This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft File: O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft (raw, json) Hash identifier: sHLE822PIscQLmx0478ig+VIMr8r4jc8Zap0oq5QAGA= Subject key identifier: D7:F0:7D:EB:A2:9D:9A:F7:D4:81:34:79:72:86:FE:1C:FE:70:E1:AC Authority key identifier: 3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3 Certificate issuer: /CN=3bee6066bb652c648c7a87099d0d9354546060d3 Certificate serial: 019B4A045A90EC1D93551C3892F6A6372EC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft Manifest number: 178F Signing time: Tue 23 Dec 2025 07:02:37 +0000 Manifest this update: Tue 23 Dec 2025 07:02:37 +0000 Manifest next update: Wed 24 Dec 2025 07:02:37 +0000 Files and hashes: 1: O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl (hash: vmnYkdmuOHOQZjc5Rhk7ePOzak77+dXmVluABJyBHdQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:04:5a:90:ec:1d:93:55:1c:38:92:f6:a6:37:2e:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bee6066bb652c648c7a87099d0d9354546060d3 Validity Not Before: Dec 23 07:02:37 2025 GMT Not After : Dec 24 07:02:37 2025 GMT Subject: CN=d7f07deba29d9af7d48134797286fe1cfe70e1ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c7:02:30:57:77:3b:d2:43:ec:3d:31:b6:28: 81:8e:89:5e:88:94:f8:59:f0:31:24:19:1a:fd:54: cc:da:42:0f:c6:fa:03:0c:aa:1e:61:ce:44:91:ba: dc:00:af:ea:ea:6a:90:99:11:be:13:be:23:67:15: a9:4b:c6:c0:12:93:97:ea:99:69:78:26:a8:c9:8d: 5d:ae:91:12:1e:a4:3f:37:51:0a:d0:ff:7f:88:27: e9:ad:2b:eb:48:68:78:1a:a5:50:8b:9a:65:94:2e: 45:a7:56:30:09:cc:0d:3a:e5:7f:55:ec:b0:31:00: a9:21:0d:ca:53:d7:92:af:f5:9f:55:2f:7d:d9:af: 68:ae:92:2b:0e:74:fd:e3:3b:fc:e1:5d:7a:b2:30: 32:e9:a9:10:fe:88:e2:8a:31:97:57:60:e2:bd:86: 15:ca:14:35:85:f4:76:ea:62:34:91:f9:0c:55:42: 52:36:28:e7:04:90:e4:39:39:69:d3:67:88:33:5a: 04:05:f3:bb:dc:b8:e3:0a:ad:4c:99:98:9c:2f:bb: 3b:b9:89:d3:4d:0a:82:ca:b7:b9:43:65:12:fc:68: f2:e8:f5:98:64:bd:49:c6:29:f3:a5:58:f3:e7:4b: b6:48:c8:0a:58:7f:99:10:f1:21:e1:8f:d3:4f:6a: 3a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F0:7D:EB:A2:9D:9A:F7:D4:81:34:79:72:86:FE:1C:FE:70:E1:AC X509v3 Authority Key Identifier: keyid:3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:1c:71:ca:a7:6b:3c:c5:ef:90:f7:b9:fd:14:fd:90:f1:f0: 61:5d:ae:68:02:bf:a9:a9:ce:b0:54:90:9b:7d:c7:f2:a6:08: 1b:e6:c2:69:92:1b:d8:5a:8d:d7:7c:e2:c1:a4:fb:c9:c2:01: 80:f3:86:1d:53:f9:4e:08:19:0e:4a:23:ad:e5:bc:17:cb:08: 99:6f:a2:dd:71:38:55:d0:1a:6c:c7:d9:27:59:4f:dc:f9:92: ab:d6:33:cd:cd:fb:7d:a1:ac:ec:07:46:3c:49:ed:fc:3c:54: 2d:ed:a5:20:a2:32:bb:60:8e:72:e3:79:55:f9:c5:ce:7f:76: ea:a5:0e:52:f9:63:cf:89:df:69:16:69:7e:32:94:92:fb:d5: 9b:a2:e2:e4:c9:a8:2c:a8:9b:f1:06:b1:53:70:0c:0f:56:0b: 2e:3d:e5:1c:81:40:b9:7e:fb:51:c2:2e:68:eb:52:be:73:33: 1a:72:4b:c5:17:db:f4:23:ce:7f:8c:ca:22:0d:23:2e:a2:99: 28:ff:e2:cd:b5:a2:f6:8e:94:63:c0:30:41:02:b3:9f:e3:4e: 0f:f2:8c:f4:e2:6e:33:41:30:28:75:89:63:66:1a:0d:d3:01: 22:2f:fa:89:6c:50:24:8e:c1:4f:c9:4b:ed:66:db:36:58:4c: 7a:cf:7b:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKBFqQ7B2TVRw4kvamNy7IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZWU2MDY2YmI2NTJjNjQ4YzdhODcwOTlkMGQ5MzU0NTQ2 MDYwZDMwHhcNMjUxMjIzMDcwMjM3WhcNMjUxMjI0MDcwMjM3WjAzMTEwLwYDVQQD EyhkN2YwN2RlYmEyOWQ5YWY3ZDQ4MTM0Nzk3Mjg2ZmUxY2ZlNzBlMWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxscCMFd3O9JD7D0xtiiBjoleiJT4 WfAxJBka/VTM2kIPxvoDDKoeYc5EkbrcAK/q6mqQmRG+E74jZxWpS8bAEpOX6plp eCaoyY1drpESHqQ/N1EK0P9/iCfprSvrSGh4GqVQi5pllC5Fp1YwCcwNOuV/Veyw MQCpIQ3KU9eSr/WfVS992a9orpIrDnT94zv84V16sjAy6akQ/ojiijGXV2DivYYV yhQ1hfR26mI0kfkMVUJSNijnBJDkOTlp02eIM1oEBfO73LjjCq1MmZicL7s7uYnT TQqCyre5Q2US/Gjy6PWYZL1JxinzpVjz50u2SMgKWH+ZEPEh4Y/TT2o6DwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNfwfeuinZr31IE0eXKG/hz+cOGsMB8GA1UdIwQY MBaAFDvuYGa7ZSxkjHqHCZ0Nk1RUYGDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMt MTE2NDZiZTE2NzIzLzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMtMTE2NDZiZTE2NzIz LzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABxxxyqdr PMXvkPe5/RT9kPHwYV2uaAK/qanOsFSQm33H8qYIG+bCaZIb2FqN13ziwaT7ycIB gPOGHVP5TggZDkojreW8F8sImW+i3XE4VdAabMfZJ1lP3PmSq9Yzzc37faGs7AdG PEnt/DxULe2lIKIyu2COcuN5VfnFzn926qUOUvljz4nfaRZpfjKUkvvVm6Li5Mmo LKib8QaxU3AMD1YLLj3lHIFAuX77UcIuaOtSvnMzGnJLxRfb9CPOf4zKIg0jLqKZ KP/izbWi9o6UY8AwQQKzn+NOD/KM9OJuM0EwKHWJY2YaDdMBIi/6iWxQJI7BT8lL 7WbbNlhMes97OA== -----END CERTIFICATE-----Generated at Tue Dec 23 11:06:31 2025 by rpki-client