This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft File: OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json) Hash identifier: a1/HOgS25tvbGKB1aQLZsQQSmuHFjj8Cxput+GYWlk0= Subject key identifier: 5B:DE:68:29:C7:3D:1E:17:EE:DC:05:38:43:8D:CD:79:77:60:2E:77 Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD Certificate issuer: /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Certificate serial: 019B4994D41F20CC0CA23C3AA8B4244C3DBB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft Manifest number: 0368 Signing time: Tue 23 Dec 2025 05:00:48 +0000 Manifest this update: Tue 23 Dec 2025 05:00:48 +0000 Manifest next update: Wed 24 Dec 2025 05:00:48 +0000 Files and hashes: 1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: fgWhuB08D7/R1rc9h4trW07URE8IQ95p/ePgh76fKHk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:94:d4:1f:20:cc:0c:a2:3c:3a:a8:b4:24:4c:3d:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Validity Not Before: Dec 23 05:00:48 2025 GMT Not After : Dec 24 05:00:48 2025 GMT Subject: CN=5bde6829c73d1e17eedc0538438dcd7977602e77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:50:4c:c7:55:70:64:38:f2:15:26:56:0f:35: 01:80:8b:76:6a:51:bc:68:1a:93:23:82:b8:5f:62: 22:2c:41:18:87:8a:91:97:3b:c9:92:66:dd:04:12: 72:a9:34:99:c3:35:60:9b:e8:78:c1:ff:05:52:40: d6:c1:57:2e:a8:ed:87:67:74:bb:63:23:2a:3d:bb: f4:b0:2d:9c:23:6c:ad:7f:1e:a7:98:ec:5c:98:16: 38:f2:22:15:96:af:64:50:55:8d:d3:bf:8f:0a:f5: b6:41:5a:a8:b7:2c:f6:c2:94:0f:4e:6a:bd:a8:c2: 0a:10:ca:25:5d:cc:c0:fa:1a:f8:68:16:24:b0:4a: 16:a9:02:65:e0:46:2f:cf:44:f1:dd:7a:72:6b:d3: 49:55:26:d7:f8:0c:3e:76:82:25:df:18:63:3b:81: 1e:f4:7c:2c:1f:91:0a:21:c8:e9:d5:bd:07:9d:fc: d5:25:48:ef:9f:8f:c7:bc:78:62:a1:51:cb:ba:d8: 9a:2f:2b:54:c0:4f:8f:2c:da:1c:c2:f4:9c:b3:7c: b7:bb:41:69:5e:cf:a7:0c:05:04:c8:9c:21:73:bb: 47:1e:2b:11:9e:43:c3:e6:0a:fe:74:c0:3b:dc:67: 35:b4:4a:5c:9e:bb:de:b3:6f:11:50:b9:3d:ba:62: 9a:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:DE:68:29:C7:3D:1E:17:EE:DC:05:38:43:8D:CD:79:77:60:2E:77 X509v3 Authority Key Identifier: keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:6f:fb:0f:d8:9a:8b:f6:17:42:7d:4a:98:f1:9d:e1:96:a9: 4f:0b:67:e2:92:2c:81:ea:b9:04:d8:bc:7a:89:0e:37:3d:34: 51:e4:2a:fd:b4:03:50:3b:d7:c4:c3:9c:9e:74:0a:54:26:32: 5c:1e:b8:6a:7c:a8:38:aa:a5:aa:23:33:ea:de:69:0a:f2:43: 81:b9:6f:36:a9:83:d9:78:d1:ce:8a:06:b7:5f:ae:cf:83:d3: 5e:df:88:31:da:db:4a:f9:52:1a:46:3a:ee:bb:06:6a:13:42: 4a:1a:6a:d3:5b:9c:3f:21:2a:45:cf:02:a9:ed:2a:c0:04:60: 58:29:fe:db:f1:5e:2a:0e:ec:88:00:0a:e7:bb:8e:b6:81:02: 56:9c:28:3e:a5:64:bd:ab:bf:58:44:6a:14:d0:55:38:e7:8c: 47:d4:1a:9b:1f:59:13:c5:95:b4:c3:fe:37:2f:84:13:c1:da: ef:1d:c5:69:72:da:81:32:fb:11:85:90:8f:b3:67:32:a1:18: c9:7a:d7:c8:e9:21:b2:9d:ce:60:09:85:93:39:ad:11:d6:a6: d4:4f:6b:4d:7a:5c:57:92:98:55:26:0a:67:67:a0:dc:c4:d6: aa:e4:dc:ce:cc:35:a8:bc:bf:2a:df:ba:4d:cd:14:83:8e:d2: b9:c2:a6:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJlNQfIMwMojw6qLQkTD27MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2 NjYxYWQwHhcNMjUxMjIzMDUwMDQ4WhcNMjUxMjI0MDUwMDQ4WjAzMTEwLwYDVQQD Eyg1YmRlNjgyOWM3M2QxZTE3ZWVkYzA1Mzg0MzhkY2Q3OTc3NjAyZTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBMx1VwZDjyFSZWDzUBgIt2alG8 aBqTI4K4X2IiLEEYh4qRlzvJkmbdBBJyqTSZwzVgm+h4wf8FUkDWwVcuqO2HZ3S7 YyMqPbv0sC2cI2ytfx6nmOxcmBY48iIVlq9kUFWN07+PCvW2QVqotyz2wpQPTmq9 qMIKEMolXczA+hr4aBYksEoWqQJl4EYvz0Tx3Xpya9NJVSbX+Aw+doIl3xhjO4Ee 9HwsH5EKIcjp1b0HnfzVJUjvn4/HvHhioVHLutiaLytUwE+PLNocwvScs3y3u0Fp Xs+nDAUEyJwhc7tHHisRnkPD5gr+dMA73Gc1tEpcnrves28RULk9umKaiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFveaCnHPR4X7twFOEONzXl3YC53MB8GA1UdIwQY MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0 LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAm/7D9ia i/YXQn1KmPGd4ZapTwtn4pIsgeq5BNi8eokONz00UeQq/bQDUDvXxMOcnnQKVCYy XB64anyoOKqlqiMz6t5pCvJDgblvNqmD2XjRzooGt1+uz4PTXt+IMdrbSvlSGkY6 7rsGahNCShpq01ucPyEqRc8Cqe0qwARgWCn+2/FeKg7siAAK57uOtoECVpwoPqVk vau/WERqFNBVOOeMR9Qamx9ZE8WVtMP+Ny+EE8Ha7x3FaXLagTL7EYWQj7NnMqEY yXrXyOkhsp3OYAmFkzmtEdam1E9rTXpcV5KYVSYKZ2eg3MTWquTczsw1qLy/Kt+6 Tc0Ug47SucKmgQ== -----END CERTIFICATE-----Generated at Tue Dec 23 10:47:34 2025 by rpki-client