This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft File: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft (raw, json) Hash identifier: deqrmNrI2MsNaXqrW/ct1I97ZSA7Kiib+ZgkSVMSqhc= Subject key identifier: 31:8D:A5:FA:45:B3:6F:69:3B:0F:34:29:A6:76:00:47:8D:FE:34:43 Authority key identifier: 3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82 Certificate issuer: /CN=3a6b084426d9de0b10e0141d1de43c7629c19682 Certificate serial: 019B4EBB518D135231E820DC18A25AC95EBB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft Manifest number: 0E45 Signing time: Wed 24 Dec 2025 05:00:57 +0000 Manifest this update: Wed 24 Dec 2025 05:00:57 +0000 Manifest next update: Thu 25 Dec 2025 05:00:57 +0000 Files and hashes: 1: OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl (hash: zcloLA/ly51NilRJ7OsXrzz3ITxYPojPSxiabbdCDcI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 05:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:bb:51:8d:13:52:31:e8:20:dc:18:a2:5a:c9:5e:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a6b084426d9de0b10e0141d1de43c7629c19682 Validity Not Before: Dec 24 05:00:57 2025 GMT Not After : Dec 25 05:00:57 2025 GMT Subject: CN=318da5fa45b36f693b0f3429a67600478dfe3443 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a9:eb:45:7b:f0:13:f3:b0:10:ff:57:f1:d1: 1b:e0:89:29:78:2f:bb:90:b2:24:0d:3f:a2:b8:6d: 8f:56:3a:d8:e0:ca:c7:26:f3:1e:a0:41:ee:57:9b: 57:1f:57:6f:95:4b:c6:c5:a4:84:b0:46:c6:3e:67: fe:c4:6e:bd:d2:29:29:2d:26:e4:b0:7c:1e:3b:61: 7a:32:e6:1e:75:1f:be:c8:07:42:d4:f1:71:1c:ea: 9e:8a:fb:c6:68:52:b2:fe:60:e3:b8:c1:42:3c:b5: b8:9a:43:13:03:96:f6:5c:38:dd:10:8a:45:26:63: f5:cd:66:53:04:54:e5:07:a6:75:58:da:c6:5f:57: 1f:30:23:5b:be:95:db:10:8f:15:c3:be:82:4c:c6: cf:0f:74:c4:ce:19:e4:d6:f3:8a:eb:a9:ad:70:73: dd:96:74:5e:10:ed:27:26:40:69:0e:bb:a9:07:3d: 64:2d:58:79:70:af:9a:75:8c:a7:7d:51:51:fb:eb: 40:95:65:a9:82:f7:1d:85:6c:2a:9d:7e:54:a2:01: 5a:27:9b:df:8a:5c:fd:3e:66:9c:d9:1c:37:41:c7: 5e:4b:be:34:de:53:8d:72:05:81:61:2f:06:32:a4: 73:fa:67:5a:ee:41:78:cf:32:0c:34:3d:27:23:65: d1:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:8D:A5:FA:45:B3:6F:69:3B:0F:34:29:A6:76:00:47:8D:FE:34:43 X509v3 Authority Key Identifier: keyid:3A:6B:08:44:26:D9:DE:0B:10:E0:14:1D:1D:E4:3C:76:29:C1:96:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9bb275-86b0-42b2-a6ce-305b7ceeb796/1/OmsIRCbZ3gsQ4BQdHeQ8dinBloI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:94:b1:b5:ed:c0:44:01:dc:df:c7:d0:8f:76:32:ab:61:0a: 