This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft File: OIzM14vxZTPzMYVEPqgtza2SBBA.mft (raw, json) Hash identifier: CxoZV43IVoWGrxrusbQ2rem6Lsa6y8TaI6PtR8dJ2mg= Subject key identifier: B3:54:2D:02:01:3B:87:99:17:32:13:D6:20:DF:62:A4:98:D7:5A:E4 Authority key identifier: 38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 Certificate issuer: /CN=388cccd78bf16533f33185443ea82dcdad920410 Certificate serial: 019B2664344733712C3D8CFBCB34B18951CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft Manifest number: 0DB9 Signing time: Tue 16 Dec 2025 09:00:59 +0000 Manifest this update: Tue 16 Dec 2025 09:00:59 +0000 Manifest next update: Wed 17 Dec 2025 09:00:59 +0000 Files and hashes: 1: OIzM14vxZTPzMYVEPqgtza2SBBA.crl (hash: LWUde8BHXsxlfKM8iXMLLHqmgSwFxnzssfRHuozgfcE=) 2: S5-p15oe6PO1US7yiwalFk2guhA.roa (hash: RxwUj9qrcB8W+bA9U60Y3Yd+aWieeN2zZTQTfRBMSD8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 09:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:64:34:47:33:71:2c:3d:8c:fb:cb:34:b1:89:51:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=388cccd78bf16533f33185443ea82dcdad920410 Validity Not Before: Dec 16 09:00:59 2025 GMT Not After : Dec 17 09:00:59 2025 GMT Subject: CN=b3542d02013b8799173213d620df62a498d75ae4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:23:ae:0b:cf:85:61:93:e3:cf:a8:89:bf:fd: 75:cd:e0:71:b2:96:d3:94:26:a2:d4:97:20:8d:11: 54:d8:8a:cb:bf:b8:ba:ca:8e:ae:29:c4:13:94:8b: 3e:fb:4e:66:70:bb:40:8d:7c:5f:db:54:2d:9b:8a: 8f:00:55:ed:35:94:f4:20:80:a2:03:b6:12:88:22: b3:3a:13:df:9b:ba:b5:0a:21:7e:dd:8f:de:3f:b5: 8c:d9:d2:1d:80:21:03:fb:eb:5e:17:ec:82:8b:57: 12:58:54:db:3e:08:b5:49:36:f3:2b:88:b9:fb:c2: 26:03:d9:f2:e9:53:4c:cf:b4:8d:22:29:6e:dc:d6: 43:63:06:6b:ed:a1:d8:a7:b3:b8:ae:45:fc:c9:a5: 3c:44:e6:80:17:3c:0e:a3:0f:ed:fe:6d:b5:be:84: 65:13:b8:3d:25:f6:44:64:aa:83:d9:1e:73:1d:3e: 6f:48:71:93:58:8d:a3:2f:dd:af:88:86:fe:3c:a3: 71:97:35:27:10:af:f3:15:4e:90:94:31:bf:7f:db: 55:9c:d1:53:4a:29:49:1e:89:06:d3:bd:58:02:77: ae:b0:89:dd:e2:87:51:a2:68:d5:f2:f9:7c:25:51: 45:52:0d:55:22:e4:36:46:b2:c1:68:84:c0:ce:a6: 43:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:54:2D:02:01:3B:87:99:17:32:13:D6:20:DF:62:A4:98:D7:5A:E4 X509v3 Authority Key Identifier: keyid:38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:7b:6c:76:82:0a:0f:3b:ad:da:89:ba:4f:4f:5e:5b:71:f9: 76:ff:5c:1d:92:dd:f5:af:7d:24:70:b5:1b:b9:8d:55:f9:f4: c8:03:a7:d9:3d:2b:66:c7:fb:a5:3d:05:35:89:0d:75:e8:c8: 46:31:ca:35:d7:25:08:25:aa:92:18:29:ba:d0:38:d3:aa:a3: 3f:b0:41:64:76:95:61:86:a4:0f:9a:8c:5f:b3:b8:db:16:0f: 15:0a:48:4a:0c:19:6f:9c:ff:73:b0:43:80:7c:81:86:5f:40: f2:5d:1e:7e:35:a3:92:a8:6c:5e:cb:68:9f:f3:0a:36:ae:b9: 27:cd:ab:90:3c:fe:af:e7:95:d0:3d:48:16:f9:67:a9:a7:cf: a6:f1:86:bf:3a:49:cd:19:68:d8:b9:8e:ce:e3:ca:ef:a9:20: 10:71:2b:88:83:39:d8:a9:e9:b5:44:5c:3a:ac:08:b9:e7:1e: 80:62:c7:8c:79:5c:43:c0:a7:d9:5d:24:40:85:3d:7a:b1:98: e9:39:0b:23:f9:71:01:94:7d:30:d8:9e:f3:89:aa:fe:b0:e4: b5:0a:af:4a:3c:4b:d6:5e:47:f6:71:e1:1e:37:e1:58:f6:1f: f5:83:7d:5e:98:ff:b6:f6:b3:93:15:2b:93:37:cc:f4:7a:21: 9c:92:f0:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmZDRHM3EsPYz7yzSxiVHPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OGNjY2Q3OGJmMTY1MzNmMzMxODU0NDNlYTgyZGNkYWQ5 MjA0MTAwHhcNMjUxMjE2MDkwMDU5WhcNMjUxMjE3MDkwMDU5WjAzMTEwLwYDVQQD EyhiMzU0MmQwMjAxM2I4Nzk5MTczMjEzZDYyMGRmNjJhNDk4ZDc1YWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySOuC8+FYZPjz6iJv/11zeBxspbT lCai1JcgjRFU2IrLv7i6yo6uKcQTlIs++05mcLtAjXxf21Qtm4qPAFXtNZT0IICi A7YSiCKzOhPfm7q1CiF+3Y/eP7WM2dIdgCED++teF+yCi1cSWFTbPgi1STbzK4i5 +8ImA9ny6VNMz7SNIilu3NZDYwZr7aHYp7O4rkX8yaU8ROaAFzwOow/t/m21voRl E7g9JfZEZKqD2R5zHT5vSHGTWI2jL92viIb+PKNxlzUnEK/zFU6QlDG/f9tVnNFT SilJHokG071YAneusInd4odRomjV8vl8JVFFUg1VIuQ2RrLBaITAzqZDgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLNULQIBO4eZFzIT1iDfYqSY11rkMB8GA1UdIwQY MBaAFDiMzNeL8WUz8zGFRD6oLc2tkgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQt MjEwOThhNjEzNTdlLzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQtMjEwOThhNjEzNTdl LzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXtsdoIK Dzut2om6T09eW3H5dv9cHZLd9a99JHC1G7mNVfn0yAOn2T0rZsf7pT0FNYkNdejI RjHKNdclCCWqkhgputA406qjP7BBZHaVYYakD5qMX7O42xYPFQpISgwZb5z/c7BD gHyBhl9A8l0efjWjkqhsXston/MKNq65J82rkDz+r+eV0D1IFvlnqafPpvGGvzpJ zRlo2LmOzuPK76kgEHEriIM52KnptURcOqwIuecegGLHjHlcQ8Cn2V0kQIU9erGY 6TkLI/lxAZR9MNie84mq/rDktQqvSjxL1l5H9nHhHjfhWPYf9YN9Xpj/tvazkxUr kzfM9HohnJLwFA== -----END CERTIFICATE-----Generated at Tue Dec 16 19:50:29 2025 by rpki-client