This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft File: OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json) Hash identifier: sOcMA3mmgV8tybbxo3YjFy0IneW9l6Qm4n35O7kI6no= Subject key identifier: EF:B2:4E:D8:B1:23:61:23:C8:8A:65:5E:E4:9D:3D:C3:6C:4E:3B:68 Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D Certificate issuer: /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d Certificate serial: 019B73359280383DDF1BA8C8AAA429B0FC20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft Manifest number: 17A2 Signing time: Wed 31 Dec 2025 07:00:49 +0000 Manifest this update: Wed 31 Dec 2025 07:00:49 +0000 Manifest next update: Thu 01 Jan 2026 07:00:49 +0000 Files and hashes: 1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: FzYE1tbRepSbgjJR6JpdAVfE115ZApkfhc0oamJ1N1c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:73:35:92:80:38:3d:df:1b:a8:c8:aa:a4:29:b0:fc:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d Validity Not Before: Dec 31 07:00:49 2025 GMT Not After : Jan 1 07:00:49 2026 GMT Subject: CN=efb24ed8b1236123c88a655ee49d3dc36c4e3b68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:bb:d2:32:f0:3f:45:c6:46:89:83:57:41:a5: 20:d3:fc:0c:e1:3b:9d:68:61:d3:1a:df:2b:8a:9b: 55:6c:e3:91:0a:34:ee:df:39:6a:11:87:3f:0c:52: 6e:dd:e4:51:ff:0f:08:5a:d7:94:47:a4:41:46:0b: 70:e3:43:59:b6:2d:85:f5:5b:8e:25:31:cf:a7:0f: 1d:c7:32:9c:7a:04:90:31:f0:d6:65:c6:83:56:d2: 4d:49:31:a1:f5:62:7d:ba:85:b1:da:12:01:fa:e6: 8b:67:24:ca:49:48:7b:63:ac:90:7c:4e:4c:2e:fd: 82:8a:fa:b7:83:eb:00:32:24:09:3b:b7:3a:0f:20: 84:d4:48:de:f5:5c:09:94:5a:42:bb:fb:7b:8e:a9: 6c:ae:ae:fa:98:52:c6:1c:bc:28:eb:55:92:b5:22: 94:26:6c:d5:29:cb:86:a7:0d:7f:85:5b:d6:20:cb: 1f:36:61:bf:e4:41:ec:77:81:ba:6b:bf:6b:c4:98: 40:f2:74:7c:49:ef:48:59:d1:d7:89:31:0e:c9:cd: fc:fd:df:74:1d:05:4e:f9:3c:11:b9:7d:d0:ba:4a: 39:a8:ed:30:8d:a9:a8:34:c6:42:03:a6:35:d2:11: da:2e:19:4b:c8:98:0d:b3:ff:72:d3:6a:46:48:bf: 5c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:B2:4E:D8:B1:23:61:23:C8:8A:65:5E:E4:9D:3D:C3:6C:4E:3B:68 X509v3 Authority Key Identifier: keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:d3:a2:af:81:d9:56:73:cb:d3:2c:6f:82:11:3a:db:1b:a5: d9:d1:3b:23:e4:49:59:2b:9e:b7:a0:06:a1:e8:73:1c:2c:e9: db:1a:02:a4:4a:fc:13:c7:6c:28:dc:9d:4d:cc:c0:f2:1b:f9: ef:ed:e3:91:b0:d1:10:1e:a7:ab:3f:7f:39:53:2b:31:db:87: c0:08:50:58:cc:06:26:c1:f0:70:e8:95:fe:e0:00:f0:25:c1: 91:73:19:78:79:48:04:14:1c:78:e0:4c:b6:97:d2:5f:52:60: 29:04:c1:db:77:68:47:1e:c0:de:3d:f7:12:b5:03:52:67:d4: 7c:7f:d1:70:bd:e2:b7:a2:20:11:c6:1e:1e:1a:04:bc:19:a2: 84:62:f2:be:4e:42:4f:46:eb:d5:62:68:3d:f5:2b:5b:42:2c: 1f:27:c7:b8:fc:17:75:5b:3f:17:d7:72:f3:78:35:07:87:fc: 73:53:0a:1a:41:60:cf:b9:73:50:25:fa:f5:b1:b5:0b:eb:bd: c4:a7:9f:c7:50:d4:4e:53:15:cc:84:69:d3:50:ba:db:95:ac: 49:92:50:13:b3:75:ca:d6:56:20:ff:03:2a:58:a4:e0:63:8b: 0b:2b:6a:d6:0b:8b:bd:c1:e1:21:70:03:12:e8:ae:a5:46:cc: ca:83:47:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtzNZKAOD3fG6jIqqQpsPwgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3 NGMzMWQwHhcNMjUxMjMxMDcwMDQ5WhcNMjYwMTAxMDcwMDQ5WjAzMTEwLwYDVQQD EyhlZmIyNGVkOGIxMjM2MTIzYzg4YTY1NWVlNDlkM2RjMzZjNGUzYjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLvSMvA/RcZGiYNXQaUg0/wM4Tud aGHTGt8riptVbOORCjTu3zlqEYc/DFJu3eRR/w8IWteUR6RBRgtw40NZti2F9VuO JTHPpw8dxzKcegSQMfDWZcaDVtJNSTGh9WJ9uoWx2hIB+uaLZyTKSUh7Y6yQfE5M Lv2Civq3g+sAMiQJO7c6DyCE1Eje9VwJlFpCu/t7jqlsrq76mFLGHLwo61WStSKU JmzVKcuGpw1/hVvWIMsfNmG/5EHsd4G6a79rxJhA8nR8Se9IWdHXiTEOyc38/d90 HQVO+TwRuX3Quko5qO0wjamoNMZCA6Y10hHaLhlLyJgNs/9y02pGSL9crQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO+yTtixI2EjyIplXuSdPcNsTjtoMB8GA1UdIwQY MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2 LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUdOir4HZ VnPL0yxvghE62xul2dE7I+RJWSuet6AGoehzHCzp2xoCpEr8E8dsKNydTczA8hv5 7+3jkbDREB6nqz9/OVMrMduHwAhQWMwGJsHwcOiV/uAA8CXBkXMZeHlIBBQceOBM tpfSX1JgKQTB23doRx7A3j33ErUDUmfUfH/RcL3it6IgEcYeHhoEvBmihGLyvk5C T0br1WJoPfUrW0IsHyfHuPwXdVs/F9dy83g1B4f8c1MKGkFgz7lzUCX69bG1C+u9 xKefx1DUTlMVzIRp01C625WsSZJQE7N1ytZWIP8DKlik4GOLCytq1guLvcHhIXAD EuiupUbMyoNH4g== -----END CERTIFICATE-----Generated at Wed Dec 31 09:03:28 2025 by rpki-client