:a7:3e:9e:57:2f:db:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Validity Not Before: Dec 11 22:00:58 2025 GMT Not After : Dec 12 22:00:58 2025 GMT Subject: CN=f3d03f5bdb54aa1e28e0b17825c4b2acc4ad7887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a6:cb:85:91:c4:7f:77:85:ce:6c:a1:f0:4f: c8:6e:dd:33:bf:a1:6d:55:3b:c2:30:f9:10:11:9b: 10:59:96:b2:ee:be:a1:eb:fc:c1:51:42:86:4e:16: 86:3e:1c:18:3a:18:32:55:e0:e4:42:55:a1:a0:df: df:58:8b:ee:52:ec:f2:f2:f1:20:5a:fe:d9:6b:ad: 5a:ad:fa:65:d2:23:24:96:00:00:cf:18:96:e4:dd: 1d:ca:f5:55:51:e6:d7:67:75:d7:c2:ee:dc:ba:4d: 8b:88:ad:38:c3:1b:52:f6:1b:ab:b9:c0:95:88:c5: 59:42:7f:1d:98:0e:4f:a8:c8:98:cb:c7:1d:5d:1e: e4:45:61:a2:e8:83:84:43:75:b1:4b:63:e3:d2:cb: 50:d7:bb:39:b8:49:1e:41:57:6a:20:db:3b:d4:81: 81:98:ff:6a:f6:e5:d6:cb:60:b5:20:13:ae:b4:f8: 1b:ec:86:e2:4c:25:6c:dc:5f:84:60:ee:fc:bb:fc: d4:3c:94:9b:51:79:2e:9e:c4:3d:de:d7:81:a2:71: 2d:a3:e9:0d:2a:5c:63:1c:5a:aa:fa:3f:c3:2f:0d: de:7c:51:09:69:8c:89:b7:11:3a:9d:b3:44:4b:c4: ed:2b:b4:7e:65:03:a2:bc:20:30:35:c4:73:f5:55: 4a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:D0:3F:5B:DB:54:AA:1E:28:E0:B1:78:25:C4:B2:AC:C4:AD:78:87 X509v3 Authority Key Identifier: keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:e7:67:70:0d:9a:47:af:7e:18:48:8c:44:ca:83:55:75:af: 63:de:cf:bf:9d:c8:6f:01:bd:ca:26:7d:19:14:19:51:ff:87: ee:a2:0e:e2:ca:cf:75:99:13:55:30:2a:71:27:06:90:72:79: e6:f2:ab:a5:fa:e1:2a:6f:05:4e:5e:68:bb:cb:f8:3d:86:dd: b9:3a:90:3c:d7:94:3d:01:80:44:0d:0a:0f:42:32:f9:80:78: 60:12:06:d7:64:d2:73:ac:18:14:a4:04:47:65:d1:b3:de:2c: 11:56:60:08:da:08:c9:ba:71:a5:28:58:7f:ea:f4:63:68:5b: ed:e8:2b:d6:0f:d6:52:d7:46:33:f5:85:32:20:72:77:a6:06: 29:d6:7b:43:4d:17:a6:f5:c3:51:e2:a4:75:9b:85:a6:8b:25: b3:bb:d8:c2:7c:fa:ef:69:17:5a:23:8a:be:2c:02:9a:3f:d8: b0:cb:7b:7b:4b:81:89:ee:d7:a0:37:09:5f:09:4a:29:d7:3d: a0:fe:37:25:e8:56:16:f7:17:85:7b:9d:26:0a:a0:2e:76:b6: d7:ac:fb:12:c6:f5:19:92:02:27:cc:e4:c1:2e:7e:4e:1d:9b: 5c:e8:7c:05:5c:34:0e:7d:a6:8a:46:72:32:0b:a4:97:97:06: 6e:4d:9c:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPboFuU7ZVBumnPp5XL9v5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk Mjc3ZDYwHhcNMjUxMjExMjIwMDU4WhcNMjUxMjEyMjIwMDU4WjAzMTEwLwYDVQQD EyhmM2QwM2Y1YmRiNTRhYTFlMjhlMGIxNzgyNWM0YjJhY2M0YWQ3ODg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKbLhZHEf3eFzmyh8E/Ibt0zv6Ft VTvCMPkQEZsQWZay7r6h6/zBUUKGThaGPhwYOhgyVeDkQlWhoN/fWIvuUuzy8vEg Wv7Za61arfpl0iMklgAAzxiW5N0dyvVVUebXZ3XXwu7cuk2LiK04wxtS9hurucCV iMVZQn8dmA5PqMiYy8cdXR7kRWGi6IOEQ3WxS2Pj0stQ17s5uEkeQVdqINs71IGB mP9q9uXWy2C1IBOutPgb7IbiTCVs3F+EYO78u/zUPJSbUXkunsQ93teBonEto+kN KlxjHFqq+j/DLw3efFEJaYyJtxE6nbNES8TtK7R+ZQOivCAwNcRz9VVKqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPPQP1vbVKoeKOCxeCXEsqzErXiHMB8GA1UdIwQY MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt NDYxMTA0NmYxYTRlLzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOdncA2a R69+GEiMRMqDVXWvY97Pv53IbwG9yiZ9GRQZUf+H7qIO4srPdZkTVTAqcScGkHJ5 5vKrpfrhKm8FTl5ou8v4PYbduTqQPNeUPQGARA0KD0Iy+YB4YBIG12TSc6wYFKQE R2XRs94sEVZgCNoIybpxpShYf+r0Y2hb7egr1g/WUtdGM/WFMiByd6YGKdZ7Q00X pvXDUeKkdZuFposls7vYwnz672kXWiOKviwCmj/YsMt7e0uBie7XoDcJXwlKKdc9 oP43JehWFvcXhXudJgqgLna216z7Esb1GZICJ8zkwS5+Th2bXOh8BVw0Dn2mikZy Mgukl5cGbk2ctw== -----END CERTIFICATE-----Generated at Fri Dec 12 01:26:09 2025 by rpki-client