This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft File: oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft (raw, json) Hash identifier: ZDObJaKUQAZZJkBMCc2LO4O2HeHaRplIvn96sB59p/g= Subject key identifier: 3F:BB:56:67:B2:50:83:81:BF:F0:2B:54:F0:2E:BF:31:1F:D6:B7:52 Authority key identifier: A0:C8:CD:A8:14:E7:77:D9:FE:15:4B:92:E9:95:9C:E1:20:B0:AD:58 Certificate issuer: /CN=a0c8cda814e777d9fe154b92e9959ce120b0ad58 Certificate serial: 019B3FB5B6BF9AD9EED90BEE16B536FA0B4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft Manifest number: 1787 Signing time: Sun 21 Dec 2025 07:00:31 +0000 Manifest this update: Sun 21 Dec 2025 07:00:31 +0000 Manifest next update: Mon 22 Dec 2025 07:00:31 +0000 Files and hashes: 1: RW4un6mRBfPzHloV5RnOReMxV4M.roa (hash: 6KtCB53EZaTt4rkvk3WW5xLU60zG4n/pYxl9BtxsfPs=) 2: oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl (hash: hhpE281WVbw05aHdF1qhAhE9nJkKPbAtFzadE3+Nk5g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 07:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:b5:b6:bf:9a:d9:ee:d9:0b:ee:16:b5:36:fa:0b:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0c8cda814e777d9fe154b92e9959ce120b0ad58 Validity Not Before: Dec 21 07:00:31 2025 GMT Not After : Dec 22 07:00:31 2025 GMT Subject: CN=3fbb5667b2508381bff02b54f02ebf311fd6b752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:5a:2b:fa:82:82:8c:97:5c:fe:81:6c:1a:8c: 4e:e5:05:f7:95:6b:d1:4a:e5:2d:48:e3:42:8a:86: 8c:f8:6a:81:f1:88:6d:f8:5f:b3:dc:cb:e3:d3:82: 11:50:34:05:13:45:d1:a2:8b:05:73:c6:84:d5:e2: ff:33:81:7f:8b:67:b6:5a:bd:fa:3e:8a:75:e0:7f: e9:62:54:94:82:56:1c:ae:89:b3:76:f5:18:04:96: 21:dc:df:6b:32:c2:d6:66:f2:72:6e:fd:38:b8:cb: 84:49:6c:9b:b2:65:f2:fb:14:45:1e:54:f2:ad:d3: 9a:7e:8c:e8:0c:3c:5b:c2:0d:cf:84:41:f7:50:7d: b8:8d:21:8f:78:5f:af:39:8d:b2:28:95:78:9a:cf: 63:d6:d0:24:d7:04:68:66:09:c1:b8:7a:20:31:f9: 5d:9c:43:c7:3f:cf:1f:4f:ec:bc:85:19:50:66:cd: 83:f3:15:32:33:6b:18:0c:e8:ba:e3:47:0e:60:08: 23:40:4d:fb:10:1a:a8:3e:9c:72:56:51:c3:17:cb: a1:5b:69:b7:10:cd:9f:bb:e5:3e:b5:41:23:7a:62: 67:ed:6e:de:e2:7a:04:55:00:d1:57:2b:47:a7:3e: 3b:a6:c2:d4:51:58:33:fc:fb:20:a8:ba:a8:ce:bd: f3:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:BB:56:67:B2:50:83:81:BF:F0:2B:54:F0:2E:BF:31:1F:D6:B7:52 X509v3 Authority Key Identifier: