This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft File: oLwgSfIYtv2rytdZTCUjso2kd8E.mft (raw, json) Hash identifier: ZtRD4Ckt3yr8BiRtojTlF3YbDYzeQLUMWs5brQ4342M= Subject key identifier: 9C:11:75:97:98:F8:28:55:45:C1:1E:55:11:CD:46:51:2F:BA:1E:34 Authority key identifier: A0:BC:20:49:F2:18:B6:FD:AB:CA:D7:59:4C:25:23:B2:8D:A4:77:C1 Certificate issuer: /CN=a0bc2049f218b6fdabcad7594c2523b28da477c1 Certificate serial: 019B3DFED085C6C4868AB5123F311810A246 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft Manifest number: 171D Signing time: Sat 20 Dec 2025 23:01:08 +0000 Manifest this update: Sat 20 Dec 2025 23:01:08 +0000 Manifest next update: Sun 21 Dec 2025 23:01:08 +0000 Files and hashes: 1: APsUsrAn96ow-lwQ45SmC1gQegc.roa (hash: t3tVyfgAERiYm7/hAZrrvXacDVWFUchPqKdL2GXQLe4=) 2: oLwgSfIYtv2rytdZTCUjso2kd8E.crl (hash: aEzTWBGvHZz79VS+yCiEGA1C6bYywLZLayz7kQ8gTWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 23:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:d0:85:c6:c4:86:8a:b5:12:3f:31:18:10:a2:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0bc2049f218b6fdabcad7594c2523b28da477c1 Validity Not Before: Dec 20 23:01:08 2025 GMT Not After : Dec 21 23:01:08 2025 GMT Subject: CN=9c11759798f8285545c11e5511cd46512fba1e34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:2e:b0:3d:e3:d0:f9:3e:bd:fa:d0:32:b7:0a: 04:bf:f5:49:8e:44:e2:c7:97:4a:1d:37:71:4b:b5: 01:57:ce:7a:b4:a5:67:79:30:a1:4c:0b:18:2b:77: af:d6:da:a1:84:e8:56:5b:dc:d4:e5:43:d0:5b:c3: da:29:d6:59:92:84:cc:fe:7e:cf:24:ff:50:90:8a: 72:13:4b:91:fa:6f:50:a6:1c:eb:d0:ab:14:17:b4: 02:64:ea:f5:ee:34:86:0e:58:ac:7d:4b:65:bc:45: a7:35:c5:d6:55:f1:96:8e:e6:30:0c:d3:4e:5c:07: 9c:e9:7a:ea:40:99:cd:d5:6a:76:dd:9b:98:2e:6d: 2d:45:20:ce:1b:09:da:c0:a8:1c:80:22:7d:9a:2b: b9:b2:03:fd:f1:a4:ca:2a:a8:52:17:da:ea:ad:e6: 06:23:ce:cd:2c:48:ad:37:24:d7:8f:91:ad:63:a3: 3e:be:95:dc:af:ac:75:92:e1:82:05:13:5a:bf:73: d5:98:03:b3:56:52:25:2d:2c:b0:4c:7b:33:4f:09: bf:26:9c:5c:25:9f:19:fb:b5:29:b8:97:48:00:69: 73:fd:82:96:5b:08:4d:da:d9:38:30:66:14:75:eb: d6:e4:1d:5e:91:03:4f:f0:4a:79:03:9f:f9:0a:db: dc:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:11:75:97:98:F8:28:55:45:C1:1E:55:11:CD:46:51:2F:BA:1E:34 X509v3 Authority Key Identifier: