This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft File: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json) Hash identifier: /oE14T/Rt3teP2zpwaf4dQwRbVGyzZGN7l+R9fpDpbc= Subject key identifier: 67:94:84:73:C6:17:F1:5A:56:CB:6B:6D:1A:E7:D8:A8:A5:C9:D9:90 Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 Certificate issuer: /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Certificate serial: 019B4FCDD5D71BF65FC68A660F6CA0799198 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft Manifest number: 0B9E Signing time: Wed 24 Dec 2025 10:00:48 +0000 Manifest this update: Wed 24 Dec 2025 10:00:48 +0000 Manifest next update: Thu 25 Dec 2025 10:00:48 +0000 Files and hashes: 1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: Y2D7EkGs9QUUi2Cl4T/RCpKaIHp2ccCVi+CEQR3fDWo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:cd:d5:d7:1b:f6:5f:c6:8a:66:0f:6c:a0:79:91:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Validity Not Before: Dec 24 10:00:48 2025 GMT Not After : Dec 25 10:00:48 2025 GMT Subject: CN=67948473c617f15a56cb6b6d1ae7d8a8a5c9d990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1c:1c:69:fb:99:ef:86:e7:e3:68:06:f5:ac: ba:79:3f:f4:cc:f3:fb:27:e7:18:f2:34:da:4e:90: e2:8a:26:fc:e6:43:e9:fe:bc:24:3d:56:c6:c9:56: 54:6c:df:5f:bf:91:a7:00:25:93:5a:10:c8:31:76: 6c:fb:1b:e5:67:71:6c:e8:60:cc:eb:de:35:db:92: 96:f0:f2:e8:5f:1b:63:c2:b3:c6:be:92:3a:73:41: 58:8d:4a:72:ce:c1:e0:ed:13:d4:9e:ab:11:41:6b: ab:23:b6:da:51:db:b9:ee:77:f0:83:ff:63:a2:47: df:39:b5:77:f9:f0:7d:15:ae:36:db:f5:79:7a:75: 06:e1:15:8f:a2:e8:1a:c5:62:be:be:05:c8:73:4b: c0:22:9e:c0:e4:64:0a:ae:01:28:52:54:b1:f7:7d: f0:1f:56:30:4b:5a:01:9d:73:13:90:c5:31:f4:c4: 28:f2:4a:6a:49:7a:5e:a5:78:17:b4:65:b3:c4:27: e3:79:0f:da:c6:7b:c8:75:e1:09:71:c8:df:75:6a: e2:73:37:5d:22:6b:05:82:bf:72:48:1f:29:70:c3: eb:30:9b:aa:4e:41:dc:3f:3e:70:ec:d4:37:2c:10: 87:c5:43:b3:db:1b:9d:3f:a5:3b:3f:48:13:d8:81: e2:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:94:84:73:C6:17:F1:5A:56:CB:6B:6D:1A:E7:D8:A8:A5:C9:D9:90 X509v3 Authority Key Identifier: keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:f9:a7:62:44:3f:3c:24:b4:5b:b1:78:03:8d:2b:ea:b2:6e: 23:36:c3:6d:2c:4f:04:3a:1c:0d:8e:91:d2:18:c5:a1:b9:b9: 38:2c:62:c2:dd:03:af:b2:62:e3:19:fb:64:6b:87:37:cf:1b: a0:4d:71:67:71:1c:f6:af:ee:c2:47:43:f8:a8:92:70:99:fa: 19:35:8c:98:ab:3e:ec:be:dd:4a:ac:f0:35:cf:35:05:bb:6c: b8:f4:a9:62:26:48:02:e6:c6:22:19:ca:13:b9:d8:1e:ce:e4: 83:8c:27:bb:cc:f3:63:cd:0c:02:53:2e:47:c5:68:c8:bd:d5: bf:2e:31:93:b6:df:06:ff:05:f5:f8:5f:f0:19:6d:09:f6:6b: b3:5b:3f:2c:23:46:77:36:ee:1b:68:fc:77:52:b0:5b:65:c4: 31:36:4a:ef:6e:5a:95:bd:57:b1:48:86:bc:9e:93:67:eb:23: 12:79:44:2a:ec:77:0b:6d:2c:ac:c1:39:93:78:12:29:fa:62: 79:b3:38:3d:64:61:e3:09:31:3b:aa:4a:f3:63:59:de:8d:dc: 33:04:53:03:8b:5a:dd:9b:bf:68:f0:59:6f:43:43:46:dc:41: d2:1a:13:a0:b2:ce:d6:95:f5:97:86:e5:3c:93:44:b8:9b:eb: e7:a6:92:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzdXXG/ZfxopmD2ygeZGYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh MmJiMzMwHhcNMjUxMjI0MTAwMDQ4WhcNMjUxMjI1MTAwMDQ4WjAzMTEwLwYDVQQD Eyg2Nzk0ODQ3M2M2MTdmMTVhNTZjYjZiNmQxYWU3ZDhhOGE1YzlkOTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhwcafuZ74bn42gG9ay6eT/0zPP7 J+cY8jTaTpDiiib85kPp/rwkPVbGyVZUbN9fv5GnACWTWhDIMXZs+xvlZ3Fs6GDM 694125KW8PLoXxtjwrPGvpI6c0FYjUpyzsHg7RPUnqsRQWurI7baUdu57nfwg/9j okffObV3+fB9Fa422/V5enUG4RWPougaxWK+vgXIc0vAIp7A5GQKrgEoUlSx933w H1YwS1oBnXMTkMUx9MQo8kpqSXpepXgXtGWzxCfjeQ/axnvIdeEJccjfdWriczdd ImsFgr9ySB8pcMPrMJuqTkHcPz5w7NQ3LBCHxUOz2xudP6U7P0gT2IHi/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGeUhHPGF/FaVstrbRrn2KilydmQMB8GA1UdIwQY MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvmnYkQ/ PCS0W7F4A40r6rJuIzbDbSxPBDocDY6R0hjFobm5OCxiwt0Dr7Ji4xn7ZGuHN88b oE1xZ3Ec9q/uwkdD+KiScJn6GTWMmKs+7L7dSqzwNc81BbtsuPSpYiZIAubGIhnK E7nYHs7kg4wnu8zzY80MAlMuR8VoyL3Vvy4xk7bfBv8F9fhf8BltCfZrs1s/LCNG dzbuG2j8d1KwW2XEMTZK725alb1XsUiGvJ6TZ+sjEnlEKux3C20srME5k3gSKfpi ebM4PWRh4wkxO6pK82NZ3o3cMwRTA4ta3Zu/aPBZb0NDRtxB0hoToLLO1pX1l4bl PJNEuJvr56aS5A== -----END CERTIFICATE-----Generated at Wed Dec 24 18:30:31 2025 by rpki-client