This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft File: O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft (raw, json) Hash identifier: JvGyVDpdeUhxeoBR6L0eClZlv4thguhULRlrrQ3ezRc= Subject key identifier: 44:50:D1:55:5C:F8:63:F2:64:04:08:57:D1:9F:28:3D:EA:F6:E5:BB Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34 Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334 Certificate serial: 019B41DB92911225066696BF81EA73491510 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft Manifest number: 0C1A Signing time: Sun 21 Dec 2025 17:01:07 +0000 Manifest this update: Sun 21 Dec 2025 17:01:07 +0000 Manifest next update: Mon 22 Dec 2025 17:01:07 +0000 Files and hashes: 1: O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl (hash: s3Mutz/xjflZU6395fIWKVoB3Di6y/5aTjk1uSfWJQY=) 2: iKF-Q9PfXOLXW4CJahZRW_VogkE.roa (hash: +qqtPKI3qMehNAw49JzdFyEOoExudNvSKeInlgLAy1I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:db:92:91:12:25:06:66:96:bf:81:ea:73:49:15:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334 Validity Not Before: Dec 21 17:01:07 2025 GMT Not After : Dec 22 17:01:07 2025 GMT Subject: CN=4450d1555cf863f264040857d19f283deaf6e5bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1f:c3:9d:40:4e:af:4e:97:33:00:3c:5a:84: e0:ff:d1:c0:51:30:1d:2f:56:3f:db:12:20:66:31: 62:ed:78:37:4e:f0:ae:a0:2c:22:23:5f:59:39:53: c0:9d:73:2f:bc:8a:01:e7:e3:c6:cf:99:49:d0:90: 2d:4b:b7:d8:8b:1a:b0:dc:e5:ba:85:de:10:13:fc: ae:73:7f:11:57:1e:16:2c:e8:fb:97:d8:0c:e2:c3: 7c:35:6a:c2:f7:84:51:c4:71:ab:53:0f:ba:f3:39: 52:67:2c:69:83:ab:56:5f:c0:6b:44:fb:eb:a3:09: b8:ec:9c:03:46:e3:a0:74:3c:4b:48:40:e5:c3:8c: 07:8d:26:a7:9e:01:cc:ba:7a:fd:b2:b6:bb:33:d8: 3d:6f:44:cc:fd:15:58:4e:a7:12:ff:a5:38:df:db: d7:45:e8:dd:9e:9b:1c:d7:78:21:0c:bd:b1:fd:45: 35:15:86:6d:3b:f8:9b:f7:ca:3f:1e:4f:d2:02:1c: d1:3e:fe:57:cf:c5:d7:86:a2:46:31:a0:94:4a:29: 90:20:43:2a:38:50:e1:76:4d:b3:ca:79:02:df:df: 4a:af:97:da:4b:1f:d7:3a:35:4c:95:43:01:40:55: 2c:68:e6:26:f6:e9:49:e7:5a:46:96:40:ff:4d:f7: 51:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:50:D1:55:5C:F8:63:F2:64:04:08:57:D1:9F:28:3D:EA:F6:E5:BB X509v3 Authority Key Identifier: keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:07:5a:9f:fd:c2:be:74:7d:af:5e:e3:c0:ac:95:29:c5:5c: 06:b2:56:39:1f:52:a2:bd:a0:86:9c:32:a3:f6:13:f6:dc:58: 98:73:cb:28:c1:98:ae:6c:eb:84:18:ad:48:1f:73:d7:4f:81: 64:cd:2a:21:85:06:0e:f0:ff:8a:05:15:4f:47:8a:b9:a5:62: ac:b6:17:38:d3:c2:7c:b8:56:83:8e:23:40:55:a5:38:aa:13: 17:2f:c8:6a:29:33:f2:57:54:67:8f:2b:63:71:2f:c8:03:4a: da:79:14:bc:94:37:df:bc:d0:76:34:1f:0d:00:ed:18:31:23: 9b:00:7b:f5:fe:d3:ae:48:69:36:44:a4:71:64:7c:ee:cd:20: 30:43:e8:9a:97:60:fd:b2:71:30:4b:e6:9b:d5:ac:57:b1:32: 77:a2:47:d8:7c:5a:4b:61:7b:63:e9:d1:61:31:92:9c:63:7f: b5:5a:08:83:68:5a:9a:fb:b5:8a:ab:74:44:d1:b0:e3:4b:1a: 30:a0:9a:89:4c:50:95:86:ec:2a:e1:57:2c:fb:07:21:7b:4e: 67:88:7a:ce:37:4f:cf:96:bd:d7:40:43:53:a7:25:fb:5f:cc: 11:c2:e4:69:16:a3:03:df:67:0d:e7:b0:d0:d4:ce:ea:27:e4: 6b:2b:af:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtB25KREiUGZpa/gepzSRUQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx OWIzMzQwHhcNMjUxMjIxMTcwMTA3WhcNMjUxMjIyMTcwMTA3WjAzMTEwLwYDVQQD Eyg0NDUwZDE1NTVjZjg2M2YyNjQwNDA4NTdkMTlmMjgzZGVhZjZlNWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR/DnUBOr06XMwA8WoTg/9HAUTAd L1Y/2xIgZjFi7Xg3TvCuoCwiI19ZOVPAnXMvvIoB5+PGz5lJ0JAtS7fYixqw3OW6 hd4QE/yuc38RVx4WLOj7l9gM4sN8NWrC94RRxHGrUw+68zlSZyxpg6tWX8BrRPvr owm47JwDRuOgdDxLSEDlw4wHjSanngHMunr9sra7M9g9b0TM/RVYTqcS/6U439vX Rejdnpsc13ghDL2x/UU1FYZtO/ib98o/Hk/SAhzRPv5Xz8XXhqJGMaCUSimQIEMq OFDhdk2zynkC399Kr5faSx/XOjVMlUMBQFUsaOYm9ulJ51pGlkD/TfdRlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFERQ0VVc+GPyZAQIV9GfKD3q9uW7MB8GA1UdIwQY MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt YzcxNjFkYzVjMDg3LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3 LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagdan/3C vnR9r17jwKyVKcVcBrJWOR9Sor2ghpwyo/YT9txYmHPLKMGYrmzrhBitSB9z10+B ZM0qIYUGDvD/igUVT0eKuaVirLYXONPCfLhWg44jQFWlOKoTFy/Iaikz8ldUZ48r Y3EvyANK2nkUvJQ337zQdjQfDQDtGDEjmwB79f7TrkhpNkSkcWR87s0gMEPompdg /bJxMEvmm9WsV7Eyd6JH2HxaS2F7Y+nRYTGSnGN/tVoIg2hamvu1iqt0RNGw40sa MKCaiUxQlYbsKuFXLPsHIXtOZ4h6zjdPz5a910BDU6cl+1/MEcLkaRajA99nDeew 0NTO6ifkayuvuw== -----END CERTIFICATE-----Generated at Sun Dec 21 18:58:10 2025 by rpki-client