This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft File: OPJMluat5giBDDDZoTB8xpr5_00.mft (raw, json) Hash identifier: 51ThIS2Vp6tTte59f0EAmJdH0LHPepqmuxaRYP3N5K0= Subject key identifier: E6:B9:F6:C6:D6:5C:1C:9C:86:89:A0:83:AC:28:4F:56:D8:E8:39:89 Authority key identifier: 38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D Certificate issuer: /CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d Certificate serial: 019B58D16F72CD8FC0A256B45CDAC59ED8F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft Manifest number: 0E4C Signing time: Fri 26 Dec 2025 04:01:19 +0000 Manifest this update: Fri 26 Dec 2025 04:01:19 +0000 Manifest next update: Sat 27 Dec 2025 04:01:19 +0000 Files and hashes: 1: OPJMluat5giBDDDZoTB8xpr5_00.crl (hash: zCLWOnzdEhuU3VvMNYBUg1FCXj8qmMeAh6fooqE278Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:6f:72:cd:8f:c0:a2:56:b4:5c:da:c5:9e:d8:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d Validity Not Before: Dec 26 04:01:19 2025 GMT Not After : Dec 27 04:01:19 2025 GMT Subject: CN=e6b9f6c6d65c1c9c8689a083ac284f56d8e83989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0c:8c:90:85:dc:f8:11:7f:e7:a6:38:71:94: 82:a9:3b:f6:cf:78:06:7a:25:61:ca:4b:6a:42:83: ec:25:ed:3e:7b:3f:59:7b:e6:81:62:31:fe:32:d7: 1b:68:95:f3:85:aa:87:3b:4b:fa:2f:51:d1:06:8c: f7:23:6a:2f:00:2a:d5:8f:59:3e:75:06:68:e2:b0: 42:d0:63:6f:a9:87:45:29:90:09:cf:3e:fa:f1:4e: 2d:48:05:e4:9d:d8:23:27:42:5e:90:8b:63:99:f3: 31:9f:ab:6d:12:77:e2:2d:46:9c:79:df:8e:7e:75: 61:1c:60:02:37:0a:af:e3:91:7a:61:a1:86:2f:92: 80:33:30:f3:cd:bb:0b:a5:b0:29:52:63:24:f4:50: 53:e2:70:d9:b8:41:e4:ba:79:64:e7:e0:65:f1:ef: 16:a0:89:95:18:b5:0a:d4:19:c5:55:b9:8d:e5:5e: 95:2e:bc:97:b4:1c:68:a5:da:e9:39:32:fb:60:04: b9:f6:11:8d:c1:6b:f3:eb:4e:c2:8b:a9:86:ff:96: 08:d8:33:da:32:8b:cc:68:2f:7f:bd:a4:57:43:f7: 34:b5:f0:fd:44:de:5f:37:3f:ec:14:ec:2b:9d:a3: 10:ad:ed:9a:f6:2c:2e:1b:49:e5:5c:d3:df:fa:13: 5f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:B9:F6:C6:D6:5C:1C:9C:86:89:A0:83:AC:28:4F:56:D8:E8:39:89 X509v3 Authority Key Identifier: keyid:38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:eb:69:69:9b:56:c9:36:52:05:26:f6:17:c3:aa:52:61:d5: d4:e7:63:09:d1:d0:43:f9:95:5c:77:0d:1f:18:8b:5f:0d:e6: 51:97:6e:2f:08:a4:38:b1:3e:3b:89:81:22:43:5b:0b:35:35: 61:91:c1:0a:4c:ae:35:4a:df:86:3e:e7:09:0d:96:07:b0:1a: 87:28:5f:2d:9b:33:9d:c2:58:41:c5:5f:49:19:b0:b6:4b:de: c2:b2:33:e6:c9:ce:3c:3b:c5:cd:d1:62:4c:04:07:ae:77:d1: 1b:06:a9:31:16:a5:53:a0:de:5b:cd:b4:cf:fd:79:c2:88:01: bc:33:3d:98:47:68:68:b7:cb:3c:14:da:56:b9:b4:74:4f:29: 8b:e4:43:5a:e5:1d:14:96:74:e0:e6:41:03:5b:92:20:9b:dc: 03:33:8b:69:f6:f4:bc:fc:cf:b2:bf:08:a5:a8:9a:10:96:c3: 43:bf:21:36:e8:20:ea:f9:af:15:55:22:48:72:b6:68:e8:06: 52:32:2d:7a:4d:f6:85:5f:60:25:49:27:8b:bc:a4:a6:85:9d: aa:c3:bb:ee:a9:0d:b2:d4:ec:81:1e:aa:c5:67:14:83:52:c2: 72:20:8d:ce:3c:91:f8:ea:64:56:55:e9:bc:8f:59:63:e1:0d: b7:c4:bf:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0W9yzY/Aola0XNrFntjzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZjI0Yzk2ZTZhZGU2MDg4MTBjMzBkOWExMzA3Y2M2OWFm OWZmNGQwHhcNMjUxMjI2MDQwMTE5WhcNMjUxMjI3MDQwMTE5WjAzMTEwLwYDVQQD EyhlNmI5ZjZjNmQ2NWMxYzljODY4OWEwODNhYzI4NGY1NmQ4ZTgzOTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQyMkIXc+BF/56Y4cZSCqTv2z3gG eiVhyktqQoPsJe0+ez9Ze+aBYjH+MtcbaJXzhaqHO0v6L1HRBoz3I2ovACrVj1k+ dQZo4rBC0GNvqYdFKZAJzz768U4tSAXkndgjJ0JekItjmfMxn6ttEnfiLUaced+O fnVhHGACNwqv45F6YaGGL5KAMzDzzbsLpbApUmMk9FBT4nDZuEHkunlk5+Bl8e8W oImVGLUK1BnFVbmN5V6VLryXtBxopdrpOTL7YAS59hGNwWvz607Ci6mG/5YI2DPa MovMaC9/vaRXQ/c0tfD9RN5fNz/sFOwrnaMQre2a9iwuG0nlXNPf+hNfFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOa59sbWXBychomgg6woT1bY6DmJMB8GA1UdIwQY MBaAFDjyTJbmreYIgQww2aEwfMaa+f9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMt MDRlNGE4NGE3NGFjLzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMtMDRlNGE4NGE3NGFj LzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWutpaZtW yTZSBSb2F8OqUmHV1OdjCdHQQ/mVXHcNHxiLXw3mUZduLwikOLE+O4mBIkNbCzU1 YZHBCkyuNUrfhj7nCQ2WB7AahyhfLZszncJYQcVfSRmwtkvewrIz5snOPDvFzdFi TAQHrnfRGwapMRalU6DeW820z/15wogBvDM9mEdoaLfLPBTaVrm0dE8pi+RDWuUd FJZ04OZBA1uSIJvcAzOLafb0vPzPsr8IpaiaEJbDQ78hNugg6vmvFVUiSHK2aOgG UjItek32hV9gJUkni7ykpoWdqsO77qkNstTsgR6qxWcUg1LCciCNzjyR+OpkVlXp vI9ZY+ENt8S/hA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:56 2025 by rpki-client