This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft File: O_zNSgBCLIZfUJO4W7howrswxGk.mft (raw, json) Hash identifier: y6wI8sxFMdlrJuNEGkmetGG+aEBjWJ5XUp9dQ3eXFwM= Subject key identifier: 5C:DD:A7:54:C1:C7:36:4B:54:88:4A:05:EA:AB:BF:11:E7:CC:CF:32 Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69 Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469 Certificate serial: 019B46266F114615788B4861E5BA41AA3F8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft Manifest number: 1790 Signing time: Mon 22 Dec 2025 13:01:22 +0000 Manifest this update: Mon 22 Dec 2025 13:01:22 +0000 Manifest next update: Tue 23 Dec 2025 13:01:22 +0000 Files and hashes: 1: 3U1ZWgNoASiRwWRzOTs9a26_aSI.roa (hash: rfiPEMHu4Dy2ke39aiCtx6HNVMRJPDS81QuXHyTH8CQ=) 2: LC2WPuI9QLIZ8RbSjNvSRTUaDs4.asa (hash: TvS/cC1UWjyeu6FeGmxZxswAr/BZFOyjaWFqao1VhuI=) 3: O_zNSgBCLIZfUJO4W7howrswxGk.crl (hash: 1qxKwd7kon+KfEBf+qoUWu7VRN9TG6WVFBLnI8k/iio=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:26:6f:11:46:15:78:8b:48:61:e5:ba:41:aa:3f:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469 Validity Not Before: Dec 22 13:01:22 2025 GMT Not After : Dec 23 13:01:22 2025 GMT Subject: CN=5cdda754c1c7364b54884a05eaabbf11e7cccf32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:38:83:0e:5e:47:2d:96:fa:90:88:bb:21:37: 95:f8:23:33:69:00:a1:6c:66:f7:65:ea:f1:a1:7f: 44:77:f8:05:f6:58:36:2e:92:47:61:06:57:6a:8a: c7:ed:ed:1a:f7:e4:3b:39:41:fb:99:62:d3:37:8e: 31:99:be:6f:36:96:b8:85:e5:51:f2:c3:b8:5c:e7: 6f:2e:0b:4a:75:d2:c2:94:81:21:6c:86:6d:81:a7: 7a:77:6a:d0:b1:a1:52:fa:71:6f:53:f0:97:a9:49: 7c:a2:e5:7d:8a:ce:d9:14:e3:9c:4f:42:36:f9:cb: a3:8b:8c:38:71:b8:57:2f:0f:9c:79:fe:f7:d1:57: 49:9f:ff:eb:7c:6b:fd:e9:59:92:d7:86:d5:36:25: ff:9d:b3:c6:ca:0c:d2:43:da:6b:cb:a4:aa:55:5e: be:2e:53:16:13:a7:30:ed:d2:29:97:ce:01:a2:59: 44:50:1e:64:79:72:fd:51:48:ce:72:a7:4b:a6:b8: 9d:dd:12:7e:47:0a:0c:10:1b:c3:de:d4:5c:e2:ee: a2:47:2c:b7:cb:7d:31:03:35:48:9b:c1:9f:b5:46: 49:9c:0e:5a:1c:1f:00:66:c1:91:0c:ae:47:6b:b6: cc:3e:ef:7e:a4:bf:00:e9:7c:8c:26:99:83:f5:9e: 9a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:DD:A7:54:C1:C7:36:4B:54:88:4A:05:EA:AB:BF:11:E7:CC:CF:32 X509v3 Authority Key Identifier: keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:4d:6c:3d:69:95:f7:b3:46:62:2c:3c:6f:00:fa:6e:52:bb: 81:ed:4b:e0:c8:b1:dd:4e:ce:04:54:33:13:9e:ce:d1:bd:cb: bd:2b:d1:07:68:00:8d:00:8c:a1:58:ef:5a:cf:0b:87:e0:3f: 42:b0:f2:e5:a1:b9:74:2a:fe:b1:f8:42:32:69:ba:ad:c3:ec: e8:06:6a:1b:bd:9c:fc:8d:c1:8e:6f:f1:3f:46:25:35:9a:49: 5c:25:dc:8d:57:c1:cd:8f:8a:5c:61:80:64:55:79:ac:d5:9a: ef:ad:b9:3b:1c:51:e0:0a:1d:7f:3e:d5:84:86:50:1a:b5:4d: 52:75:df:9b:ac:d5:25:27:9f:1a:c5:41:94:77:10:cb:a8:f6: 8b:1f:b3:de:a7:29:12:94:45:1f:b9:2a:8c:40:50:ff:7d:0f: e0:65:f9:ef:c4:aa:dc:c6:54:5f:ea:65:7c:da:e3:79:e3:61: df:8d:61:ed:21:ec:c9:ad:a5:9f:ce:78:90:7c:9f:b4:95:41: 30:d4:45:e5:fd:49:75:77:ab:d4:5e:2e:f7:a0:f4:28:9e:76: 7b:91:87:bb:da:4d:b2:49:2e:84:9a:9e:78:dd:ce:f5:7b:b9: 0a:c0:cc:6b:e7:e1:ec:d4:c6:05:a2:24:1b:b5:29:24:f4:3b: 5e:46:be:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJm8RRhV4i0hh5bpBqj+PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZmNjZDRhMDA0MjJjODY1ZjUwOTNiODViYjg2OGMyYmIz MGM0NjkwHhcNMjUxMjIyMTMwMTIyWhcNMjUxMjIzMTMwMTIyWjAzMTEwLwYDVQQD Eyg1Y2RkYTc1NGMxYzczNjRiNTQ4ODRhMDVlYWFiYmYxMWU3Y2NjZjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvziDDl5HLZb6kIi7ITeV+CMzaQCh bGb3ZerxoX9Ed/gF9lg2LpJHYQZXaorH7e0a9+Q7OUH7mWLTN44xmb5vNpa4heVR 8sO4XOdvLgtKddLClIEhbIZtgad6d2rQsaFS+nFvU/CXqUl8ouV9is7ZFOOcT0I2 +cuji4w4cbhXLw+cef730VdJn//rfGv96VmS14bVNiX/nbPGygzSQ9pry6SqVV6+ LlMWE6cw7dIpl84BollEUB5keXL9UUjOcqdLprid3RJ+RwoMEBvD3tRc4u6iRyy3 y30xAzVIm8GftUZJnA5aHB8AZsGRDK5Ha7bMPu9+pL8A6XyMJpmD9Z6aDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFzdp1TBxzZLVIhKBeqrvxHnzM8yMB8GA1UdIwQY MBaAFDv8zUoAQiyGX1CTuFu4aMK7MMRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgt NjNhZTBiZmMxNjlmLzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgtNjNhZTBiZmMxNjlm LzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAak1sPWmV 97NGYiw8bwD6blK7ge1L4Mix3U7OBFQzE57O0b3LvSvRB2gAjQCMoVjvWs8Lh+A/ QrDy5aG5dCr+sfhCMmm6rcPs6AZqG72c/I3Bjm/xP0YlNZpJXCXcjVfBzY+KXGGA ZFV5rNWa7625OxxR4Aodfz7VhIZQGrVNUnXfm6zVJSefGsVBlHcQy6j2ix+z3qcp EpRFH7kqjEBQ/30P4GX578Sq3MZUX+plfNrjeeNh341h7SHsya2ln854kHyftJVB MNRF5f1JdXer1F4u96D0KJ52e5GHu9pNskkuhJqeeN3O9Xu5CsDMa+fh7NTGBaIk G7UpJPQ7Xka+HA== -----END CERTIFICATE-----Generated at Mon Dec 22 20:35:38 2025 by rpki-client