This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft File: OCeQLuylKp8IFACI9VjkUuDslV8.mft (raw, json) Hash identifier: W33CWF2fL73aVexNEbTLA1Qi60Ln+kQByM8QQoTqTiQ= Subject key identifier: 6C:3E:89:2C:49:AA:E2:4C:5C:52:53:5E:1C:F5:CB:68:BE:5A:15:70 Authority key identifier: 38:27:90:2E:EC:A5:2A:9F:08:14:00:88:F5:58:E4:52:E0:EC:95:5F Certificate issuer: /CN=3827902eeca52a9f08140088f558e452e0ec955f Certificate serial: 019B32D724387D0D1431D1B7F31B614EFE66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft Manifest number: 0248 Signing time: Thu 18 Dec 2025 19:01:58 +0000 Manifest this update: Thu 18 Dec 2025 19:01:58 +0000 Manifest next update: Fri 19 Dec 2025 19:01:58 +0000 Files and hashes: 1: 7nhLLpXwqJ1voHCkK-P1ueQH-PM.roa (hash: Y5wnVvyZMdqfWGL6r50VzIWMh6QnpnoTzvTu5ABQUTI=) 2: OCeQLuylKp8IFACI9VjkUuDslV8.crl (hash: Qgjrje9/sQU2eMiGVV9AzCvDZqFejUnrSGqduSEvlvQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:24:38:7d:0d:14:31:d1:b7:f3:1b:61:4e:fe:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3827902eeca52a9f08140088f558e452e0ec955f Validity Not Before: Dec 18 19:01:58 2025 GMT Not After : Dec 19 19:01:58 2025 GMT Subject: CN=6c3e892c49aae24c5c52535e1cf5cb68be5a1570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5d:08:3f:d2:d5:77:bf:47:54:97:98:97:83: 28:e8:f1:42:c3:ff:1a:db:72:b0:bf:9e:ec:d9:29: 12:1e:cc:51:14:d3:a1:01:60:d2:53:82:4e:a0:cd: ee:ed:e7:47:89:2c:cb:93:6e:31:a8:69:90:d0:c5: 2a:f8:50:35:da:cb:37:54:20:d0:07:aa:52:3c:af: 8f:73:e4:44:6e:e0:98:7b:e1:3a:e2:b6:98:23:f1: 0d:2a:0b:17:1d:4e:ca:b8:e9:99:ab:c2:67:7b:93: d1:93:84:2e:7d:a2:47:37:f0:bd:08:4b:b4:71:1d: 14:4d:a7:46:ca:d7:f9:11:9f:20:c4:a9:b9:0d:7a: fd:9d:a4:e9:ac:6d:02:fa:17:86:6d:08:a0:32:b5: 0a:e8:f6:56:b0:6d:d7:c1:c9:a1:20:22:59:dd:ed: 61:e2:27:04:db:c8:47:67:20:44:8c:a2:42:bb:22: 6f:2e:fb:87:91:4b:b5:c3:13:40:c0:75:89:13:c6: f8:28:1c:bd:77:ce:e0:0d:aa:f2:a9:73:72:dd:9a: d3:09:8c:50:34:7e:82:f4:de:80:5f:a9:2e:ea:64: 73:64:55:20:06:1d:78:4b:be:97:57:0d:b9:13:55: 1d:2f:ef:cd:bd:80:0e:6e:32:89:39:73:5e:b7:1e: eb:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:3E:89:2C:49:AA:E2:4C:5C:52:53:5E:1C:F5:CB:68:BE:5A:15:70 X509v3 Authority Key Identifier: keyid:38:27:90:2E:EC:A5:2A:9F:08:14:00:88:F5:58:E4:52:E0:EC:95:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCeQLuylKp8IFACI9VjkUuDslV8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/19d13a-3ec6-4202-8d48-77db32647ca9/1/OCeQLuylKp8IFACI9VjkUuDslV8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:17:b9:f5:c9:d3:bf:75:0c:db:c3:90:d6:63:c9:21:f1:fb: