This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft File: OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft (raw, json) Hash identifier: aoxk+ixrdfAluqongAh4X8pKYBYsILY5Q0oLjCk10ME= Subject key identifier: 2D:A1:32:9B:5D:10:74:4E:62:74:D0:72:60:F8:23:9D:09:B7:4E:50 Authority key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7 Certificate issuer: /CN=38728e9bd37399df9ffae587bd06884b350a65b7 Certificate serial: 019B0E5B721273979BF5ED9325E389FC71E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft Manifest number: 165A Signing time: Thu 11 Dec 2025 17:00:32 +0000 Manifest this update: Thu 11 Dec 2025 17:00:32 +0000 Manifest next update: Fri 12 Dec 2025 17:00:32 +0000 Files and hashes: 1: OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl (hash: tr1m6J6MQJ52MRIsCkuSMuqcMbhRUU5wPZ7nSLiJ9rI=) 2: twJfM1b3K1XophieDfrOK9Yb-bY.roa (hash: MXmmwrQwlazvGbzqXnWAVBTx7ErXJeD/39Xn13fKyq4=) 3: yDG1vLQ-KGVU7rKzL_YKjYA7asI.roa (hash: nobKKBS8kgxDPf0JFjAg1XT1LQOMq5xVuTfEuqxhhFw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 17:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:5b:72:12:73:97:9b:f5:ed:93:25:e3:89:fc:71:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38728e9bd37399df9ffae587bd06884b350a65b7 Validity Not Before: Dec 11 17:00:32 2025 GMT Not After : Dec 12 17:00:32 2025 GMT Subject: CN=2da1329b5d10744e6274d07260f8239d09b74e50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b5:62:b4:e7:dd:69:8c:0c:43:ee:bf:81:ef: 05:44:b3:9c:9e:4b:fe:2e:74:3f:79:08:fe:dc:95: 1e:c9:82:e5:60:f8:8b:61:f0:27:2d:96:7e:dc:78: b3:db:1a:c9:52:ff:fd:e7:cc:c2:60:dd:bf:c3:57: e0:3e:47:1b:b5:d8:32:4c:c4:ec:b5:f8:ba:cd:73: 82:f3:d4:05:d1:07:fe:30:67:bd:37:a5:9d:6f:e1: d2:09:a6:08:fc:08:b9:58:dc:6c:97:48:84:3c:00: 59:da:cf:1a:41:c2:64:d3:d1:59:ed:92:ba:d7:46: ca:63:bb:1c:9d:b5:fd:1d:d6:f3:86:f1:2f:93:d4: 8a:75:8f:64:82:77:a4:ed:05:77:75:dd:e1:d1:55: 60:a1:7c:d2:fd:0e:71:c3:4d:ed:d1:99:cc:3a:16: 05:85:21:ed:c7:ff:cb:d0:31:bf:d6:be:65:d6:55: 64:b0:dc:3a:7f:a3:2d:c2:4a:66:f4:c4:7e:e0:36: de:a7:20:03:3f:e0:b0:7f:82:56:7b:e2:31:2b:b9: 9f:a6:69:b4:2a:fd:80:dd:90:71:4a:80:9c:06:0e: 89:92:b4:82:1c:48:3d:e7:d6:70:75:9e:62:35:75: 00:55:71:23:1a:c7:bf:54:3a:38:a7:96:92:dd:e2: 09:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A1:32:9B:5D:10:74:4E:62:74:D0:72:60:F8:23:9D:09:B7:4E:50 