This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft File: OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft (raw, json) Hash identifier: E9u9fHrdi7uuE+f2q4Qo+3+XKHERMrS0Uc4KwofS96Y= Subject key identifier: E5:93:DA:04:AC:19:39:F8:0C:2F:9D:A3:6D:53:85:00:A5:03:17:96 Authority key identifier: 38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51 Certificate issuer: /CN=38f23798b67393e4039e3f9555e214d6737c1351 Certificate serial: 019B56E33DB5ABED76F714BC4255F1EBD64A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft Manifest number: 1798 Signing time: Thu 25 Dec 2025 19:01:31 +0000 Manifest this update: Thu 25 Dec 2025 19:01:31 +0000 Manifest next update: Fri 26 Dec 2025 19:01:31 +0000 Files and hashes: 1: OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl (hash: XGBUKZeBnqYI+hD/0brO8DdwvBPppktxMhAD/3mBvU8=) 2: Vpoq5ZpSGDP-ZXCmZlKnhArAK_Q.roa (hash: 38YyvusiUhw1DBRUCOnZouY1Y0JBlQCEkMbtx6PZeK4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:56:e3:3d:b5:ab:ed:76:f7:14:bc:42:55:f1:eb:d6:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38f23798b67393e4039e3f9555e214d6737c1351 Validity Not Before: Dec 25 19:01:31 2025 GMT Not After : Dec 26 19:01:31 2025 GMT Subject: CN=e593da04ac1939f80c2f9da36d538500a5031796 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:87:29:bd:f6:25:7b:c8:a9:e7:38:ad:10:ff: a5:54:d6:95:8a:d4:65:79:95:c6:b8:5c:99:42:44: 12:99:6b:e0:38:4b:80:4a:85:b0:db:2a:54:a5:69: 6d:0b:62:3d:b4:41:fb:12:ca:09:c4:8f:11:d0:20: 6e:a2:02:ea:21:a1:52:6c:8b:78:5e:51:17:17:50: 9d:a9:2a:c5:ec:bd:45:3f:f3:77:ba:97:4a:d8:f6: c0:6f:e2:5d:ca:6e:0e:17:62:98:3c:01:91:41:b8: 11:7f:d7:6a:b9:84:cd:3c:7a:99:72:7a:aa:46:d1: 5e:5c:15:cf:bb:f4:f6:19:92:17:ea:eb:e0:35:da: ef:a7:29:30:22:ce:89:5f:5b:3a:a3:ed:99:83:65: 8f:24:fa:ee:7b:d2:52:72:99:ad:77:a5:b4:2a:92: ee:09:70:3c:d7:4b:69:44:7c:90:8b:8c:fa:6c:40: 4a:5f:ef:da:cd:57:0d:41:04:f9:1b:b7:54:25:f3: a6:41:13:6d:69:b6:ca:0e:c5:84:66:1b:5b:28:4e: 1d:62:7c:99:fd:a8:a9:78:78:99:75:ae:f7:e3:93: 65:2f:40:0a:8c:43:1c:af:f2:58:a9:5f:2a:aa:50: 51:4f:f0:16:db:c0:22:a8:bb:20:f4:a6:78:49:eb: 02:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:93:DA:04:AC:19:39:F8:0C:2F:9D:A3:6D:53:85:00:A5:03:17:96 X509v3 Authority Key Identifier: