This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft File: OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json) Hash identifier: revG8YBbG/tBIwkV2AnL6GfAFVh+Ut4CrjPi4MQ7dss= Subject key identifier: 08:E8:D0:89:F1:DF:04:B0:5F:BF:70:DD:87:A0:3C:1F:1B:A2:0C:EA Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B Certificate issuer: /CN=381b2c59729a53b84112aaf2ca1228f34247a39b Certificate serial: 019B6CC59950D6D0FB64455D5633A170BDDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft Manifest number: 179D Signing time: Tue 30 Dec 2025 01:00:47 +0000 Manifest this update: Tue 30 Dec 2025 01:00:47 +0000 Manifest next update: Wed 31 Dec 2025 01:00:47 +0000 Files and hashes: 1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: IyE7AkhNVdh+OxLXdi50m32RHxcMCGOK6PUTsmae5tA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 23:52:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c5:99:50:d6:d0:fb:64:45:5d:56:33:a1:70:bd:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b Validity Not Before: Dec 30 01:00:47 2025 GMT Not After : Dec 31 01:00:47 2025 GMT Subject: CN=08e8d089f1df04b05fbf70dd87a03c1f1ba20cea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ae:d6:ad:17:98:db:79:d7:60:80:52:9f:fa: cc:00:b8:01:21:69:05:23:06:a5:77:98:28:c2:4d: 02:b3:90:99:fd:99:3d:a5:6f:8b:a7:3d:37:33:9d: 03:5d:aa:9b:0c:42:5b:e3:71:aa:ff:cb:99:e8:dd: 5f:3d:47:af:a8:34:68:31:1e:e1:85:a5:63:81:d3: c5:37:d1:a7:c6:f4:33:79:83:98:33:0d:4e:4a:ed: 01:79:18:8e:34:42:24:59:fe:16:63:d9:b4:87:d5: 9a:59:42:c6:ef:9e:44:04:a0:ed:8c:bb:f6:56:00: b6:d8:e5:f6:ae:09:c2:f7:6d:98:d1:fc:3e:44:fe: 44:60:ba:ea:c4:c7:bf:10:07:a9:89:30:36:84:bb: df:a3:97:58:8d:a3:1e:34:d9:e0:2d:a5:bf:41:c2: c5:37:51:d7:5b:5b:20:6e:08:ae:d4:cf:7d:57:28: 0e:b3:69:37:41:3b:68:f2:5f:5d:fa:94:61:ae:82: dd:b3:b5:87:33:90:29:f4:00:71:58:37:96:b6:67: a8:05:ef:0a:39:db:65:36:6d:16:d8:0a:cf:bb:9f: 78:fe:23:17:51:4c:76:5c:29:d0:06:d7:3e:7f:76: 7e:03:5a:eb:94:44:b8:08:01:22:52:06:a3:b0:1e: b2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E8:D0:89:F1:DF:04:B0:5F:BF:70:DD:87:A0:3C:1F:1B:A2:0C:EA X509v3 Authority Key Identifier: keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:a3:fa:7f:1b:94:a3:7e:24:ad:ba:66:4f:84:40:f1:c9:dd: 76:08:51:a6:9c:03:7c:e1:c5:83:07:10:27:ad:b0:93:1c:cd: ae:2f:25:f3:06:90:88:a1:ef:24:e8:25:87:a6:45:5a:a7:01: 6f:29:e6:7a:ec:b8:52:62:b8:2d:17:bc:90:8c:ae:0a:5c:3f: 7a:18:ac:09:c6:3b:bb:b5:da:f6:98:61:1d:df:79:1c:19:e4: 84:29:82:e8:ee:36:ba:2d:5b:47:63:03:0a:ea:21:e6:d3:8e: 7d:cf:53:c9:17:c2:cd:62:97:82:7b:82:40:17:a2:41:a5:a6: 22:34:00:44:6e:99:82:da:33:43:cd:04:8a:64:26:66:7c:83: 1b:b6:cb:58:95:99:f7:3f:39:5b:e9:45:d8:50:44:b1:14:7f: a7:25:f1:8c:f4:6a:62:95:ca:8a:94:29:87:ca:72:6d:24:36: ea:db:07:0e:79:6a:60:30:6b:3f:61:2c:a9:60:a4:34:d8:e1: 2e:7a:d8:23:b4:2a:bd:8d:d7:91:9a:0d:32:c4:04:23:15:b1: 17:1d:e3:55:2b:25:3e:d4:50:88:45:cc:98:b6:2c:c7:a0:91: be:a2:d3:dc:25:48:1e:17:cb:ab:a8:a3:3e:aa:a5:78:29:e7: 34:6d:cc:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxZlQ1tD7ZEVdVjOhcL3cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0 N2EzOWIwHhcNMjUxMjMwMDEwMDQ3WhcNMjUxMjMxMDEwMDQ3WjAzMTEwLwYDVQQD EygwOGU4ZDA4OWYxZGYwNGIwNWZiZjcwZGQ4N2EwM2MxZjFiYTIwY2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta7WrReY23nXYIBSn/rMALgBIWkF Iwald5gowk0Cs5CZ/Zk9pW+Lpz03M50DXaqbDEJb43Gq/8uZ6N1fPUevqDRoMR7h haVjgdPFN9GnxvQzeYOYMw1OSu0BeRiONEIkWf4WY9m0h9WaWULG755EBKDtjLv2 VgC22OX2rgnC922Y0fw+RP5EYLrqxMe/EAepiTA2hLvfo5dYjaMeNNngLaW/QcLF N1HXW1sgbgiu1M99VygOs2k3QTto8l9d+pRhroLds7WHM5Ap9ABxWDeWtmeoBe8K OdtlNm0W2ArPu594/iMXUUx2XCnQBtc+f3Z+A1rrlES4CAEiUgajsB6ylQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAjo0Inx3wSwX79w3YegPB8bogzqMB8GA1UdIwQY MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoKP6fxuU o34krbpmT4RA8cnddghRppwDfOHFgwcQJ62wkxzNri8l8waQiKHvJOglh6ZFWqcB bynmeuy4UmK4LRe8kIyuClw/ehisCcY7u7Xa9phhHd95HBnkhCmC6O42ui1bR2MD Cuoh5tOOfc9TyRfCzWKXgnuCQBeiQaWmIjQARG6ZgtozQ80EimQmZnyDG7bLWJWZ 9z85W+lF2FBEsRR/pyXxjPRqYpXKipQph8pybSQ26tsHDnlqYDBrP2EsqWCkNNjh LnrYI7QqvY3XkZoNMsQEIxWxFx3jVSslPtRQiEXMmLYsx6CRvqLT3CVIHhfLq6ij PqqleCnnNG3MNA== -----END CERTIFICATE-----Generated at Tue Dec 30 03:18:23 2025 by rpki-client