This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft File: OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json) Hash identifier: nuxdcsWs2TLAqq5Xs+oqUyJinrEwS4K2XADRmbA2DhA= Subject key identifier: B2:1F:C9:5C:FA:A7:4B:AE:07:AF:6E:FD:B2:57:8A:D6:D2:77:A5:77 Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA Certificate issuer: /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba Certificate serial: 019B2F9E11B418E342B7928B8EED00308230 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft Manifest number: 03CB Signing time: Thu 18 Dec 2025 04:00:46 +0000 Manifest this update: Thu 18 Dec 2025 04:00:46 +0000 Manifest next update: Fri 19 Dec 2025 04:00:46 +0000 Files and hashes: 1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: QjNxms8Si560EoKmCMitKgVCi5BKcHfJAJqy/UJSG68=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:11:b4:18:e3:42:b7:92:8b:8e:ed:00:30:82:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba Validity Not Before: Dec 18 04:00:46 2025 GMT Not After : Dec 19 04:00:46 2025 GMT Subject: CN=b21fc95cfaa74bae07af6efdb2578ad6d277a577 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:87:ea:23:33:3b:a8:48:3b:de:e8:36:13:89: f5:33:05:e9:db:bc:f8:e7:d4:ce:70:48:ad:27:9b: 61:b5:23:6a:3f:65:99:76:5c:b9:4d:f2:1e:3b:09: ff:d8:70:60:28:27:7b:47:0e:41:27:d4:ea:90:7d: b7:eb:60:94:c9:47:48:e8:db:5f:83:e0:8b:8f:0c: 2c:20:bc:c9:2d:80:96:75:a1:af:aa:fa:b1:28:61: 39:c8:90:30:83:7d:6e:7a:40:43:24:0b:f0:28:46: b3:39:45:64:ea:e0:77:de:13:d8:dc:1f:04:70:e4: ff:49:15:21:c7:8b:0d:58:71:10:49:e9:09:2d:ed: ea:dd:36:2b:66:fc:0d:2e:9e:76:a0:0e:e1:5b:30: 5f:1c:15:cb:19:f3:fc:c0:ed:94:af:3c:4c:cc:ae: b7:09:87:34:aa:29:61:d6:ae:4a:6b:c6:83:11:1a: d3:a2:d5:e7:1b:d0:fe:28:c1:4f:68:62:15:75:2b: 05:ba:76:88:57:ce:35:68:cb:39:bd:56:0e:b7:6f: f7:ac:c7:15:d1:9f:2b:7e:db:29:a7:71:21:7f:ee: 26:40:e0:87:a6:1f:e7:a7:23:39:88:fa:d1:65:27: a6:38:1a:a9:ec:65:ae:e3:29:ab:fd:99:35:93:dc: b1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:1F:C9:5C:FA:A7:4B:AE:07:AF:6E:FD:B2:57:8A:D6:D2:77:A5:77 X509v3 Authority Key Identifier: keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:72:d0:69:08:d6:87:e2:cd:8f:f1:38:65:77:2e:d2:0e:8e: 66:e4:1b:f0:33:57:b9:80:9b:bc:62:61:fe:14:25:58:dd:e1: de:cd:8f:0b:9e:7b:87:7b:b2:58:67:6d:f2:b7:2b:61:6c:66: 57:7f:1a:80:76:d9:78:04:15:45:98:2b:6a:0e:2f:1c:97:95: 26:2a:7a:7b:c1:a2:fb:67:00:89:13:43:eb:c9:1f:1e:8f:5a: f4:f6:f4:c6:be:d5:25:e0:dd:ee:46:26:d9:e7:a6:5d:e5:60: 7b:d8:18:70:e3:83:8b:7e:84:67:f1:3f:bb:8c:28:72:ab:f6: bc:6b:e0:6c:64:84:eb:db:3c:f1:ca:3c:dc:4f:f5:a5:89:db: f6:62:c3:d8:03:21:57:3d:a5:47:65:b2:69:a2:61:90:00:5c: 9b:b9:d4:8e:62:1a:0c:37:f5:c5:d4:e5:c5:71:8a:9d:78:53: 3a:f7:c7:8a:18:83:4e:28:7f:34:74:84:68:73:7a:4b:4c:93: 6e:31:5f:6c:2d:68:dd:09:98:66:f7:3e:19:68:29:35:a3:8f: ba:d6:ca:77:c3:a0:b1:24:0c:9f:c1:a2:cd:32:fe:68:ae:da: 65:74:43:e8:07:a7:e1:6c:29:f9:0c:97:e3:e0:78:e4:55:21: ee:5d:9a:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnhG0GONCt5KLju0AMIIwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw YjU3YmEwHhcNMjUxMjE4MDQwMDQ2WhcNMjUxMjE5MDQwMDQ2WjAzMTEwLwYDVQQD EyhiMjFmYzk1Y2ZhYTc0YmFlMDdhZjZlZmRiMjU3OGFkNmQyNzdhNTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4fqIzM7qEg73ug2E4n1MwXp27z4 59TOcEitJ5thtSNqP2WZdly5TfIeOwn/2HBgKCd7Rw5BJ9TqkH2362CUyUdI6Ntf g+CLjwwsILzJLYCWdaGvqvqxKGE5yJAwg31uekBDJAvwKEazOUVk6uB33hPY3B8E cOT/SRUhx4sNWHEQSekJLe3q3TYrZvwNLp52oA7hWzBfHBXLGfP8wO2UrzxMzK63 CYc0qilh1q5Ka8aDERrTotXnG9D+KMFPaGIVdSsFunaIV841aMs5vVYOt2/3rMcV 0Z8rftspp3Ehf+4mQOCHph/npyM5iPrRZSemOBqp7GWu4ymr/Zk1k9yxgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLIfyVz6p0uuB69u/bJXitbSd6V3MB8GA1UdIwQY MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj3LQaQjW h+LNj/E4ZXcu0g6OZuQb8DNXuYCbvGJh/hQlWN3h3s2PC557h3uyWGdt8rcrYWxm V38agHbZeAQVRZgrag4vHJeVJip6e8Gi+2cAiRND68kfHo9a9Pb0xr7VJeDd7kYm 2eemXeVge9gYcOODi36EZ/E/u4wocqv2vGvgbGSE69s88co83E/1pYnb9mLD2AMh Vz2lR2WyaaJhkABcm7nUjmIaDDf1xdTlxXGKnXhTOvfHihiDTih/NHSEaHN6S0yT bjFfbC1o3QmYZvc+GWgpNaOPutbKd8OgsSQMn8GizTL+aK7aZXRD6Aen4Wwp+QyX 4+B45FUh7l2asQ== -----END CERTIFICATE-----Generated at Thu Dec 18 10:23:58 2025 by rpki-client