This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft File: O9VD0EZeovb-uCjxhQSwP0A6xmk.mft (raw, json) Hash identifier: 3ngwgvbMWUXtl5ssbx9pgo8e2X6bfP/vnr7eCn6Tq7c= Subject key identifier: 2E:A1:70:44:B0:83:70:61:87:7B:7C:A9:B5:A4:77:D8:0F:07:DA:3A Authority key identifier: 3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69 Certificate issuer: /CN=3bd543d0465ea2f6feb828f18504b03f403ac669 Certificate serial: 019B3E6C515B2385B54784C4FEA772D8CC48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft Manifest number: 11C3 Signing time: Sun 21 Dec 2025 01:00:44 +0000 Manifest this update: Sun 21 Dec 2025 01:00:44 +0000 Manifest next update: Mon 22 Dec 2025 01:00:44 +0000 Files and hashes: 1: O9VD0EZeovb-uCjxhQSwP0A6xmk.crl (hash: GjgESlchVPbDcZCM4g/hUdYhrzXh4IF9H1p4BOQUl6o=) 2: x4WRkvTk4Qfvxow9VzZXx3rDXCk.roa (hash: RyOgBcFttRpc6DEmQeaGYO0tOWZlEQp1Uhl8vvwB5VE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 01:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:51:5b:23:85:b5:47:84:c4:fe:a7:72:d8:cc:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bd543d0465ea2f6feb828f18504b03f403ac669 Validity Not Before: Dec 21 01:00:44 2025 GMT Not After : Dec 22 01:00:44 2025 GMT Subject: CN=2ea17044b0837061877b7ca9b5a477d80f07da3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:70:45:e7:cf:9f:3c:72:01:d6:ad:ce:9c:62: 74:5f:13:a3:68:b5:54:2e:69:af:bd:f2:16:a9:af: 33:4b:0b:92:86:83:d0:1f:93:ad:5b:30:54:93:61: ff:1a:bb:b3:f8:bd:5d:21:fa:09:5c:f5:f3:26:2c: 6e:97:a3:e9:93:88:19:bc:7a:b1:3e:0d:a5:1f:48: 69:3e:15:07:46:80:a1:45:dd:77:52:fc:50:76:ba: b8:3b:9d:b3:de:65:8e:47:ae:85:1a:ff:0e:aa:dd: 55:75:b3:30:0e:d5:58:3d:20:f2:b6:ef:db:4d:ea: 72:3d:2e:bc:ea:5d:a5:e4:e5:27:45:85:62:42:b3: 77:41:13:af:21:dd:ef:53:81:04:ff:23:d6:bc:46: c4:18:aa:eb:7b:dc:18:08:64:56:fc:6c:3f:e3:c7: 77:f9:b2:78:9c:8f:d9:a0:c0:c1:69:e3:51:4b:41: 81:14:0d:bb:65:6d:2f:dc:0f:0e:b1:55:c8:f2:c1: 14:72:17:e5:2a:4e:b0:f8:30:f9:d2:62:fb:e3:cc: 1f:e6:30:bb:a2:cf:ea:d3:87:da:ae:85:ca:c9:b6: 6f:5b:d6:02:1b:ee:6f:d1:7d:88:58:ed:6f:e3:d3: 22:90:ad:9d:ac:94:fc:19:fd:67:e5:23:e9:c2:ef: 0d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:A1:70:44:B0:83:70:61:87:7B:7C:A9:B5:A4:77:D8:0F:07:DA:3A X509v3 Authority Key Identifier: keyid:3B:D5:43:D0:46:5E:A2:F6:FE:B8:28:F1:85:04:B0:3F:40:3A:C6:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9VD0EZeovb-uCjxhQSwP0A6xmk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/78fea9-efac-4983-ac2b-df45054dd934/1/O9VD0EZeovb-uCjxhQSwP0A6xmk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:c9:1d:8a:94:90:8e:d7:db:e3:92:69:a6:e0:ab:7a:cd:65: