This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft File: O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json) Hash identifier: pzDFQIR92U5GfO+LW+hbNp2El7J0NzH1r3y4MAsWuic= Subject key identifier: F5:0C:FF:31:72:11:93:74:00:8A:B8:CD:6E:DE:3C:A6:45:40:39:9E Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62 Certificate issuer: /CN=3b55e7feb907137299f5792c36395efba9b34b62 Certificate serial: 019B3569B8EA88AC5951D36B19C99A07C406 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft Manifest number: 102B Signing time: Fri 19 Dec 2025 07:01:19 +0000 Manifest this update: Fri 19 Dec 2025 07:01:19 +0000 Manifest next update: Sat 20 Dec 2025 07:01:19 +0000 Files and hashes: 1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: cbCwTnNhZ/qUmHRA4VihHONZPjEbWRwxRA9U2ySVV0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:b8:ea:88:ac:59:51:d3:6b:19:c9:9a:07:c4:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62 Validity Not Before: Dec 19 07:01:19 2025 GMT Not After : Dec 20 07:01:19 2025 GMT Subject: CN=f50cff3172119374008ab8cd6ede3ca64540399e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7f:34:32:19:6c:e2:f5:45:b2:ba:ef:49:de: 8a:41:44:9e:26:7b:37:e8:f9:1c:23:fa:cf:6b:bc: a5:1f:43:a6:1b:a2:73:b6:41:a2:e8:40:05:c3:ff: 0d:35:ae:d1:14:f1:af:fe:30:4b:a7:a0:e2:48:09: a0:71:93:23:5c:1a:c9:e3:3e:28:41:0e:fb:48:b0: f4:13:3e:49:8d:54:f5:e0:44:d4:35:6f:48:b3:de: 71:fd:48:43:b6:a5:8c:9d:5e:1a:c9:da:61:3a:57: 8f:9f:5c:9e:b4:f5:95:70:48:e9:b9:27:dd:7e:a7: 07:5d:77:d6:03:3a:6d:d6:1d:08:3e:f1:84:87:4b: ad:3b:a4:fc:92:ac:76:14:19:51:d4:65:d0:47:b2: b5:2a:7d:82:ad:83:9a:4d:72:f2:cc:79:65:31:db: 3b:b5:61:4f:7f:27:ef:86:65:0e:0c:fb:63:2f:87: da:e2:94:54:12:3d:3a:53:eb:dc:8d:72:00:b9:89: 35:64:52:61:33:d5:13:69:3e:c5:36:3c:73:bc:1c: cd:4d:9d:3d:c4:b0:2d:e7:cb:59:68:a6:41:6b:e9: c8:5c:1b:61:38:b7:34:1f:34:f1:eb:d0:59:bb:ea: ec:af:7b:7f:68:1d:7d:09:71:cb:6b:bc:8f:8c:da: 43:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:0C:FF:31:72:11:93:74:00:8A:B8:CD:6E:DE:3C:A6:45:40:39:9E X509v3 Authority Key Identifier: keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:25:66:fb:cc:34:0f:31:fc:c5:c7:ec:37:eb:10:13:7b:fa: 9f:a7:1b:80:c6:41:66:a4:05:f2:37:d8:ba:c0:c0:94:9f:ac: 7a:a4:ef:09:bc:d3:68:2b:c7:b3:29:51:c3:96:15:58:43:0e: 01:42:d3:2b:db:46:95:97:63:05:4b:eb:7c:b3:b1:43:ab:66: 36:3d:21:52:5f:3f:8c:b7:ce:9e:b1:49:4b:18:b7:55:d2:87: 83:37:8f:ab:66:46:41:86:a5:b5:a7:c9:41:35:5b:2a:1a:05: 48:43:29:bb:64:e6:29:b1:e9:33:38:c5:8e:e0:24:7e:d7:46: 96:f2:65:93:6d:61:a9:d1:1d:8f:b8:23:e1:1c:71:af:e1:11: f9:84:96:1e:49:27:9c:4b:9a:7e:95:6e:27:8f:8a:b8:5e:14: 41:18:44:14:19:1a:1c:1f:0d:aa:74:d8:65:b7:73:a3:a3:ee: 8b:cb:82:b2:b2:6f:4e:cf:ec:e6:67:a9:c7:84:31:6a:48:05: 21:59:a3:09:28:19:5b:e2:36:c1:c4:f1:d6:46:8c:a7:2c:64: ec:10:e7:26:34:8a:26:64:5e:6d:bf:69:31:d7:31:e6:3c:0e: cf:fb:e1:56:b7:d2:eb:db:20:ab:a4:1c:97:1c:7b:e3:0e:aa: c2:cf:68:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1abjqiKxZUdNrGcmaB8QGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli MzRiNjIwHhcNMjUxMjE5MDcwMTE5WhcNMjUxMjIwMDcwMTE5WjAzMTEwLwYDVQQD EyhmNTBjZmYzMTcyMTE5Mzc0MDA4YWI4Y2Q2ZWRlM2NhNjQ1NDAzOTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx380Mhls4vVFsrrvSd6KQUSeJns3 6PkcI/rPa7ylH0OmG6JztkGi6EAFw/8NNa7RFPGv/jBLp6DiSAmgcZMjXBrJ4z4o QQ77SLD0Ez5JjVT14ETUNW9Is95x/UhDtqWMnV4aydphOlePn1yetPWVcEjpuSfd fqcHXXfWAzpt1h0IPvGEh0utO6T8kqx2FBlR1GXQR7K1Kn2CrYOaTXLyzHllMds7 tWFPfyfvhmUODPtjL4fa4pRUEj06U+vcjXIAuYk1ZFJhM9UTaT7FNjxzvBzNTZ09 xLAt58tZaKZBa+nIXBthOLc0HzTx69BZu+rsr3t/aB19CXHLa7yPjNpDXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPUM/zFyEZN0AIq4zW7ePKZFQDmeMB8GA1UdIwQY MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2 LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASCVm+8w0 DzH8xcfsN+sQE3v6n6cbgMZBZqQF8jfYusDAlJ+seqTvCbzTaCvHsylRw5YVWEMO AULTK9tGlZdjBUvrfLOxQ6tmNj0hUl8/jLfOnrFJSxi3VdKHgzePq2ZGQYaltafJ QTVbKhoFSEMpu2TmKbHpMzjFjuAkftdGlvJlk21hqdEdj7gj4Rxxr+ER+YSWHkkn nEuafpVuJ4+KuF4UQRhEFBkaHB8NqnTYZbdzo6Pui8uCsrJvTs/s5mepx4QxakgF IVmjCSgZW+I2wcTx1kaMpyxk7BDnJjSKJmRebb9pMdcx5jwOz/vhVrfS69sgq6Qc lxx74w6qws9okw== -----END CERTIFICATE-----Generated at Fri Dec 19 15:59:06 2025 by rpki-client