This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft File: Ojz5kZosgUbJb1oUsVdFm3lLai4.mft (raw, json) Hash identifier: 3om9nb3KJQZ1jN7/WR5XCmlQExeoh/biwpcnwORj8dg= Subject key identifier: 0D:9A:04:60:BD:02:70:67:3E:8C:BE:9E:94:CA:22:EA:FD:8B:7F:D3 Authority key identifier: 3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E Certificate issuer: /CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e Certificate serial: 019B3A9011E11EEA8C33C1CF4C4022E7E013 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 07:01:18 +0000 Manifest this update: Sat 20 Dec 2025 07:01:18 +0000 Manifest next update: Sun 21 Dec 2025 07:01:18 +0000 Files and hashes: 1: Ojz5kZosgUbJb1oUsVdFm3lLai4.crl (hash: Th22kog855x2EAl7j6arIIEgDFDULCPWzaao1g56mEc=) 2: jm4B5paf_GVr-GpkHFsecVdl0nk.roa (hash: l8vtbC+hCoUUJ+YOCg7b9XUWVs7njLshIKLeOlHSZao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:11:e1:1e:ea:8c:33:c1:cf:4c:40:22:e7:e0:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e Validity Not Before: Dec 20 07:01:18 2025 GMT Not After : Dec 21 07:01:18 2025 GMT Subject: CN=0d9a0460bd0270673e8cbe9e94ca22eafd8b7fd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:77:e4:e4:8d:3f:e7:f0:db:f8:7f:b6:a5:9c: 30:d1:20:3c:5c:b9:cb:5e:9e:5d:0d:26:e2:7a:68: 92:5a:75:04:36:a0:62:40:07:88:1f:61:6d:d6:ee: fa:1f:8f:b9:60:d0:4e:49:cc:dd:ac:fe:cd:4e:e4: dd:15:b5:a1:0e:fe:00:df:c2:6a:57:f5:1a:ea:6b: e7:eb:99:66:dc:25:f3:fe:db:9a:ed:a8:0e:c5:91: 8f:c7:b1:19:2a:1e:c4:ab:53:87:ad:c7:f7:64:42: d8:33:2d:50:cf:e6:3d:ed:39:c6:a0:29:54:eb:26: 03:17:79:a5:1a:6a:e1:c3:9f:1e:be:5a:dc:8d:c3: 2f:24:a4:d2:e3:d6:44:e3:7b:64:50:8c:4d:2c:3d: a1:a1:d2:19:52:e5:ac:63:15:b4:af:75:48:7a:2e: c2:61:3d:f5:61:6e:7a:6f:77:fc:e1:d6:46:c8:46: 9b:7e:61:01:3a:ea:3e:5c:00:4c:cb:0e:51:fd:44: 1d:d7:a3:2e:df:d5:a3:e6:71:10:b4:b2:fa:9b:75: f5:37:fe:47:ef:6d:33:57:a5:b5:75:5c:a6:5d:ab: c0:e5:3d:4f:55:c0:e6:86:01:c5:7b:45:4d:4a:8c: 54:45:14:5b:44:61:47:7b:b3:0e:83:c8:81:cc:a8: 3a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:9A:04:60:BD:02:70:67:3E:8C:BE:9E:94:CA:22:EA:FD:8B:7F:D3 X509v3 Authority Key Identifier: keyid:3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:70:be:38:9a:4b:ad:c5:df:63:d9:53:74:67:9c:22:97:c5: 2a:0b:33:cd:c1:65:d6:87:eb:23:72:14:23:06:69:b2:a5:8f: 2f:8f:f0:09:a0:10:68:51:f0:55:7c:de:f1:05:7d:12:f1:44: ce:11:97:26:47:8c:c8:dd:95:ec:8c:a0:ee:f4:ca:45:2e:09: e9:96:ad:de:10:96:af:e3:8b:19:57:1d:d8:e3:db:69:a5:e8: 9a:43:90:f8:7b:14:ed:13:94:90:c6:e1:ed:71:4f:7d:82:bb: 19:7e:8f:b1:08:a7:8d:d2:fb:00:26:1a:9b:34:fa:e7:bc:0a: 32:d9:7e:37:68:eb:bc:9c:6e:50:89:7c:be:21:b0:ff:3b:97: db:fd:4c:a4:7c:a2:ac:f3:3e:40:3d:a5:ac:7d:85:a8:44:9b: 66:da:41:34:7b:3c:42:b6:38:4e:84:5d:6e:6a:cf:7f:69:96: cf:ef:10:35:2e:26:f8:3e:a8:de:9c:94:5e:d1:4f:d5:c9:3e: f2:43:ef:7c:f6:ed:8b:d2:ec:a6:e4:17:15:74:56:0c:3b:e9: 21:97:f7:0b:f2:a6:de:bf:47:c4:c2:f1:ad:3a:8c:fd:e4:9d: 53:22:ca:d4:16:1f:04:ce:51:c5:b1:56:85:30:16:e8:7d:70: 7e:35:cc:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kBHhHuqMM8HPTEAi5+ATMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhM2NmOTkxOWEyYzgxNDZjOTZmNWExNGIxNTc0NTliNzk0 YjZhMmUwHhcNMjUxMjIwMDcwMTE4WhcNMjUxMjIxMDcwMTE4WjAzMTEwLwYDVQQD EygwZDlhMDQ2MGJkMDI3MDY3M2U4Y2JlOWU5NGNhMjJlYWZkOGI3ZmQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHfk5I0/5/Db+H+2pZww0SA8XLnL Xp5dDSbiemiSWnUENqBiQAeIH2Ft1u76H4+5YNBOSczdrP7NTuTdFbWhDv4A38Jq V/Ua6mvn65lm3CXz/tua7agOxZGPx7EZKh7Eq1OHrcf3ZELYMy1Qz+Y97TnGoClU 6yYDF3mlGmrhw58evlrcjcMvJKTS49ZE43tkUIxNLD2hodIZUuWsYxW0r3VIei7C YT31YW56b3f84dZGyEabfmEBOuo+XABMyw5R/UQd16Mu39Wj5nEQtLL6m3X1N/5H 720zV6W1dVymXavA5T1PVcDmhgHFe0VNSoxURRRbRGFHe7MOg8iBzKg6wQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA2aBGC9AnBnPoy+npTKIur9i3/TMB8GA1UdIwQY MBaAFDo8+ZGaLIFGyW9aFLFXRZt5S2ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMt NzBjYmY1MTQ5YTVhLzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMtNzBjYmY1MTQ5YTVh LzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq3C+OJpL rcXfY9lTdGecIpfFKgszzcFl1ofrI3IUIwZpsqWPL4/wCaAQaFHwVXze8QV9EvFE zhGXJkeMyN2V7Iyg7vTKRS4J6Zat3hCWr+OLGVcd2OPbaaXomkOQ+HsU7ROUkMbh 7XFPfYK7GX6PsQinjdL7ACYamzT657wKMtl+N2jrvJxuUIl8viGw/zuX2/1MpHyi rPM+QD2lrH2FqESbZtpBNHs8QrY4ToRdbmrPf2mWz+8QNS4m+D6o3pyUXtFP1ck+ 8kPvfPbti9LspuQXFXRWDDvpIZf3C/Km3r9HxMLxrTqM/eSdUyLK1BYfBM5RxbFW hTAW6H1wfjXMrQ== -----END CERTIFICATE-----Generated at Sat Dec 20 13:52:13 2025 by rpki-client