e3:a6:76:c9:85:cb:77:6e:c2:f7:9b:6a:f8:05:02:a1:d1:6d: 14:6d:c1:09:d3:a6:d8:e8:bb:ce:cd:20:1f:86:58:b4:04:ec: 9f:45:13:75:c1:f5:17:fc:44:e5:87:ba:e4:41:b9:74:39:bf: 1d:38:74:59:07:22:ab:61:5a:8f:ac:17:ff:05:fe:64:2d:66: 53:4c:8b:78:25:a8:74:ac:ba:fa:a8:84:e3:77:76:f7:ca:1a: 73:e3:4d:4a:97:0a:1a:d2:37:7d:6e:9b:fd:6c:e3:28:d9:a9: 27:1a:d4:e6:2b:92:bc:b4:05:dd:ae:dc:5e:86:0f:8b:78:05: 61:a5:c2:06:70:e3:a4:bd:3a:88:17:f0:4c:65:63:19:6e:15: 3e:d3:c3:8c:c4:5d:b5:5c:6f:30:ba:e5:b7:88:b8:6c:2e:51: f4:5b:55:d9:23:b4:34:27:d9:52:69:3d:54:e4:da:90:7a:b5: 9f:81:97:34:34:0c:d6:15:28:b9:6e:23:89:d0:44:7e:4f:05: d2:c0:49:a3:5b:6e:d5:3a:8e:45:61:f8:a1:a1:a9:bb:4a:20: 08:59:5c:c7:58:b8:c3:5f:1b:47:15:c4:76:c9:ca:09:e4:38: 83:a5:02:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bFFbI4W1R4TE/qdy2MxIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZDU0M2QwNDY1ZWEyZjZmZWI4MjhmMTg1MDRiMDNmNDAz YWM2NjkwHhcNMjUxMjIxMDEwMDQ0WhcNMjUxMjIyMDEwMDQ0WjAzMTEwLwYDVQQD EygyZWExNzA0NGIwODM3MDYxODc3YjdjYTliNWE0NzdkODBmMDdkYTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXBF58+fPHIB1q3OnGJ0XxOjaLVU LmmvvfIWqa8zSwuShoPQH5OtWzBUk2H/Gruz+L1dIfoJXPXzJixul6Ppk4gZvHqx Pg2lH0hpPhUHRoChRd13UvxQdrq4O52z3mWOR66FGv8Oqt1VdbMwDtVYPSDytu/b TepyPS686l2l5OUnRYViQrN3QROvId3vU4EE/yPWvEbEGKrre9wYCGRW/Gw/48d3 +bJ4nI/ZoMDBaeNRS0GBFA27ZW0v3A8OsVXI8sEUchflKk6w+DD50mL748wf5jC7 os/q04faroXKybZvW9YCG+5v0X2IWO1v49MikK2drJT8Gf1n5SPpwu8NBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC6hcESwg3Bhh3t8qbWkd9gPB9o6MB8GA1UdIwQY MBaAFDvVQ9BGXqL2/rgo8YUEsD9AOsZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmIt ZGY0NTA1NGRkOTM0LzEvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy83OGZlYTktZWZhYy00OTgzLWFjMmItZGY0NTA1NGRkOTM0 LzEvTzlWRDBFWmVvdmItdUNqeGhRU3dQMEE2eG1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgskdipSQ jtfb45JppuCres1l46Z2yYXLd27C95tq+AUCodFtFG3BCdOm2Oi7zs0gH4ZYtATs n0UTdcH1F/xE5Ye65EG5dDm/HTh0WQciq2Faj6wX/wX+ZC1mU0yLeCWodKy6+qiE 43d298oac+NNSpcKGtI3fW6b/WzjKNmpJxrU5iuSvLQF3a7cXoYPi3gFYaXCBnDj pL06iBfwTGVjGW4VPtPDjMRdtVxvMLrlt4i4bC5R9FtV2SO0NCfZUmk9VOTakHq1 n4GXNDQM1hUouW4jidBEfk8F0sBJo1tu1TqORWH4oaGpu0ogCFlcx1i4w18bRxXE dsnKCeQ4g6UC6Q== -----END CERTIFICATE-----Generated at Sun Dec 21 10:37:39 2025 by rpki-client