0d:e8:da:85:2c:e0:ac:53:fb:5f:48:58:31:0c:26:af:79:74: 87:3c:de:e4:a2:82:ce:1f:6c:39:f6:66:09:8e:b7:55:5e:1d: f7:bd:2b:e7:36:3e:a3:9b:67:6f:4c:b7:05:fd:ef:41:7b:2e: c6:6f:e4:bd:dc:a3:30:c6:08:b6:77:e1:6a:eb:73:ad:62:d9: d6:de:2e:20:72:05:33:3e:b0:e7:1a:4b:a2:dd:9e:90:6e:4d: 1a:00:4f:f1:06:e4:01:07:a3:85:60:89:c4:d1:59:0a:0d:d7: d2:54:d2:37:79:db:bb:bc:94:b5:9d:a9:13:49:2d:a7:23:49: 81:a7:75:5e:1b:68:9a:a0:95:d2:bd:c4:76:4c:21:6e:d7:e2: 87:d1:33:5b:56:54:37:f4:83:9c:af:db:03:0e:94:c7:25:94: 18:e4:4d:fc:c8:e7:4c:dc:08:87:85:bd:d7:37:e5:f8:c6:48: 6f:2f:e5:6d:25:f4:7a:15:92:46:fe:88:f0:c0:2d:11:ca:8d: 28:11:0b:a9:74:b0:2a:69:03:bb:62:9b:9f:b9:69:a9:dc:3f: 35:62:6b:49:cd:f7:8e:a7:c9:52:ea:78:fa:89:d6:40:e8:1c: db:8e:34:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOu1GNE1Ix6CDcGKJayV67MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNmIwODQ0MjZkOWRlMGIxMGUwMTQxZDFkZTQzYzc2Mjlj MTk2ODIwHhcNMjUxMjI0MDUwMDU3WhcNMjUxMjI1MDUwMDU3WjAzMTEwLwYDVQQD EygzMThkYTVmYTQ1YjM2ZjY5M2IwZjM0MjlhNjc2MDA0NzhkZmUzNDQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3anrRXvwE/OwEP9X8dEb4IkpeC+7 kLIkDT+iuG2PVjrY4MrHJvMeoEHuV5tXH1dvlUvGxaSEsEbGPmf+xG690ikpLSbk sHweO2F6MuYedR++yAdC1PFxHOqeivvGaFKy/mDjuMFCPLW4mkMTA5b2XDjdEIpF JmP1zWZTBFTlB6Z1WNrGX1cfMCNbvpXbEI8Vw76CTMbPD3TEzhnk1vOK66mtcHPd lnReEO0nJkBpDrupBz1kLVh5cK+adYynfVFR++tAlWWpgvcdhWwqnX5UogFaJ5vf ilz9Pmac2Rw3QcdeS7403lONcgWBYS8GMqRz+mda7kF4zzIMND0nI2XRZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDGNpfpFs29pOw80KaZ2AEeN/jRDMB8GA1UdIwQY MBaAFDprCEQm2d4LEOAUHR3kPHYpwZaCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2Ut MzA1YjdjZWViNzk2LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85YmIyNzUtODZiMC00MmIyLWE2Y2UtMzA1YjdjZWViNzk2 LzEvT21zSVJDYlozZ3NRNEJRZEhlUThkaW5CbG9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZSxte3A RAHc38fQj3Yyq2EKDejahSzgrFP7X0hYMQwmr3l0hzze5KKCzh9sOfZmCY63VV4d 970r5zY+o5tnb0y3Bf3vQXsuxm/kvdyjMMYItnfhautzrWLZ1t4uIHIFMz6w5xpL ot2ekG5NGgBP8QbkAQejhWCJxNFZCg3X0lTSN3nbu7yUtZ2pE0ktpyNJgad1Xhto mqCV0r3Edkwhbtfih9EzW1ZUN/SDnK/bAw6UxyWUGORN/MjnTNwIh4W91zfl+MZI by/lbSX0ehWSRv6I8MAtEcqNKBELqXSwKmkDu2Kbn7lpqdw/NWJrSc33jqfJUup4 +onWQOgc2440pQ== -----END CERTIFICATE-----Generated at Wed Dec 24 12:00:24 2025 by rpki-client