This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft File: oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json) Hash identifier: M5V8612jS+eK5PWPtBK+oxIXO2lTBuTn/35XEUJ+vyA= Subject key identifier: BA:21:56:C7:FF:D7:80:39:7F:47:A3:20:1F:65:03:90:17:B2:AF:F5 Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9 Certificate issuer: /CN=a0564f798019051874e02ceee3fd21cbceab4ae9 Certificate serial: 019B42B6B9217536A61E1881B78826FA7E1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft Manifest number: 0C91 Signing time: Sun 21 Dec 2025 21:00:29 +0000 Manifest this update: Sun 21 Dec 2025 21:00:29 +0000 Manifest next update: Mon 22 Dec 2025 21:00:29 +0000 Files and hashes: 1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: lHX48dpBP7B3D3SAnuXhl3AdzN8rTsFNkW7oEG8WjY0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b6:b9:21:75:36:a6:1e:18:81:b7:88:26:fa:7e:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9 Validity Not Before: Dec 21 21:00:29 2025 GMT Not After : Dec 22 21:00:29 2025 GMT Subject: CN=ba2156c7ffd780397f47a3201f65039017b2aff5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:36:4c:61:bb:10:6f:0d:e8:ff:0e:a8:05:39: 84:3b:48:24:1c:07:07:05:23:e9:74:50:14:c7:76: 01:fc:ae:93:94:2d:73:c8:cb:c5:82:0c:c6:77:39: 0d:e3:05:06:c4:9e:eb:1e:2e:48:41:c3:87:40:87: e3:a0:34:1d:c9:ba:31:25:b0:c2:43:b5:1e:8a:a8: 3f:e2:87:28:ee:2e:7e:6b:2f:a7:55:61:7d:19:17: 9f:d8:92:e6:8a:3c:a9:80:cb:2b:e9:fa:32:5d:e2: 58:42:83:e7:f9:d5:33:5f:6d:51:b2:14:40:e2:04: 86:65:af:5a:be:d8:90:41:87:ff:de:b9:07:35:bb: 7d:c5:a0:c1:ec:10:c1:4c:6d:be:ed:aa:12:24:77: 96:fc:93:9a:15:52:d7:e1:89:99:c7:5c:53:7b:94: bc:89:8a:27:01:a7:79:d2:33:3e:33:f4:e7:62:d8: 60:ed:f7:49:c8:8d:13:ee:e6:40:d3:e0:2a:d2:d4: 19:c4:08:3f:c2:a7:b9:85:06:65:44:25:3b:9f:2c: 91:c8:45:4f:92:57:aa:c3:2a:bb:cc:b0:fb:4f:5a: ed:61:92:c4:4a:4b:cc:07:4f:dc:d3:6a:70:ee:7a: 25:02:5d:75:db:34:66:c6:39:f8:97:29:b7:f8:0d: dd:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:21:56:C7:FF:D7:80:39:7F:47:A3:20:1F:65:03:90:17:B2:AF:F5 X509v3 Authority Key Identifier: keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:ee:74:fa:b6:a6:46:88:d8:a3:79:c9:d4:65:9c:02:9d:85: f1:ee:18:a8:1b:3d:73:b2:38:7e:15:ab:f3:49:7f:72:96:00: b4:46:03:02:af:58:bf:5b:f6:12:83:2c:13:4d:39:d0:1b:f6: 93:d5:64:f1:59:5b:b4:d7:a1:b2:44:fa:7f:5b:d6:d5:22:33: ed:bd:95:0c:25:38:ae:33:07:0a:8f:0c:5f:5a:f9:b6:80:a9: a9:23:68:65:6d:e7:23:7c:9c:8d:0d:33:67:5b:3b:d5:8f:c9: 32:de:a4:93:89:ea:1e:f2:e5:ee:0b:64:24:81:7d:15:d7:97: 0a:44:6f:c4:ef:de:59:02:c5:1c:6f:c5:a3:5d:3b:e1:9f:b4: c8:35:5d:6d:ed:93:77:6d:61:93:aa:4d:d2:58:a4:ba:58:79: 0c:d0:81:ee:9c:ac:6a:fe:35:a5:0b:b5:9e:5b:91:50:4b:ef: bc:68:d4:e4:c0:c4:f4:9f:b7:79:bd:20:57:35:b6:00:14:a1: 73:d3:b5:13:ea:0e:c4:c4:f6:48:fa:fb:88:01:cc:ec:55:e9: 2b:6c:47:fc:0f:9b:a7:e3:33:38:3c:94:09:d9:05:18:6d:9b: b3:cc:25:b6:f8:13:65:2b:9c:2c:af:6c:d9:ff:11:ec:6c:5d: f8:b9:5c:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCtrkhdTamHhiBt4gm+n4bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh YjRhZTkwHhcNMjUxMjIxMjEwMDI5WhcNMjUxMjIyMjEwMDI5WjAzMTEwLwYDVQQD EyhiYTIxNTZjN2ZmZDc4MDM5N2Y0N2EzMjAxZjY1MDM5MDE3YjJhZmY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DZMYbsQbw3o/w6oBTmEO0gkHAcH BSPpdFAUx3YB/K6TlC1zyMvFggzGdzkN4wUGxJ7rHi5IQcOHQIfjoDQdyboxJbDC Q7Ueiqg/4oco7i5+ay+nVWF9GRef2JLmijypgMsr6foyXeJYQoPn+dUzX21RshRA 4gSGZa9avtiQQYf/3rkHNbt9xaDB7BDBTG2+7aoSJHeW/JOaFVLX4YmZx1xTe5S8 iYonAad50jM+M/TnYthg7fdJyI0T7uZA0+Aq0tQZxAg/wqe5hQZlRCU7nyyRyEVP kleqwyq7zLD7T1rtYZLESkvMB0/c02pw7nolAl112zRmxjn4lym3+A3dXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLohVsf/14A5f0ejIB9lA5AXsq/1MB8GA1UdIwQY MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+50+ram RojYo3nJ1GWcAp2F8e4YqBs9c7I4fhWr80l/cpYAtEYDAq9Yv1v2EoMsE0050Bv2 k9Vk8VlbtNehskT6f1vW1SIz7b2VDCU4rjMHCo8MX1r5toCpqSNoZW3nI3ycjQ0z Z1s71Y/JMt6kk4nqHvLl7gtkJIF9FdeXCkRvxO/eWQLFHG/Fo1074Z+0yDVdbe2T d21hk6pN0likulh5DNCB7pysav41pQu1nluRUEvvvGjU5MDE9J+3eb0gVzW2ABSh c9O1E+oOxMT2SPr7iAHM7FXpK2xH/A+bp+MzODyUCdkFGG2bs8wltvgTZSucLK9s 2f8R7Gxd+Llchg== -----END CERTIFICATE-----Generated at Mon Dec 22 05:37:45 2025 by rpki-client