This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft File: Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json) Hash identifier: 5VGlehGtCFvCoX07u9Gu9dQElUs7HTLkjqRzI3tYW4U= Subject key identifier: CA:9A:A4:80:33:AB:A9:1F:68:94:6A:B3:75:D1:81:40:A4:5E:8E:66 Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F Certificate issuer: /CN=3ace69d979d9a0dc67795106c1e55aca1547087f Certificate serial: 019B61D49A99191B2642110D7D93AC4162C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft Manifest number: 1795 Signing time: Sat 27 Dec 2025 22:01:21 +0000 Manifest this update: Sat 27 Dec 2025 22:01:21 +0000 Manifest next update: Sun 28 Dec 2025 22:01:21 +0000 Files and hashes: 1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: FB5i+2X1cdmQWBh7Hq4oZTcJOSFyM4NE31RHI08Ljn0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 22:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:61:d4:9a:99:19:1b:26:42:11:0d:7d:93:ac:41:62:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f Validity Not Before: Dec 27 22:01:21 2025 GMT Not After : Dec 28 22:01:21 2025 GMT Subject: CN=ca9aa48033aba91f68946ab375d18140a45e8e66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:4d:e0:40:1f:d9:be:75:75:c5:fa:53:3d:d4: 8c:8a:c3:1b:38:ef:34:4c:3a:80:fc:4b:90:1c:3a: a4:3b:2a:6e:1c:d5:09:81:be:52:7a:ad:5c:3d:5d: a1:d8:2f:3f:19:69:0a:f3:11:3f:7e:c2:27:52:68: 12:e0:51:5e:80:a4:83:c5:8c:14:1c:ff:25:56:81: cf:e1:a1:4b:f0:2f:7c:39:84:73:f5:a1:e0:59:3a: 39:7c:b3:4e:ae:e4:0f:3b:58:2b:cd:44:e8:41:19: 36:23:f8:64:ac:79:a1:9c:8b:28:ee:aa:eb:7b:95: e8:b3:9c:0b:0a:7b:9d:0c:16:04:d7:c8:ff:5a:45: 46:f7:b1:94:45:8c:fa:98:3d:6d:87:61:5f:36:7e: 91:ed:e0:53:1e:60:03:98:a7:a7:a2:3d:9b:42:3a: c6:ca:2a:78:38:2e:f3:8b:c6:1a:ec:ad:67:4a:d6: ef:80:0f:97:20:9a:f0:21:bc:08:0a:94:8c:61:c4: 1b:01:f0:d8:64:eb:bf:32:3e:5d:c9:72:c2:3f:57: 89:a3:32:d6:07:b6:eb:4a:30:c4:53:28:ca:07:cc: 53:53:56:ea:a1:bd:06:ec:c7:73:15:65:cf:f8:1d: 73:4f:7e:67:84:1e:d4:3f:69:d6:34:58:78:8b:5a: 4d:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:9A:A4:80:33:AB:A9:1F:68:94:6A:B3:75:D1:81:40:A4:5E:8E:66 X509v3 Authority Key Identifier: keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:39:c4:d2:4b:e3:a6:0e:8d:2a:3f:3f:fe:9f:ea:1e:a0:2b: d9:16:5f:ce:16:91:f3:46:bd:7c:68:66:a7:67:44:8a:26:f1: 19:66:c4:4a:d6:96:1d:57:53:4f:c3:f6:ea:5d:76:cf:20:99: 03:3f:3a:3e:5d:9f:56:23:ba:cf:61:4e:84:cc:33:31:eb:ca: e0:f6:bd:fc:ad:8a:d1:8e:c3:c1:45:ba:b4:fd:d2:c9:96:74: d9:5f:a5:5f:c2:ad:c4:03:74:40:cc:20:40:7f:78:2c:bb:dc: a6:ba:6b:55:a7:88:44:b8:20:2f:8a:2e:d8:08:53:45:f2:bf: 21:74:42:8b:0a:dc:f2:6c:bc:30:41:1d:24:62:87:94:5f:8a: d2:43:1f:52:7b:59:52:90:8f:74:eb:12:a3:de:15:07:ee:6a: 95:90:3a:79:10:05:47:b3:6d:39:49:b1:4f:e1:0d:61:93:21: e8:e5:6c:ff:11:dc:b1:f9:88:06:af:1d:2d:c5:e0:67:f8:4d: 02:87:de:55:db:00:f4:bb:b6:f1:0f:65:1c:53:79:96:b3:10: 5a:5f:7d:13:e1:2f:39:95:8a:9c:ba:87:9b:86:24:08:29:b9: 9a:21:54:5d:f0:8d:0a:cb:e5:dc:1a:8e:44:f4:42:63:7e:bb: d7:e1:35:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZth1JqZGRsmQhENfZOsQWLBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0 NzA4N2YwHhcNMjUxMjI3MjIwMTIxWhcNMjUxMjI4MjIwMTIxWjAzMTEwLwYDVQQD EyhjYTlhYTQ4MDMzYWJhOTFmNjg5NDZhYjM3NWQxODE0MGE0NWU4ZTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm03gQB/ZvnV1xfpTPdSMisMbOO80 TDqA/EuQHDqkOypuHNUJgb5Seq1cPV2h2C8/GWkK8xE/fsInUmgS4FFegKSDxYwU HP8lVoHP4aFL8C98OYRz9aHgWTo5fLNOruQPO1grzUToQRk2I/hkrHmhnIso7qrr e5Xos5wLCnudDBYE18j/WkVG97GURYz6mD1th2FfNn6R7eBTHmADmKenoj2bQjrG yip4OC7zi8Ya7K1nStbvgA+XIJrwIbwICpSMYcQbAfDYZOu/Mj5dyXLCP1eJozLW B7brSjDEUyjKB8xTU1bqob0G7MdzFWXP+B1zT35nhB7UP2nWNFh4i1pNIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMqapIAzq6kfaJRqs3XRgUCkXo5mMB8GA1UdIwQY MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDnE0kvj pg6NKj8//p/qHqAr2RZfzhaR80a9fGhmp2dEiibxGWbEStaWHVdTT8P26l12zyCZ Az86Pl2fViO6z2FOhMwzMevK4Pa9/K2K0Y7DwUW6tP3SyZZ02V+lX8KtxAN0QMwg QH94LLvcprprVaeIRLggL4ou2AhTRfK/IXRCiwrc8my8MEEdJGKHlF+K0kMfUntZ UpCPdOsSo94VB+5qlZA6eRAFR7NtOUmxT+ENYZMh6OVs/xHcsfmIBq8dLcXgZ/hN AofeVdsA9Lu28Q9lHFN5lrMQWl99E+EvOZWKnLqHm4YkCCm5miFUXfCNCsvl3BqO RPRCY3671+E19Q== -----END CERTIFICATE-----Generated at Sun Dec 28 07:30:08 2025 by rpki-client