keyid:A0:C8:CD:A8:14:E7:77:D9:FE:15:4B:92:E9:95:9C:E1:20:B0:AD:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa270a-c089-4778-9343-b7362edbd8ac/1/oMjNqBTnd9n-FUuS6ZWc4SCwrVg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:6a:c6:26:af:d8:c9:36:c3:bd:45:9f:c9:0b:43:de:25:65: 4b:cc:cb:ff:c7:f2:e4:08:6a:75:27:f1:64:bd:57:39:f2:bc: f9:9b:a3:84:77:82:01:57:83:1e:d3:67:57:d3:4d:f2:9f:62: d6:0c:a1:44:f3:24:13:46:68:6e:61:bd:2d:d4:87:20:d5:7d: a5:0b:4f:fe:ee:42:fc:f0:95:fd:5a:e0:44:aa:23:7e:8f:1e: b3:d7:6a:4c:79:22:4a:df:06:76:fe:96:f7:4d:93:77:8c:96: cb:85:22:d1:8f:1a:f0:5d:f2:d3:8d:1f:ba:a6:85:9e:0f:0a: c0:75:3c:71:8e:7a:9e:20:39:3a:16:9b:a7:56:66:31:1d:fc: 90:6b:a9:23:33:48:50:a2:6a:30:a6:28:68:f3:81:8e:0e:0f: f1:62:46:e6:81:96:98:b0:08:de:94:de:ea:c9:5e:62:ce:24: 22:db:1a:b3:53:60:3a:f8:58:50:d3:a0:c3:cf:ce:8c:9a:0e: bc:2e:36:55:21:5a:78:5d:c4:7b:a3:e3:8a:30:23:14:f2:ef: 97:82:64:1b:77:34:c8:ed:46:39:cd:39:04:6e:7b:d1:14:ae: f9:2d:04:48:95:76:f5:08:da:f8:c9:c7:59:99:1f:88:df:11: ad:8d:2e:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/tba/mtnu2QvuFrU2+gtLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYzhjZGE4MTRlNzc3ZDlmZTE1NGI5MmU5OTU5Y2UxMjBi MGFkNTgwHhcNMjUxMjIxMDcwMDMxWhcNMjUxMjIyMDcwMDMxWjAzMTEwLwYDVQQD EygzZmJiNTY2N2IyNTA4MzgxYmZmMDJiNTRmMDJlYmYzMTFmZDZiNzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFor+oKCjJdc/oFsGoxO5QX3lWvR SuUtSONCioaM+GqB8Yht+F+z3Mvj04IRUDQFE0XRoosFc8aE1eL/M4F/i2e2Wr36 Pop14H/pYlSUglYcromzdvUYBJYh3N9rMsLWZvJybv04uMuESWybsmXy+xRFHlTy rdOafozoDDxbwg3PhEH3UH24jSGPeF+vOY2yKJV4ms9j1tAk1wRoZgnBuHogMfld nEPHP88fT+y8hRlQZs2D8xUyM2sYDOi640cOYAgjQE37EBqoPpxyVlHDF8uhW2m3 EM2fu+U+tUEjemJn7W7e4noEVQDRVytHpz47psLUUVgz/PsgqLqozr3zAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD+7VmeyUIOBv/ArVPAuvzEf1rdSMB8GA1UdIwQY MBaAFKDIzagU53fZ/hVLkumVnOEgsK1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hYTI3MGEtYzA4OS00Nzc4LTkzNDMt YjczNjJlZGJkOGFjLzEvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9hYTI3MGEtYzA4OS00Nzc4LTkzNDMtYjczNjJlZGJkOGFj LzEvb01qTnFCVG5kOW4tRlV1UzZaV2M0U0N3clZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2rGJq/Y yTbDvUWfyQtD3iVlS8zL/8fy5AhqdSfxZL1XOfK8+ZujhHeCAVeDHtNnV9NN8p9i 1gyhRPMkE0ZobmG9LdSHINV9pQtP/u5C/PCV/VrgRKojfo8es9dqTHkiSt8Gdv6W 902Td4yWy4Ui0Y8a8F3y040fuqaFng8KwHU8cY56niA5Ohabp1ZmMR38kGupIzNI UKJqMKYoaPOBjg4P8WJG5oGWmLAI3pTe6sleYs4kItsas1NgOvhYUNOgw8/OjJoO vC42VSFaeF3Ee6PjijAjFPLvl4JkG3c0yO1GOc05BG570RSu+S0ESJV29Qja+MnH WZkfiN8RrY0uZA== -----END CERTIFICATE-----Generated at Sun Dec 21 16:15:10 2025 by rpki-client