This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json) Hash identifier: aVbhhv6rr7mluN3EvRuCC95zl2HxxNQePZOQNUcA/gA= Subject key identifier: E1:E2:9B:08:49:64:27:75:1E:91:C7:69:63:87:5B:FD:A6:35:21:76 Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Certificate serial: 019B3BA29502C490F136D1FE111B97E89390 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft Manifest number: 0F0A Signing time: Sat 20 Dec 2025 12:01:09 +0000 Manifest this update: Sat 20 Dec 2025 12:01:09 +0000 Manifest next update: Sun 21 Dec 2025 12:01:09 +0000 Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: V0kZnXmvgA6covK7GAH6mz3/4Yz2BTgB9q5CGi++sAU=) 2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:95:02:c4:90:f1:36:d1:fe:11:1b:97:e8:93:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Validity Not Before: Dec 20 12:01:09 2025 GMT Not After : Dec 21 12:01:09 2025 GMT Subject: CN=e1e29b08496427751e91c76963875bfda6352176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:b5:36:9e:09:0c:c4:1c:04:63:52:a9:e9:89: 69:45:54:6a:e5:47:e5:a7:c1:eb:ee:5b:58:13:9a: d2:60:d3:72:9b:66:22:df:27:ee:03:7e:bf:18:5f: ee:ec:94:a8:df:ff:96:fd:83:e4:9a:58:e3:6e:90: 34:cc:42:d2:c9:91:45:c3:4f:49:08:d9:1d:2a:15: 06:3a:ab:b5:a4:8c:8e:0d:dc:ca:cc:76:c3:d9:5a: 09:68:27:c5:c1:d8:01:a4:d1:f6:cd:18:bc:00:88: 4f:e3:ca:56:af:86:5a:5e:c3:7c:cd:52:c3:23:cc: 98:85:8a:4c:ca:0a:10:77:fd:6b:bf:7b:bb:68:21: d0:f5:63:62:14:3e:c7:87:a8:52:e9:44:e2:a5:c3: 97:12:01:d1:df:96:ee:6d:91:4f:95:b4:1a:f0:0c: be:55:0a:99:1a:e4:29:6b:7e:6b:c7:32:ae:86:6b: 4f:a1:ff:e1:93:9d:f6:57:9f:fa:4f:9d:88:84:5e: 46:c4:14:e2:8f:25:c4:6a:28:f4:ad:99:10:09:81: a5:4b:45:75:e3:c2:96:3f:95:e8:c2:3d:4d:7c:f6: 7c:5d:b8:18:1d:03:4b:a0:fb:65:a7:40:06:2d:78: 85:c8:5e:66:60:71:f0:a0:d0:3e:ed:67:8c:30:ab: 1b:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E2:9B:08:49:64:27:75:1E:91:C7:69:63:87:5B:FD:A6:35:21:76 X509v3 Authority Key Identifier: keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:02:d4:b0:e1:a8:0e:7e:a4:38:c5:62:2b:95:24:de:43:d3: 71:2e:fd:b5:53:27:7c:f7:df:3e:a5:7d:76:c0:17:e7:39:06: c5:e6:a5:b2:17:6d:e2:63:19:61:bc:1b:11:93:f7:d3:22:62: 45:f5:c6:2e:0a:c2:a8:00:10:6c:46:fd:42:28:65:2d:b2:01: dc:76:f1:db:d0:aa:ff:fc:3e:b6:14:45:b6:da:11:cf:53:da: 2b:23:ba:db:8c:60:f8:ee:6c:26:7f:01:9f:af:f2:c8:16:2f: f6:ae:67:94:86:11:ac:6d:0b:b9:f2:a5:e0:0e:33:b8:0f:36: f5:e0:57:eb:c0:fc:fb:90:a6:0c:d9:a9:8d:74:fa:08:a6:e0: f2:ce:fc:0f:f6:36:27:db:76:6a:d5:8a:bc:8c:eb:ac:af:0e: e9:92:9f:92:59:7e:84:92:53:07:40:e1:15:ee:1f:6d:b3:9c: de:4a:74:71:69:0f:fd:e8:62:1b:ec:b8:05:e5:ac:ec:d8:34: 4f:dd:c0:74:ad:19:cd:29:ed:08:68:3e:b4:c0:67:94:e7:22: 2f:74:84:fe:65:39:28:e8:da:d9:5f:27:eb:80:7c:7f:94:bc: 48:33:63:9d:89:e8:07:60:2a:10:50:77:d6:87:71:7a:32:0f: 7e:9e:de:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7opUCxJDxNtH+ERuX6JOQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli ZDNhOWEwHhcNMjUxMjIwMTIwMTA5WhcNMjUxMjIxMTIwMTA5WjAzMTEwLwYDVQQD EyhlMWUyOWIwODQ5NjQyNzc1MWU5MWM3Njk2Mzg3NWJmZGE2MzUyMTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47U2ngkMxBwEY1Kp6YlpRVRq5Ufl p8Hr7ltYE5rSYNNym2Yi3yfuA36/GF/u7JSo3/+W/YPkmljjbpA0zELSyZFFw09J CNkdKhUGOqu1pIyODdzKzHbD2VoJaCfFwdgBpNH2zRi8AIhP48pWr4ZaXsN8zVLD I8yYhYpMygoQd/1rv3u7aCHQ9WNiFD7Hh6hS6UTipcOXEgHR35bubZFPlbQa8Ay+ VQqZGuQpa35rxzKuhmtPof/hk532V5/6T52IhF5GxBTijyXEaij0rZkQCYGlS0V1 48KWP5Xowj1NfPZ8XbgYHQNLoPtlp0AGLXiFyF5mYHHwoNA+7WeMMKsbYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOHimwhJZCd1HpHHaWOHW/2mNSF2MB8GA1UdIwQY MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlALUsOGo Dn6kOMViK5Uk3kPTcS79tVMnfPffPqV9dsAX5zkGxealshdt4mMZYbwbEZP30yJi RfXGLgrCqAAQbEb9QihlLbIB3Hbx29Cq//w+thRFttoRz1PaKyO624xg+O5sJn8B n6/yyBYv9q5nlIYRrG0LufKl4A4zuA829eBX68D8+5CmDNmpjXT6CKbg8s78D/Y2 J9t2atWKvIzrrK8O6ZKfkll+hJJTB0DhFe4fbbOc3kp0cWkP/ehiG+y4BeWs7Ng0 T93AdK0ZzSntCGg+tMBnlOciL3SE/mU5KOja2V8n64B8f5S8SDNjnYnoB2AqEFB3 1odxejIPfp7ekQ== -----END CERTIFICATE-----Generated at Sat Dec 20 16:02:55 2025 by rpki-client