This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft File: OXy939eSBtZcTugWjq9ucJAg-V0.mft (raw, json) Hash identifier: IUWmRwUjTWM/MKZhRqd/2qnCx9mSbWAIv0x1Pais2O0= Subject key identifier: B5:A6:51:4D:02:29:79:55:FF:A8:46:B4:9B:B9:25:D1:A2:2F:E2:8D Authority key identifier: 39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D Certificate issuer: /CN=397cbddfd79206d65c4ee8168eaf6e709020f95d Certificate serial: 019B2D0BE3094CCFC3049251A9EF7C605518 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft Manifest number: 0B3F Signing time: Wed 17 Dec 2025 16:01:52 +0000 Manifest this update: Wed 17 Dec 2025 16:01:52 +0000 Manifest next update: Thu 18 Dec 2025 16:01:52 +0000 Files and hashes: 1: OXy939eSBtZcTugWjq9ucJAg-V0.crl (hash: 0Gygyls6Ex3Ol8XGrhR9LJvRj7YUqglTvduHUxFksu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:e3:09:4c:cf:c3:04:92:51:a9:ef:7c:60:55:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=397cbddfd79206d65c4ee8168eaf6e709020f95d Validity Not Before: Dec 17 16:01:52 2025 GMT Not After : Dec 18 16:01:52 2025 GMT Subject: CN=b5a6514d02297955ffa846b49bb925d1a22fe28d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f2:23:de:92:1c:6a:6d:08:1d:0f:20:99:e8: 55:19:c9:3b:10:c0:13:f3:e9:d0:59:d2:1a:50:b2: 2c:4d:c0:63:eb:ca:98:58:04:23:0a:16:fb:cf:92: ed:ad:69:0c:f2:7c:03:6f:0d:b5:24:0d:aa:1c:ed: 3e:2d:85:7c:e0:75:8a:53:26:0a:73:3e:00:ef:7e: 01:3c:56:b2:3d:aa:60:ec:86:13:10:99:80:6b:45: 7a:bb:6a:0e:9a:79:5e:af:2e:d8:29:43:de:59:2b: 60:ae:7a:0a:f7:b8:57:67:37:94:98:0e:bf:de:e9: 53:6c:63:20:84:62:d1:f0:c4:95:1e:4c:58:f3:5f: 02:74:1b:81:bc:7b:b1:b0:30:74:89:08:72:e7:00: 18:8f:fc:c9:c6:93:ce:7b:36:4d:6b:e3:1b:aa:3c: 17:52:90:5e:db:6f:49:7c:a5:88:fd:be:df:5a:5f: d6:66:a1:41:cb:42:3c:d4:de:d1:74:f9:bf:40:29: 5b:47:cf:48:92:d5:5e:45:be:51:10:62:a4:33:6c: a4:f5:4f:87:71:c3:01:b5:51:db:61:88:bf:58:98: 33:4b:95:3b:0e:a9:02:8e:0b:0c:c2:a4:b0:ab:ca: d1:f6:79:f8:30:fe:92:1c:bc:34:b3:3a:6e:92:5c: 76:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:A6:51:4D:02:29:79:55:FF:A8:46:B4:9B:B9:25:D1:A2:2F:E2:8D X509v3 Authority Key Identifier: keyid:39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:57:a5:ad:1c:c8:40:9f:8e:41:0b:0d:fe:8a:5e:a9:a6:1a: 73:7f:8e:6e:7e:6e:ca:af:33:03:08:fa:19:0e:c5:57:87:16: 9f:b1:88:5d:55:fb:89:6f:57:82:18:40:17:af:18:2f:6c:fc: 82:68:74:8a:b8:d1:3f:6e:9c:98:65:80:16:db:4f:5a:3e:fe: 2a:dc:51:1b:6e:39:7e:72:f1:1e:92:26:91:42:31:78:06:06: c3:cb:e1:4a:fb:3f:4a:b6:88:a4:d2:32:c2:3a:44:24:9f:62: e2:c5:99:7d:92:87:43:47:27:95:9e:55:be:df:e2:e5:e9:0c: ba:9d:1f:db:f0:a7:99:c4:d8:ea:b5:ac:7b:6c:95:62:e7:57: ea:a4:52:7b:6a:12:b0:3d:41:e8:56:a7:8f:da:47:74:6e:1d: a7:12:86:b0:2e:2f:2f:c6:72:b4:18:9e:48:f7:d6:15:47:0d: b3:63:1b:0a:3c:70:41:92:6e:70:05:e1:f5:80:e8:43:1b:a5: 7c:89:c7:52:0e:06:9b:2b:87:23:6a:2d:ed:e1:7e:84:f5:8c: f3:a6:4a:36:1f:d3:63:c5:3e:e6:f3:46:28:d5:e4:18:b3:25: 6c:e8:bf:1e:cf:91:e8:72:a1:43:af:38:2b:62:76:07:01:51: be:56:97:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC+MJTM/DBJJRqe98YFUYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5N2NiZGRmZDc5MjA2ZDY1YzRlZTgxNjhlYWY2ZTcwOTAy MGY5NWQwHhcNMjUxMjE3MTYwMTUyWhcNMjUxMjE4MTYwMTUyWjAzMTEwLwYDVQQD EyhiNWE2NTE0ZDAyMjk3OTU1ZmZhODQ2YjQ5YmI5MjVkMWEyMmZlMjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Ij3pIcam0IHQ8gmehVGck7EMAT 8+nQWdIaULIsTcBj68qYWAQjChb7z5LtrWkM8nwDbw21JA2qHO0+LYV84HWKUyYK cz4A734BPFayPapg7IYTEJmAa0V6u2oOmnlery7YKUPeWStgrnoK97hXZzeUmA6/ 3ulTbGMghGLR8MSVHkxY818CdBuBvHuxsDB0iQhy5wAYj/zJxpPOezZNa+MbqjwX UpBe229JfKWI/b7fWl/WZqFBy0I81N7RdPm/QClbR89IktVeRb5REGKkM2yk9U+H ccMBtVHbYYi/WJgzS5U7DqkCjgsMwqSwq8rR9nn4MP6SHLw0szpuklx29wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLWmUU0CKXlV/6hGtJu5JdGiL+KNMB8GA1UdIwQY MBaAFDl8vd/XkgbWXE7oFo6vbnCQIPldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2Mt YTZiMGZkZTIxOTA2LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2MtYTZiMGZkZTIxOTA2 LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVelrRzI QJ+OQQsN/opeqaYac3+Obn5uyq8zAwj6GQ7FV4cWn7GIXVX7iW9XghhAF68YL2z8 gmh0irjRP26cmGWAFttPWj7+KtxRG245fnLxHpImkUIxeAYGw8vhSvs/SraIpNIy wjpEJJ9i4sWZfZKHQ0cnlZ5Vvt/i5ekMup0f2/CnmcTY6rWse2yVYudX6qRSe2oS sD1B6Fanj9pHdG4dpxKGsC4vL8ZytBieSPfWFUcNs2MbCjxwQZJucAXh9YDoQxul fInHUg4GmyuHI2ot7eF+hPWM86ZKNh/TY8U+5vNGKNXkGLMlbOi/Hs+R6HKhQ684 K2J2BwFRvlaX8g== -----END CERTIFICATE-----Generated at Wed Dec 17 19:12:51 2025 by rpki-client