f6:7f:3c:15:c2:e6:5e:b2:74:90:a8:40:ff:3f:04:3d:bc:bf: 3c:20:f4:83:57:d2:94:db:ba:45:46:25:3e:57:dd:32:76:92: 46:b8:4d:16:b5:57:42:ae:d7:16:11:dc:89:d5:5b:16:08:c2: f3:14:69:94:ae:5c:93:d5:0b:1b:0d:80:25:19:4b:ec:5c:43: d4:31:b8:92:72:ce:bb:86:d6:57:24:eb:c1:74:11:f9:b5:d3: be:01:e8:e3:a2:d1:a7:7c:46:95:42:35:62:09:b9:d8:d3:f2: 93:b2:22:8b:37:b3:e0:5e:1c:af:b5:30:5f:a4:32:be:b8:46: a3:11:91:66:ec:c0:37:37:94:2e:ac:3d:66:47:54:e5:25:7d: 46:7c:da:bf:2c:62:9c:85:de:d2:f6:63:02:a5:30:63:93:0b: 5f:e7:26:a2:b8:b8:64:83:0a:ef:aa:e5:32:6d:65:d0:49:3a: 63:17:e4:97:b4:2b:84:d5:9d:2f:7f:d4:3a:00:1d:29:bb:4c: 4a:db:79:4f:35:35:f3:88:21:54:d8:36:2e:0a:96:34:7a:ac: 46:30:09:bb:96:52:24:a4:ac:d5:99:5a:e8:d9:23:21:09:ce: 46:ec:6b:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1yQ4fQ0UMdG38xthTv5mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4Mjc5MDJlZWNhNTJhOWYwODE0MDA4OGY1NThlNDUyZTBl Yzk1NWYwHhcNMjUxMjE4MTkwMTU4WhcNMjUxMjE5MTkwMTU4WjAzMTEwLwYDVQQD Eyg2YzNlODkyYzQ5YWFlMjRjNWM1MjUzNWUxY2Y1Y2I2OGJlNWExNTcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp10IP9LVd79HVJeYl4Mo6PFCw/8a 23Kwv57s2SkSHsxRFNOhAWDSU4JOoM3u7edHiSzLk24xqGmQ0MUq+FA12ss3VCDQ B6pSPK+Pc+REbuCYe+E64raYI/ENKgsXHU7KuOmZq8Jne5PRk4QufaJHN/C9CEu0 cR0UTadGytf5EZ8gxKm5DXr9naTprG0C+heGbQigMrUK6PZWsG3XwcmhICJZ3e1h 4icE28hHZyBEjKJCuyJvLvuHkUu1wxNAwHWJE8b4KBy9d87gDaryqXNy3ZrTCYxQ NH6C9N6AX6ku6mRzZFUgBh14S76XVw25E1UdL+/NvYAObjKJOXNetx7rMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGw+iSxJquJMXFJTXhz1y2i+WhVwMB8GA1UdIwQY MBaAFDgnkC7spSqfCBQAiPVY5FLg7JVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xOWQxM2EtM2VjNi00MjAyLThkNDgt NzdkYjMyNjQ3Y2E5LzEvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS8xOWQxM2EtM2VjNi00MjAyLThkNDgtNzdkYjMyNjQ3Y2E5 LzEvT0NlUUx1eWxLcDhJRkFDSTlWamtVdURzbFY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxe59cnT v3UM28OQ1mPJIfH79n88FcLmXrJ0kKhA/z8EPby/PCD0g1fSlNu6RUYlPlfdMnaS RrhNFrVXQq7XFhHcidVbFgjC8xRplK5ck9ULGw2AJRlL7FxD1DG4knLOu4bWVyTr wXQR+bXTvgHo46LRp3xGlUI1Ygm52NPyk7Iiizez4F4cr7UwX6QyvrhGoxGRZuzA NzeULqw9ZkdU5SV9RnzavyxinIXe0vZjAqUwY5MLX+cmori4ZIMK76rlMm1l0Ek6 Yxfkl7QrhNWdL3/UOgAdKbtMStt5TzU184ghVNg2LgqWNHqsRjAJu5ZSJKSs1Zla 6NkjIQnORuxrqA== -----END CERTIFICATE-----Generated at Fri Dec 19 03:48:22 2025 by rpki-client