keyid:A0:BC:20:49:F2:18:B6:FD:AB:CA:D7:59:4C:25:23:B2:8D:A4:77:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:3d:46:c4:a5:0c:69:d4:7c:76:68:6d:65:bf:1e:28:39:98: 3c:cc:73:86:01:71:35:03:e6:de:5e:09:62:20:05:14:b3:4d: 15:ae:3a:ce:1d:a2:3d:04:bf:fc:99:78:06:c3:94:e0:54:16: ee:ec:15:37:a0:85:2e:80:95:9b:c0:54:0c:3a:57:cb:1e:ca: 67:c1:16:fd:0c:ed:22:a3:2e:dd:ed:85:f8:96:de:d0:9b:16: 83:75:3b:0c:01:a5:0e:f8:ca:53:3d:79:3c:0a:50:03:85:32: 5b:c3:35:c0:18:2d:22:fb:18:fc:e7:ee:1b:86:35:c2:d8:28: a7:13:33:13:c7:77:06:b1:ac:4c:82:06:bd:b0:ea:ba:bb:e5: f9:30:67:96:3b:c7:89:ad:9f:86:d8:78:a1:da:2e:02:e2:04: 85:17:f4:fa:bc:52:72:f1:e1:ec:77:c7:11:84:7c:61:fd:f2: 11:00:b3:7f:65:3a:cd:a1:34:f0:40:3b:76:c6:43:57:93:88: d1:64:53:b2:c8:a6:68:f7:1b:b1:86:e5:15:91:4b:63:ef:cc: 6e:5a:35:15:6b:2f:33:d8:df:11:df:fc:21:c7:ef:40:fa:da: 81:8d:ee:e3:ce:88:f0:c8:d7:1b:14:4b:c1:a6:b1:49:df:29: d1:6b:a9:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/tCFxsSGirUSPzEYEKJGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYmMyMDQ5ZjIxOGI2ZmRhYmNhZDc1OTRjMjUyM2IyOGRh NDc3YzEwHhcNMjUxMjIwMjMwMTA4WhcNMjUxMjIxMjMwMTA4WjAzMTEwLwYDVQQD Eyg5YzExNzU5Nzk4ZjgyODU1NDVjMTFlNTUxMWNkNDY1MTJmYmExZTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S6wPePQ+T69+tAytwoEv/VJjkTi x5dKHTdxS7UBV856tKVneTChTAsYK3ev1tqhhOhWW9zU5UPQW8PaKdZZkoTM/n7P JP9QkIpyE0uR+m9Qphzr0KsUF7QCZOr17jSGDlisfUtlvEWnNcXWVfGWjuYwDNNO XAec6XrqQJnN1Wp23ZuYLm0tRSDOGwnawKgcgCJ9miu5sgP98aTKKqhSF9rqreYG I87NLEitNyTXj5GtY6M+vpXcr6x1kuGCBRNav3PVmAOzVlIlLSywTHszTwm/Jpxc JZ8Z+7UpuJdIAGlz/YKWWwhN2tk4MGYUdevW5B1ekQNP8Ep5A5/5CtvcLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJwRdZeY+ChVRcEeVRHNRlEvuh40MB8GA1UdIwQY MBaAFKC8IEnyGLb9q8rXWUwlI7KNpHfBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNWI0MDMtMjIxOS00Nzg2LWFiMDIt MTk5MTJhMGU0OTE4LzEvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8xNWI0MDMtMjIxOS00Nzg2LWFiMDItMTk5MTJhMGU0OTE4 LzEvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmz1GxKUM adR8dmhtZb8eKDmYPMxzhgFxNQPm3l4JYiAFFLNNFa46zh2iPQS//Jl4BsOU4FQW 7uwVN6CFLoCVm8BUDDpXyx7KZ8EW/QztIqMu3e2F+Jbe0JsWg3U7DAGlDvjKUz15 PApQA4UyW8M1wBgtIvsY/OfuG4Y1wtgopxMzE8d3BrGsTIIGvbDqurvl+TBnljvH ia2fhth4odouAuIEhRf0+rxScvHh7HfHEYR8Yf3yEQCzf2U6zaE08EA7dsZDV5OI 0WRTssimaPcbsYblFZFLY+/Mblo1FWsvM9jfEd/8IcfvQPragY3u486I8MjXGxRL waaxSd8p0Wup5w== -----END CERTIFICATE-----Generated at Sun Dec 21 05:54:02 2025 by rpki-client