X509v3 Authority Key Identifier: keyid:38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:07:68:aa:d0:fc:18:bf:37:84:93:26:d0:c6:f3:5c:b4:0b: 57:8f:eb:18:07:bf:9b:8a:ac:e7:8b:37:1a:ef:04:e6:93:ab: 7f:df:1d:8a:56:2b:9d:18:ee:52:ba:20:01:9b:6b:17:3a:8c: 06:e3:07:f7:c7:de:bb:dc:37:06:b1:de:6a:71:76:35:7e:e7: 3f:62:b3:ac:c7:dc:a7:81:65:ab:39:de:9a:5a:bf:79:3d:f2: 55:ae:34:26:1b:42:41:f4:a4:53:58:0d:e1:cf:c9:5a:5a:f6: d4:27:f5:e7:fa:a0:89:04:cb:f0:6c:a8:7b:6e:3f:34:7f:51: f9:08:22:62:8e:3c:f2:e6:12:f7:06:73:6c:2a:3a:67:5d:f2: d1:34:08:9a:9b:50:14:55:bf:25:08:d6:a2:6e:3e:95:3e:66: af:0f:38:5b:e3:1d:55:cd:b0:fd:29:72:cc:fc:f8:c4:fe:4a: 78:1f:19:de:ec:b6:e3:e1:71:72:dd:73:b6:f6:f1:39:20:9e: 26:0e:1e:d6:aa:d8:76:04:70:e1:7b:ce:b2:de:34:62:5e:c8: 41:ae:b4:5a:31:f3:6c:71:da:ae:e8:7e:23:3e:1b:0d:a5:66: be:ba:0c:57:23:8d:a8:35:1c:58:a7:fc:e9:92:6b:5a:74:ad: 35:14:12:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOW3ISc5eb9e2TJeOJ/HHjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NzI4ZTliZDM3Mzk5ZGY5ZmZhZTU4N2JkMDY4ODRiMzUw YTY1YjcwHhcNMjUxMjExMTcwMDMyWhcNMjUxMjEyMTcwMDMyWjAzMTEwLwYDVQQD EygyZGExMzI5YjVkMTA3NDRlNjI3NGQwNzI2MGY4MjM5ZDA5Yjc0ZTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurVitOfdaYwMQ+6/ge8FRLOcnkv+ LnQ/eQj+3JUeyYLlYPiLYfAnLZZ+3Hiz2xrJUv/958zCYN2/w1fgPkcbtdgyTMTs tfi6zXOC89QF0Qf+MGe9N6Wdb+HSCaYI/Ai5WNxsl0iEPABZ2s8aQcJk09FZ7ZK6 10bKY7scnbX9HdbzhvEvk9SKdY9kgnek7QV3dd3h0VVgoXzS/Q5xw03t0ZnMOhYF hSHtx//L0DG/1r5l1lVksNw6f6Mtwkpm9MR+4DbepyADP+Cwf4JWe+IxK7mfpmm0 Kv2A3ZBxSoCcBg6JkrSCHEg959ZwdZ5iNXUAVXEjGse/VDo4p5aS3eIJQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC2hMptdEHROYnTQcmD4I50Jt05QMB8GA1UdIwQY MBaAFDhyjpvTc5nfn/rlh70GiEs1CmW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzIt ZjhjZmEzM2Q2ODRlLzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzItZjhjZmEzM2Q2ODRl LzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQdoqtD8 GL83hJMm0MbzXLQLV4/rGAe/m4qs54s3Gu8E5pOrf98dilYrnRjuUrogAZtrFzqM BuMH98feu9w3BrHeanF2NX7nP2KzrMfcp4Flqznemlq/eT3yVa40JhtCQfSkU1gN 4c/JWlr21Cf15/qgiQTL8Gyoe24/NH9R+QgiYo488uYS9wZzbCo6Z13y0TQImptQ FFW/JQjWom4+lT5mrw84W+MdVc2w/SlyzPz4xP5KeB8Z3uy24+Fxct1ztvbxOSCe Jg4e1qrYdgRw4XvOst40Yl7IQa60WjHzbHHaruh+Iz4bDaVmvroMVyONqDUcWKf8 6ZJrWnStNRQS9w== -----END CERTIFICATE-----Generated at Fri Dec 12 00:28:28 2025 by rpki-client