keyid:38:F2:37:98:B6:73:93:E4:03:9E:3F:95:55:E2:14:D6:73:7C:13:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPI3mLZzk-QDnj-VVeIU1nN8E1E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/9ab4c9-0c10-4671-bdd4-730fcd0e5dca/1/OPI3mLZzk-QDnj-VVeIU1nN8E1E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:a8:ba:10:e4:4d:07:02:76:87:a3:2b:1e:6b:21:e7:80:6c: ac:05:e5:22:7f:47:9b:32:5d:7e:31:5e:17:53:ac:53:f8:09: 06:40:93:b9:43:d5:53:38:67:51:97:1f:53:59:37:ba:c5:61: 07:00:09:2e:64:79:85:e6:99:13:5c:4c:eb:8e:cb:1b:bd:23: 4a:c6:46:d3:03:d6:bb:a0:8e:4f:5a:e6:24:fd:59:24:ed:aa: 77:a1:7d:c6:3b:c3:5d:2a:95:ae:c6:a1:f1:4e:79:cc:ce:e4: 59:52:8c:1e:6f:d0:0b:88:3c:f4:3d:06:50:72:68:36:12:d9: 2c:e4:84:95:0f:90:c9:fe:d5:27:0c:a2:69:00:85:3d:b6:18: 4c:e5:e4:c2:2f:e7:e0:da:9a:06:f7:66:3d:88:b5:08:a3:3e: 57:69:b5:ac:bb:a7:53:e9:f1:02:63:5d:6e:80:e2:09:0a:22: 1f:a9:7f:d1:ce:e9:ee:e5:77:da:0b:bb:ce:fc:37:a9:a2:4f: e5:97:ce:00:2d:54:54:bf:5c:fd:c3:89:6f:0c:af:1c:e1:1f: c0:a4:da:0d:2b:a6:74:88:71:06:f3:13:55:c5:23:a1:3c:4f: d7:59:37:36:21:a0:a7:19:13:bc:80:ec:4c:c1:cc:46:d9:57: f5:c7:48:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtW4z21q+129xS8QlXx69ZKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZjIzNzk4YjY3MzkzZTQwMzllM2Y5NTU1ZTIxNGQ2NzM3 YzEzNTEwHhcNMjUxMjI1MTkwMTMxWhcNMjUxMjI2MTkwMTMxWjAzMTEwLwYDVQQD EyhlNTkzZGEwNGFjMTkzOWY4MGMyZjlkYTM2ZDUzODUwMGE1MDMxNzk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84cpvfYle8ip5zitEP+lVNaVitRl eZXGuFyZQkQSmWvgOEuASoWw2ypUpWltC2I9tEH7EsoJxI8R0CBuogLqIaFSbIt4 XlEXF1CdqSrF7L1FP/N3updK2PbAb+Jdym4OF2KYPAGRQbgRf9dquYTNPHqZcnqq RtFeXBXPu/T2GZIX6uvgNdrvpykwIs6JX1s6o+2Zg2WPJPrue9JScpmtd6W0KpLu CXA810tpRHyQi4z6bEBKX+/azVcNQQT5G7dUJfOmQRNtabbKDsWEZhtbKE4dYnyZ /aipeHiZda7345NlL0AKjEMcr/JYqV8qqlBRT/AW28AiqLsg9KZ4SesC+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOWT2gSsGTn4DC+do21ThQClAxeWMB8GA1UdIwQY MBaAFDjyN5i2c5PkA54/lVXiFNZzfBNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQt NzMwZmNkMGU1ZGNhLzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy85YWI0YzktMGMxMC00NjcxLWJkZDQtNzMwZmNkMGU1ZGNh LzEvT1BJM21MWnprLVFEbmotVlZlSVUxbk44RTFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPai6EORN BwJ2h6MrHmsh54BsrAXlIn9HmzJdfjFeF1OsU/gJBkCTuUPVUzhnUZcfU1k3usVh BwAJLmR5heaZE1xM647LG70jSsZG0wPWu6COT1rmJP1ZJO2qd6F9xjvDXSqVrsah 8U55zM7kWVKMHm/QC4g89D0GUHJoNhLZLOSElQ+Qyf7VJwyiaQCFPbYYTOXkwi/n 4NqaBvdmPYi1CKM+V2m1rLunU+nxAmNdboDiCQoiH6l/0c7p7uV32gu7zvw3qaJP 5ZfOAC1UVL9c/cOJbwyvHOEfwKTaDSumdIhxBvMTVcUjoTxP11k3NiGgpxkTvIDs TMHMRtlX9cdIrw== -----END CERTIFICATE-----Generated at Fri Dec 26 04:54:39 2025 by rpki-client