This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft File: OzdnJSANjYwAzw91FK8l_zYjEPA.mft (raw, json) Hash identifier: jOeFJvjnV6JZdY9qi+AdQwkUdo7Cw4sLUx7vP+rSZt0= Subject key identifier: 72:B3:56:08:4D:50:FD:02:20:4C:82:FF:4E:DF:7C:66:51:CD:04:74 Authority key identifier: 3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0 Certificate issuer: /CN=3b376725200d8d8c00cf0f7514af25ff362310f0 Certificate serial: 019B405B3AE4DEDE43D8A3547774444D5476 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft Manifest number: 178B Signing time: Sun 21 Dec 2025 10:01:19 +0000 Manifest this update: Sun 21 Dec 2025 10:01:19 +0000 Manifest next update: Mon 22 Dec 2025 10:01:19 +0000 Files and hashes: 1: OzdnJSANjYwAzw91FK8l_zYjEPA.crl (hash: gJ8K3nfSN9HRQtwC+yi7vb++fjLJKqrUW3Inv6n+Rek=) 2: mY9DqP6sBYRDAuWwviu5NNB6lIA.roa (hash: Jpwfq6zWzFUKhEKM7+C1EDuHC9fqQSYeca6cvS8lEYo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:3a:e4:de:de:43:d8:a3:54:77:74:44:4d:54:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b376725200d8d8c00cf0f7514af25ff362310f0 Validity Not Before: Dec 21 10:01:19 2025 GMT Not After : Dec 22 10:01:19 2025 GMT Subject: CN=72b356084d50fd02204c82ff4edf7c6651cd0474 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fc:e2:0c:41:eb:65:8f:b0:b0:1e:50:42:c9: 94:46:52:bf:b5:3f:1c:74:01:4a:ad:7c:b4:77:fd: 8f:d3:b2:65:b5:3e:50:b1:4a:e4:d2:17:94:f1:d5: 5f:53:f1:96:39:37:84:0f:90:04:58:84:a7:21:e2: 2e:e2:f6:10:b6:fc:f2:0f:01:fb:59:26:a4:98:ae: 9a:a0:ed:48:ec:bb:45:34:d4:a0:ef:ba:10:42:2f: 58:09:4d:91:56:61:39:eb:59:3a:80:cf:b9:5a:12: 1c:74:e2:95:58:1d:81:01:8a:1b:17:45:e3:51:b0: 91:06:6a:b4:0d:bc:cc:69:ba:98:67:2a:d9:46:4f: b1:05:12:7b:2d:8c:5f:12:6f:8b:f7:6a:26:59:3b: fb:b8:0b:71:5b:f2:45:4a:2b:57:1a:f2:b5:2e:12: 98:bd:b2:0d:a5:06:3c:c8:e8:48:f5:a3:fe:bd:df: 96:98:ca:c2:19:4d:3e:14:f0:26:a8:94:ce:f5:7d: 1f:50:9a:36:0e:aa:0b:16:bd:ca:06:f4:fb:ca:33: 26:04:89:a5:49:c1:90:86:94:5b:c1:c8:37:c2:94: 57:fc:04:5e:70:fc:06:7a:a2:81:1a:84:19:05:7f: 49:48:fb:ff:e4:8c:96:bd:3b:b5:21:17:89:1f:4c: 60:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:B3:56:08:4D:50:FD:02:20:4C:82:FF:4E:DF:7C:66:51:CD:04:74 X509v3 Authority Key Identifier: keyid:3B:37:67:25:20:0D:8D:8C:00:CF:0F:75:14:AF:25:FF:36:23:10:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzdnJSANjYwAzw91FK8l_zYjEPA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e54a63-36b4-4684-9159-292098da2e39/1/OzdnJSANjYwAzw91FK8l_zYjEPA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:50:5d:0f:b5:3c:94:f8:37:5b:70:f5:42:2c:a6:fb:53:33: