This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft File: O2MTmh9PiMMM7iIckUajbbVU_3A.mft (raw, json) Hash identifier: 4+SvtWl4nqqjIwxaCeuo/pnaTg9hN3ArShY2sI3nzJw= Subject key identifier: 6C:E9:31:16:EA:D2:4E:DA:B6:1E:B8:6C:68:6A:D4:9F:A4:88:2A:A2 Authority key identifier: 3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70 Certificate issuer: /CN=3b63139a1f4f88c30cee221c9146a36db554ff70 Certificate serial: 019B5976FF55750CE9191EA9F2D795A4F9A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft Manifest number: 0A31 Signing time: Fri 26 Dec 2025 07:02:09 +0000 Manifest this update: Fri 26 Dec 2025 07:02:09 +0000 Manifest next update: Sat 27 Dec 2025 07:02:09 +0000 Files and hashes: 1: JoFwTwAv-_c9ZLWMyBNEWDPvfas.roa (hash: ErYlkkNh49mz7B2O46c+uSN3yYpaocdKkRzHsCd2I3A=) 2: O2MTmh9PiMMM7iIckUajbbVU_3A.crl (hash: wIKiKtf7LRutZKtEjwhun+S+/Tqv82pwHi00aVzylKA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:ff:55:75:0c:e9:19:1e:a9:f2:d7:95:a4:f9:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b63139a1f4f88c30cee221c9146a36db554ff70 Validity Not Before: Dec 26 07:02:09 2025 GMT Not After : Dec 27 07:02:09 2025 GMT Subject: CN=6ce93116ead24edab61eb86c686ad49fa4882aa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:aa:91:1a:ec:4d:ef:0a:19:8e:7b:ec:e5:35: 9a:52:cf:57:f0:76:58:fa:96:76:37:80:71:3d:1c: af:09:f0:1d:57:1c:59:43:99:78:23:c4:fc:cf:79: 16:13:cf:bd:9b:94:2c:ab:fc:ac:ea:8b:63:f0:49: 8b:d9:07:7e:f7:a4:e5:f3:d4:9f:2a:d1:4a:fd:72: 35:4a:51:ce:b1:04:d3:11:44:5f:82:a3:cd:ab:fe: 7d:0b:e7:ad:c3:d4:90:aa:62:ca:f9:1c:ef:07:a4: 86:66:3d:2d:c0:68:4c:a5:d1:33:31:e4:89:f5:d0: b8:f2:55:0c:fb:9a:29:d6:42:98:1e:7e:39:be:f7: 43:41:fa:73:86:43:3a:30:56:8d:aa:cf:1e:13:30: 03:71:f9:8f:60:bc:10:2e:19:36:a7:73:30:a9:36: be:4a:9a:72:ab:95:16:de:1a:73:23:0b:76:a0:69: ab:6b:33:7e:49:4e:5d:de:a7:fb:1b:06:d5:fc:f5: 5c:e3:bd:92:6f:cd:b8:8d:a2:41:b0:ea:5a:95:2f: dc:8e:c5:fd:88:94:da:3c:68:21:78:b1:10:98:fd: 02:51:48:3c:55:b0:68:56:e3:07:49:ad:6c:6d:b5: b8:56:a9:40:ba:9e:b2:22:d7:53:36:0c:42:99:d2: a0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:E9:31:16:EA:D2:4E:DA:B6:1E:B8:6C:68:6A:D4:9F:A4:88:2A:A2 X509v3 Authority Key Identifier: keyid:3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:13:70:ae:07:b9:06:6b:11:dd:20:da:49:8f:cd:c1:26:ea: f0:1a:78:6e:a2:74:a1:47:fd:9b:c4:11:f2:22:29:53:ad:1f: 2f:78:d1:ae:b5:ff:fa:54:0f:8b:7c:68:fe:d7:da:61:8f:da: 3f:ab:a3:bc:0a:cc:14:68:00:d4:d4:db:57:13:19:5d:06:e1: 7a:a5:5b:9f:8e:7c:45:a2:a6:eb:11:1d:97:c9:65:fe:25:5a: 10:4d:a8:85:fa:de:5d:e7:de:b1:86:5a:9e:98:ee:f1:9e:84: 63:1e:ae:4f:31:3c:00:07:8a:c7:d0:0f:ca:a8:db:02:73:22: 21:8d:2d:01:4a:f0:b6:15:18:82:4e:ff:ff:f9:08:23:cb:69: a8:e4:3b:ce:30:94:6e:9d:0c:f2:1e:32:45:3b:ff:71:20:88: c1:55:0e:d5:97:95:7e:26:84:21:3a:70:48:e3:12:ea:fa:bc: 3f:38:40:aa:d6:bf:ea:19:cd:c0:14:5f:31:f8:83:01:3c:69: 35:82:ca:03:02:5e:75:45:61:90:2c:c7:77:b9:c5:ae:62:41: 48:c4:e0:d0:aa:15:94:d2:ac:4f:e3:0e:dc:6b:c2:ed:c1:5e: c2:f6:65:10:ee:e5:43:fd:f0:45:53:78:b9:75:ae:63:0d:56: c2:35:7f:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdv9VdQzpGR6p8teVpPmnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNjMxMzlhMWY0Zjg4YzMwY2VlMjIxYzkxNDZhMzZkYjU1 NGZmNzAwHhcNMjUxMjI2MDcwMjA5WhcNMjUxMjI3MDcwMjA5WjAzMTEwLwYDVQQD Eyg2Y2U5MzExNmVhZDI0ZWRhYjYxZWI4NmM2ODZhZDQ5ZmE0ODgyYWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaqRGuxN7woZjnvs5TWaUs9X8HZY +pZ2N4BxPRyvCfAdVxxZQ5l4I8T8z3kWE8+9m5Qsq/ys6otj8EmL2Qd+96Tl89Sf KtFK/XI1SlHOsQTTEURfgqPNq/59C+etw9SQqmLK+RzvB6SGZj0twGhMpdEzMeSJ 9dC48lUM+5op1kKYHn45vvdDQfpzhkM6MFaNqs8eEzADcfmPYLwQLhk2p3MwqTa+ Sppyq5UW3hpzIwt2oGmrazN+SU5d3qf7GwbV/PVc472Sb824jaJBsOpalS/cjsX9 iJTaPGgheLEQmP0CUUg8VbBoVuMHSa1sbbW4VqlAup6yItdTNgxCmdKg1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGzpMRbq0k7ath64bGhq1J+kiCqiMB8GA1UdIwQY MBaAFDtjE5ofT4jDDO4iHJFGo221VP9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjct MGY3YTQwYjVmNmYzLzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjctMGY3YTQwYjVmNmYz LzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAthNwrge5 BmsR3SDaSY/NwSbq8Bp4bqJ0oUf9m8QR8iIpU60fL3jRrrX/+lQPi3xo/tfaYY/a P6ujvArMFGgA1NTbVxMZXQbheqVbn458RaKm6xEdl8ll/iVaEE2ohfreXefesYZa npju8Z6EYx6uTzE8AAeKx9APyqjbAnMiIY0tAUrwthUYgk7///kII8tpqOQ7zjCU bp0M8h4yRTv/cSCIwVUO1ZeVfiaEITpwSOMS6vq8PzhAqta/6hnNwBRfMfiDATxp NYLKAwJedUVhkCzHd7nFrmJBSMTg0KoVlNKsT+MO3GvC7cFewvZlEO7lQ/3wRVN4 uXWuYw1WwjV/1g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:44:08 2025 by rpki-client