This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft File: OZETdfzEhZYSGQ6-zHrjcaAaam0.mft (raw, json) Hash identifier: JNbK8m1Xhbxh1rXmUZa+xnG0OfYTwUkTFiCFACH+Sn8= Subject key identifier: 8E:7C:58:F4:0D:27:08:C5:C6:55:84:4A:BA:80:79:9A:8E:16:50:7B Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d Certificate serial: 019B5A1A631C8580864B0122E707500628CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft Manifest number: 10C0 Signing time: Fri 26 Dec 2025 10:00:37 +0000 Manifest this update: Fri 26 Dec 2025 10:00:37 +0000 Manifest next update: Sat 27 Dec 2025 10:00:37 +0000 Files and hashes: 1: OZETdfzEhZYSGQ6-zHrjcaAaam0.crl (hash: VX14iO+XNom19sqlF2U1OogNo/+xzD4+agCYxFfx8Vk=) 2: mV-huyQ7uf2YxiJ1JUpDypBxzhA.roa (hash: XQgQ9aC7Ey76psDYNwOwzM5lgNTkkh3rEJlv1Rte2h0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:63:1c:85:80:86:4b:01:22:e7:07:50:06:28:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d Validity Not Before: Dec 26 10:00:37 2025 GMT Not After : Dec 27 10:00:37 2025 GMT Subject: CN=8e7c58f40d2708c5c655844aba80799a8e16507b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4b:b3:55:9e:30:0b:ce:57:dc:d0:88:07:27: ba:90:6a:a5:2f:21:9d:32:ed:9a:44:92:d3:02:04: 7b:24:d8:49:10:df:cf:5d:2a:7f:29:73:01:b3:5c: 26:2c:ed:6a:45:5e:e3:c0:f2:00:e3:7e:76:11:2b: 81:d9:09:92:53:de:45:05:e0:14:f0:19:1b:49:a0: 76:e9:3f:1d:e7:31:cb:43:d0:55:30:15:f4:65:28: 6a:7c:16:97:b5:1a:47:d8:2e:8c:7f:0a:46:d7:7b: ac:d4:52:e2:84:16:3f:ef:c7:f0:02:db:f8:15:1d: f9:04:fc:de:84:89:6e:5b:9d:c9:3f:79:99:a8:90: 5b:af:db:75:56:0d:95:b4:54:79:69:3d:3a:08:3e: 20:79:dd:e9:56:10:6e:bf:30:17:c3:36:c5:8e:35: 20:33:96:89:26:69:74:5c:c0:0b:2f:00:64:7a:b9: 3d:d1:c6:c0:1e:7b:10:31:3a:54:ef:95:16:e1:5e: ac:ab:09:12:bc:f3:46:03:0f:ac:75:91:2d:e3:83: c7:ab:99:c4:4e:52:0c:ce:67:11:9f:5f:3c:30:9d: 32:41:d1:3f:8d:c7:08:9d:3e:52:58:0b:ff:4e:17: ef:fd:cd:40:0f:92:83:ca:da:07:e4:18:bd:a3:0a: 40:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:7C:58:F4:0D:27:08:C5:C6:55:84:4A:BA:80:79:9A:8E:16:50:7B X509v3 Authority Key Identifier: keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c7:15:38:59:36:12:8f:8e:eb:32:2c:2b:35:56:4f:02:d6:76: 7d:b6:76:dc:b0:dc:4e:c6:b1:c6:c1:07:3e:d0:03:37:01:e6: f4:c8:28:96:67:20:82:c7:80:07:5d:d1:fc:5c:ac:43:84:aa: f1:ef:c9:f2:e0:20:b7:e0:0e:17:0d:44:45:53:c9:a7:85:dd: 60:f6:57:21:af:3b:82:fa:a6:20:c9:e5:99:0c:99:3c:c8:3d: 59:55:a2:46:01:3c:88:81:9d:35:d7:81:71:83:54:2a:c6:b3: 0f:ad:62:30:cc:9c:76:b0:bd:65:9f:fd:f9:e1:e3:2c:14:f6: 40:58:5f:36:49:a4:92:d4:63:c6:24:a7:9e:bd:35:b4:32:b5: fb:3e:98:47:c2:8e:7b:f5:4e:ab:1f:d0:97:6e:a2:43:6f:7e: aa:77:50:a3:75:e8:cd:51:af:ce:57:ce:3d:bb:a2:ad:be:23: d3:0e:bb:2e:92:eb:f1:04:e7:9d:2c:fb:5a:1b:c6:7c:56:aa: 56:10:00:bf:59:d2:de:69:e3:f7:02:3a:52:76:3a:60:e8:99: 56:86:70:12:77:1f:08:cd:f0:9e:d2:ac:75:01:18:f6:87:01: 88:6c:f4:6b:dc:11:1f:49:42:30:ea:ce:68:09:d2:50:e1:2d: e6:d8:94:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGmMchYCGSwEi5wdQBijOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx YTZhNmQwHhcNMjUxMjI2MTAwMDM3WhcNMjUxMjI3MTAwMDM3WjAzMTEwLwYDVQQD Eyg4ZTdjNThmNDBkMjcwOGM1YzY1NTg0NGFiYTgwNzk5YThlMTY1MDdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykuzVZ4wC85X3NCIBye6kGqlLyGd Mu2aRJLTAgR7JNhJEN/PXSp/KXMBs1wmLO1qRV7jwPIA4352ESuB2QmSU95FBeAU 8BkbSaB26T8d5zHLQ9BVMBX0ZShqfBaXtRpH2C6MfwpG13us1FLihBY/78fwAtv4 FR35BPzehIluW53JP3mZqJBbr9t1Vg2VtFR5aT06CD4ged3pVhBuvzAXwzbFjjUg M5aJJml0XMALLwBkerk90cbAHnsQMTpU75UW4V6sqwkSvPNGAw+sdZEt44PHq5nE TlIMzmcRn188MJ0yQdE/jccInT5SWAv/Thfv/c1AD5KDytoH5Bi9owpAPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI58WPQNJwjFxlWESrqAeZqOFlB7MB8GA1UdIwQY MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt OTMzZDkyZDAwMDBjLzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxxU4WTYS j47rMiwrNVZPAtZ2fbZ23LDcTsaxxsEHPtADNwHm9MgolmcggseAB13R/FysQ4Sq 8e/J8uAgt+AOFw1ERVPJp4XdYPZXIa87gvqmIMnlmQyZPMg9WVWiRgE8iIGdNdeB cYNUKsazD61iMMycdrC9ZZ/9+eHjLBT2QFhfNkmkktRjxiSnnr01tDK1+z6YR8KO e/VOqx/Ql26iQ29+qndQo3XozVGvzlfOPbuirb4j0w67LpLr8QTnnSz7WhvGfFaq VhAAv1nS3mnj9wI6UnY6YOiZVoZwEncfCM3wntKsdQEY9ocBiGz0a9wRH0lCMOrO aAnSUOEt5tiUwg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:23 2025 by rpki-client