a2:a0:ef:9b:2b:7d:70:ab:e5:d8:53:96:32:76:fd:e5:a5:7c: 78:5c:5e:26:4c:32:9d:53:c9:03:c5:5c:f0:57:7f:6a:46:f5: 71:0f:ba:33:b0:94:92:a7:db:38:8f:fd:51:4c:a2:2d:25:7a: d8:4e:05:e3:a3:bc:48:6a:39:4e:0e:da:85:48:75:07:a9:64: 1c:64:34:1f:22:92:41:6e:f0:01:e3:9b:58:93:59:1d:92:43: 4f:4e:18:20:34:fb:22:1c:e9:87:79:64:8e:7b:6d:44:c9:cc: ca:d8:b7:42:12:7d:ea:94:c7:06:c3:b1:63:b8:34:45:64:47: db:0f:be:8c:92:8e:a8:ca:e9:76:34:90:d5:d8:3b:48:9a:8c: b2:20:93:6b:78:78:fd:24:1d:94:8b:34:f4:eb:ff:e9:7b:73: 69:75:c3:4b:9f:b8:a9:77:c0:81:3a:a8:28:08:18:2f:69:85: dd:9e:3d:07:64:70:80:7e:50:2b:57:d9:d6:d9:8e:25:12:b4: d6:50:ab:d0:e4:15:6c:54:c6:c9:f4:6f:f1:a4:3c:11:26:1b: 8b:c6:ef:d0:f3:60:66:4d:c0:2d:b9:97:02:bf:7e:4c:9e:f7: 33:d0:ca:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWzrk3t5D2KNUd3RETVR2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiMzc2NzI1MjAwZDhkOGMwMGNmMGY3NTE0YWYyNWZmMzYy MzEwZjAwHhcNMjUxMjIxMTAwMTE5WhcNMjUxMjIyMTAwMTE5WjAzMTEwLwYDVQQD Eyg3MmIzNTYwODRkNTBmZDAyMjA0YzgyZmY0ZWRmN2M2NjUxY2QwNDc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfziDEHrZY+wsB5QQsmURlK/tT8c dAFKrXy0d/2P07JltT5QsUrk0heU8dVfU/GWOTeED5AEWISnIeIu4vYQtvzyDwH7 WSakmK6aoO1I7LtFNNSg77oQQi9YCU2RVmE561k6gM+5WhIcdOKVWB2BAYobF0Xj UbCRBmq0DbzMabqYZyrZRk+xBRJ7LYxfEm+L92omWTv7uAtxW/JFSitXGvK1LhKY vbINpQY8yOhI9aP+vd+WmMrCGU0+FPAmqJTO9X0fUJo2DqoLFr3KBvT7yjMmBIml ScGQhpRbwcg3wpRX/ARecPwGeqKBGoQZBX9JSPv/5IyWvTu1IReJH0xgKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKzVghNUP0CIEyC/07ffGZRzQR0MB8GA1UdIwQY MBaAFDs3ZyUgDY2MAM8PdRSvJf82IxDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTkt MjkyMDk4ZGEyZTM5LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9lNTRhNjMtMzZiNC00Njg0LTkxNTktMjkyMDk4ZGEyZTM5 LzEvT3pkbkpTQU5qWXdBenc5MUZLOGxfellqRVBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArVBdD7U8 lPg3W3D1Qiym+1MzoqDvmyt9cKvl2FOWMnb95aV8eFxeJkwynVPJA8Vc8Fd/akb1 cQ+6M7CUkqfbOI/9UUyiLSV62E4F46O8SGo5Tg7ahUh1B6lkHGQ0HyKSQW7wAeOb WJNZHZJDT04YIDT7Ihzph3lkjnttRMnMyti3QhJ96pTHBsOxY7g0RWRH2w++jJKO qMrpdjSQ1dg7SJqMsiCTa3h4/SQdlIs09Ov/6XtzaXXDS5+4qXfAgTqoKAgYL2mF 3Z49B2RwgH5QK1fZ1tmOJRK01lCr0OQVbFTGyfRv8aQ8ESYbi8bv0PNgZk3ALbmX Ar9+TJ73M9DKLw== -----END CERTIFICATE-----Generated at Sun Dec 21 19:04:58 2025 by rpki-client