This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json) Hash identifier: o6Vp/oLqiDTQ2rDrN16YxsaV4xIMLlLfWwOP3u4G3zw= Subject key identifier: 05:CD:5D:07:93:D3:CE:73:B8:E0:2A:74:DF:82:E2:B7:67:67:C3:1E Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Certificate serial: 019B10B8281F6ED6179741A4CE90A19E5A76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft Manifest number: 1035 Signing time: Fri 12 Dec 2025 04:01:02 +0000 Manifest this update: Fri 12 Dec 2025 04:01:02 +0000 Manifest next update: Sat 13 Dec 2025 04:01:02 +0000 Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: TQZ+xvV3DQMsJXldk04PTf29jS485b6PLtYhNeXjBDE=) 2: T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa (hash: l/FPlArXvYmwy1iwUTLkf9bdXt1EQpVFOKjPM76DwnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:b8:28:1f:6e:d6:17:97:41:a4:ce:90:a1:9e:5a:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Validity Not Before: Dec 12 04:01:02 2025 GMT Not After : Dec 13 04:01:02 2025 GMT Subject: CN=05cd5d0793d3ce73b8e02a74df82e2b76767c31e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:ed:dd:b0:12:f8:64:f0:3a:79:08:40:a5:75: ec:dd:54:df:95:a9:5a:e9:03:45:0c:b5:77:ef:08: cc:a8:90:fc:be:c8:ab:25:e8:e5:83:67:ef:d4:4f: 32:f3:5b:94:7d:d1:12:49:ee:40:0b:80:06:85:da: 21:b9:8e:bb:46:bc:53:4e:ca:53:6e:89:9b:74:cf: a5:6e:ac:89:45:5e:a1:fc:da:c4:7c:d8:f8:c4:5f: ba:a0:71:bb:35:29:91:4a:5c:ec:a9:e8:1a:3c:ce: e8:05:30:a5:58:26:a6:e7:89:c6:22:8c:26:84:f5: c1:27:26:52:17:c4:ac:ef:44:49:99:75:d9:12:b5: 3d:75:a1:c2:b2:d4:9b:39:55:2b:dd:80:d0:fe:f6: 5f:d7:eb:17:7d:a6:1e:04:20:7a:2d:e7:fc:c9:7f: 55:35:b1:9b:f8:37:5f:af:de:dd:28:1b:60:fa:43: 69:64:48:78:9f:21:77:f5:1b:f5:c8:ef:f8:61:94: 1e:01:f3:12:bb:9a:d6:5f:1a:41:f5:a7:70:0d:4d: 2e:2f:7b:5f:a6:1f:e1:9c:67:85:08:2b:ae:cb:12: 83:2b:0d:97:27:73:eb:15:17:d6:f6:86:78:25:6d: 56:72:e6:b6:60:00:44:ad:d6:20:a5:8e:eb:65:71: f9:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:CD:5D:07:93:D3:CE:73:B8:E0:2A:74:DF:82:E2:B7:67:67:C3:1E X509v3 Authority Key Identifier: keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:15:0f:44:cb:04:39:95:5e:f5:0c:9d:58:60:8b:9c:e3:0d: 53:8a:42:5e:5e:64:f2:cd:69:8b:3b:43:9b:3f:eb:82:cf:25: 6c:bc:bc:40:3f:54:a5:e0:77:68:19:dd:d0:2d:62:54:0d:b1: 95:9f:cc:30:df:b8:0c:ef:e6:00:a3:c7:16:78:d8:13:35:8b: d7:bd:71:6b:93:59:4a:c3:4e:31:c0:a9:4d:2d:df:c0:31:6c: e6:50:7d:87:3c:9e:70:cc:73:56:d4:f0:7b:da:a4:6a:c3:f6: 9b:16:aa:63:a2:f2:95:65:61:6b:23:16:06:8d:88:fc:00:57: fc:f1:e1:cb:2c:c0:23:98:a0:a1:c1:cc:63:ca:bf:06:cf:77: c3:07:d6:6a:56:36:bb:ac:03:3d:45:fe:ea:51:13:ae:46:57: 65:0e:8b:87:d5:10:29:b0:99:66:c5:fc:61:ab:09:3d:24:6e: d1:73:78:54:d8:07:34:c6:ca:88:cd:b0:a4:48:6c:30:c6:f1: 95:aa:05:57:f8:81:05:1a:1c:9f:41:ca:a2:26:b5:ed:99:e8: 91:4a:55:fd:00:16:e8:01:a1:ad:3b:95:cf:a7:47:11:2d:7c: 59:e9:40:81:e8:50:fc:b0:0f:fa:ea:2f:e2:6d:ed:9f:0f:b6: 96:3a:f1:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQuCgfbtYXl0GkzpChnlp2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5 OWI1MjkwHhcNMjUxMjEyMDQwMTAyWhcNMjUxMjEzMDQwMTAyWjAzMTEwLwYDVQQD EygwNWNkNWQwNzkzZDNjZTczYjhlMDJhNzRkZjgyZTJiNzY3NjdjMzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje3dsBL4ZPA6eQhApXXs3VTflala 6QNFDLV37wjMqJD8vsirJejlg2fv1E8y81uUfdESSe5AC4AGhdohuY67RrxTTspT bombdM+lbqyJRV6h/NrEfNj4xF+6oHG7NSmRSlzsqegaPM7oBTClWCam54nGIowm hPXBJyZSF8Ss70RJmXXZErU9daHCstSbOVUr3YDQ/vZf1+sXfaYeBCB6Lef8yX9V NbGb+Ddfr97dKBtg+kNpZEh4nyF39Rv1yO/4YZQeAfMSu5rWXxpB9adwDU0uL3tf ph/hnGeFCCuuyxKDKw2XJ3PrFRfW9oZ4JW1Wcua2YABErdYgpY7rZXH53QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXNXQeT085zuOAqdN+C4rdnZ8MeMB8GA1UdIwQY MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvBUPRMsE OZVe9QydWGCLnOMNU4pCXl5k8s1piztDmz/rgs8lbLy8QD9UpeB3aBnd0C1iVA2x lZ/MMN+4DO/mAKPHFnjYEzWL171xa5NZSsNOMcCpTS3fwDFs5lB9hzyecMxzVtTw e9qkasP2mxaqY6LylWVhayMWBo2I/ABX/PHhyyzAI5igocHMY8q/Bs93wwfWalY2 u6wDPUX+6lETrkZXZQ6Lh9UQKbCZZsX8YasJPSRu0XN4VNgHNMbKiM2wpEhsMMbx laoFV/iBBRocn0HKoia17ZnokUpV/QAW6AGhrTuVz6dHES18WelAgehQ/LAP+uov 4m3tnw+2ljrx2A== -----END CERTIFICATE-----Generated at Fri Dec 12 08:00:01 2025 by rpki-client