This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json) Hash identifier: RmYPxJlFKLScMF+sWxMVj+mVxhajjlWjpL4a4IrSAUc= Subject key identifier: 98:A3:F5:BD:9C:DD:C2:F4:6A:84:71:B0:D6:BA:26:0A:D3:E4:AD:3E Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd Certificate serial: 019B5A1A87AF4B7DCD2CC042CFE123DB51FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft Manifest number: 0FE5 Signing time: Fri 26 Dec 2025 10:00:46 +0000 Manifest this update: Fri 26 Dec 2025 10:00:46 +0000 Manifest next update: Sat 27 Dec 2025 10:00:46 +0000 Files and hashes: 1: 39kht1dMkPPkyzVEUtQczwfTvnI.roa (hash: nGaIvUiJ54BR8itFDRSZZFTb/ADjvMX1q4ZciY7jeK8=) 2: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=) 3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: DlCsZA/mrS+XDPVWmjYa9nTLDfbqr8A+LhjXmreuR+U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:87:af:4b:7d:cd:2c:c0:42:cf:e1:23:db:51:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd Validity Not Before: Dec 26 10:00:46 2025 GMT Not After : Dec 27 10:00:46 2025 GMT Subject: CN=98a3f5bd9cddc2f46a8471b0d6ba260ad3e4ad3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:df:00:c0:9a:32:75:4d:7a:56:9c:0a:95:19: 84:1b:4a:9f:a0:c7:ab:a6:d6:f0:01:ad:45:cb:66: b9:46:82:f1:73:77:91:0c:1d:a4:b9:25:bc:17:06: 0b:14:05:57:fc:45:97:94:2f:d0:3e:dc:e1:e0:e4: 57:3c:21:3b:95:dc:53:c8:de:dd:63:5e:f9:b5:80: 5a:5a:ad:45:c4:5b:ec:fd:6c:d1:12:6a:42:be:24: 5f:5f:2d:17:13:e9:24:7d:25:12:6f:9a:1f:f3:d2: 79:ac:b6:5f:b5:d1:13:78:2d:6e:59:07:8b:62:f0: 9a:fb:52:ce:ff:18:8a:a4:71:d9:ab:e1:df:e0:55: 85:e7:28:5b:ee:1b:f2:37:be:fe:d2:42:92:0b:83: 14:00:a4:58:7d:27:95:b7:bc:89:04:af:1a:6c:0d: fd:b2:ac:38:92:76:3a:d5:f1:2a:cd:fc:1c:37:b5: 48:7b:3a:e3:c3:a2:7c:b3:ad:fe:c7:f1:ac:81:6b: 27:18:79:79:e2:45:84:ae:de:6e:56:c1:c6:ea:40: 6c:99:b2:ce:89:3e:ec:ea:11:6e:15:47:56:6f:ea: b3:5c:03:a0:54:00:e7:a2:e9:97:ba:c0:21:11:3e: 3e:f6:6c:3b:e8:c2:56:a4:26:77:e9:2b:e2:60:fe: 4f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:A3:F5:BD:9C:DD:C2:F4:6A:84:71:B0:D6:BA:26:0A:D3:E4:AD:3E X509v3 Authority Key Identifier: keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:fd:24:a0:56:6d:1a:02:61:b7:e2:7d:0e:c4:d2:af:47:b8: d2:05:46:61:5c:70:be:e5:72:eb:ca:ae:0a:c7:84:f9:a9:6a: 4e:28:47:76:e6:3a:e2:85:7a:66:d4:93:4a:1d:1a:18:d4:9e: fd:73:e7:06:ef:cf:b6:82:f9:02:9d:5f:12:78:58:ae:16:66: c0:3e:62:28:b8:85:07:3a:5c:d6:7c:63:12:25:38:ad:7b:b3: 53:6e:f5:64:e5:87:a9:5d:9c:e1:20:f0:5a:14:9d:d9:36:d2: 6f:b3:81:e8:e1:b5:af:d4:be:07:fa:e7:3a:fc:56:37:97:27: c2:34:2e:21:8e:2f:2d:f9:43:15:0c:68:e7:c1:e4:63:c4:30: 3b:6f:ec:0a:fd:57:32:97:e4:7b:80:07:e1:0c:4e:50:fc:5e: 0a:08:a4:5c:54:3c:f3:50:01:18:7f:7f:40:31:26:92:e7:b6: 6f:d6:d2:c0:ce:5b:f1:81:75:5c:ce:fa:04:8d:d4:08:97:da: 4a:d5:c8:61:74:8b:84:87:93:2a:64:a8:49:3a:b0:ff:50:bc: cb:4f:5e:47:f1:53:44:25:a9:53:1f:ba:f5:c5:94:0a:fb:9a: fc:a7:4e:76:73:9a:2a:97:4f:73:3b:c0:9c:c0:25:5a:76:87: 30:15:21:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGoevS33NLMBCz+Ej21H6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz N2NhY2QwHhcNMjUxMjI2MTAwMDQ2WhcNMjUxMjI3MTAwMDQ2WjAzMTEwLwYDVQQD Eyg5OGEzZjViZDljZGRjMmY0NmE4NDcxYjBkNmJhMjYwYWQzZTRhZDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA198AwJoydU16VpwKlRmEG0qfoMer ptbwAa1Fy2a5RoLxc3eRDB2kuSW8FwYLFAVX/EWXlC/QPtzh4ORXPCE7ldxTyN7d Y175tYBaWq1FxFvs/WzREmpCviRfXy0XE+kkfSUSb5of89J5rLZftdETeC1uWQeL YvCa+1LO/xiKpHHZq+Hf4FWF5yhb7hvyN77+0kKSC4MUAKRYfSeVt7yJBK8abA39 sqw4knY61fEqzfwcN7VIezrjw6J8s63+x/GsgWsnGHl54kWErt5uVsHG6kBsmbLO iT7s6hFuFUdWb+qzXAOgVADnoumXusAhET4+9mw76MJWpCZ36SviYP5PUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJij9b2c3cL0aoRxsNa6JgrT5K0+MB8GA1UdIwQY MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4 LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/0koFZt GgJht+J9DsTSr0e40gVGYVxwvuVy68quCseE+alqTihHduY64oV6ZtSTSh0aGNSe /XPnBu/PtoL5Ap1fEnhYrhZmwD5iKLiFBzpc1nxjEiU4rXuzU271ZOWHqV2c4SDw WhSd2TbSb7OB6OG1r9S+B/rnOvxWN5cnwjQuIY4vLflDFQxo58HkY8QwO2/sCv1X Mpfke4AH4QxOUPxeCgikXFQ881ABGH9/QDEmkue2b9bSwM5b8YF1XM76BI3UCJfa StXIYXSLhIeTKmSoSTqw/1C8y09eR/FTRCWpUx+69cWUCvua/KdOdnOaKpdPczvA nMAlWnaHMBUh5w== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:25 2025 by rpki-client