This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.mft File: OQW37By46JWiW9SsZ7wxZmFdi2I.mft (raw, json) Hash identifier: 7hYdrawq7eP7+gQTYSPDTgsVQCkjyOOwoQQV1R5YeQw= Subject key identifier: 99:86:20:40:A0:29:06:03:B8:54:80:52:2F:81:DF:80:72:E9:6C:AF Authority key identifier: 39:05:B7:EC:1C:B8:E8:95:A2:5B:D4:AC:67:BC:31:66:61:5D:8B:62 Certificate issuer: /CN=3905b7ec1cb8e895a25bd4ac67bc3166615d8b62 Certificate serial: 019B42B6C3D40566C4745D7FBB124C28CCAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQW37By46JWiW9SsZ7wxZmFdi2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.mft Manifest number: 086F Signing time: Sun 21 Dec 2025 21:00:32 +0000 Manifest this update: Sun 21 Dec 2025 21:00:32 +0000 Manifest next update: Mon 22 Dec 2025 21:00:32 +0000 Files and hashes: 1: GzEFY4FMaNIn9ALjdEIyqJJseSE.roa (hash: A0TZx6QvZikNrmKwA+Q10TiJHkrQxZ4XZGZdjheoj80=) 2: OQW37By46JWiW9SsZ7wxZmFdi2I.crl (hash: k4rgUi95DoiRdi7pCQsjdLsiDuNWxlw1g2v9FkFTr3g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.mft rsync://rpki.ripe.net/repository/DEFAULT/OQW37By46JWiW9SsZ7wxZmFdi2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b6:c3:d4:05:66:c4:74:5d:7f:bb:12:4c:28:cc:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3905b7ec1cb8e895a25bd4ac67bc3166615d8b62 Validity Not Before: Dec 21 21:00:32 2025 GMT Not After : Dec 22 21:00:32 2025 GMT Subject: CN=99862040a0290603b85480522f81df8072e96caf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:fe:06:27:a5:53:47:26:33:d3:6d:27:40:a9: dc:ca:76:0b:eb:72:93:04:fc:59:7a:d0:5b:f8:84: a5:a6:c0:fc:23:ff:05:01:7b:be:90:b2:05:f6:79: 19:75:cc:8b:bb:da:60:af:5d:0e:b7:39:d2:bb:83: 95:fe:2f:d2:c5:8d:4c:59:37:b5:68:3f:53:27:28: 17:e0:74:20:8e:5b:bb:02:e8:ac:e2:47:ca:da:df: 39:e7:d0:9d:96:14:a6:40:5b:e7:56:cc:55:6b:91: 55:ef:70:26:22:f7:97:09:4c:d6:5e:0e:e1:af:8c: 8e:8f:09:13:db:60:5c:20:fe:b9:93:fe:ae:5a:40: 30:cc:7c:e0:65:a5:43:37:d0:71:69:ec:9b:ca:5a: d4:da:d8:30:81:c6:a8:9e:b7:92:f3:42:d8:77:e3: 8c:ce:33:46:d4:57:90:cf:ca:2b:86:f4:b5:2e:ff: df:12:96:15:7a:5f:5c:1e:90:86:de:be:fb:2b:9d: 89:2a:24:fb:64:80:bd:a3:f8:ed:6f:d0:f3:75:82: 8d:5d:2c:58:24:26:de:b4:ce:e4:a3:56:c3:c0:9a: b9:93:93:3e:82:f3:a9:ad:44:f8:5d:1a:f6:0f:87: 2b:7e:18:06:d7:54:46:a4:87:e7:f3:62:83:1c:ad: 4e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:86:20:40:A0:29:06:03:B8:54:80:52:2F:81:DF:80:72:E9:6C:AF X509v3 Authority Key Identifier: keyid:39:05:B7:EC:1C:B8:E8:95:A2:5B:D4:AC:67:BC:31:66:61:5D:8B:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQW37By46JWiW9SsZ7wxZmFdi2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4e6b43-13d7-4d3b-92ed-d9aebe43ef42/1/OQW37By46JWiW9SsZ7wxZmFdi2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:ed:ec:37:2c:22:48:c4:75:00:8a:2b:fc:bc:b2:df:d0:c6: b0:0f:29:91:5e:c2:3e:ef:48:77:a4:ae:c9:c8:4b:cf:60:8c: 15:ea:d0:b2:25:57:fd:05:cb:6d:46:e5:3e:c1:15:72:f6:80: 62:a2:9f:6b:7b:55:53:ca:bc:d7:04:fa:b7:64:18:c4:a2:00: 7f:63:2d:74:fe:e8:30:08:20:f4:f2:28:36:5e:9c:a0:e7:8a: 7b:e0:46:21:fb:87:c4:34:ab:16:ac:25:5f:a6:54:29:8f:6d: 46:dd:12:8d:75:11:7c:33:55:97:15:46:df:4f:31:71:73:9e: 8c:4f:ca:ca:9a:3f:a4:99:3a:02:2f:5f:1c:df:22:21:95:1f: b6:fc:60:97:37:53:d4:2e:86:6b:3a:5e:3a:3c:9d:4e:ee:c9: 57:0f:f4:62:42:b6:0d:d5:73:93:e2:1f:10:cb:b4:41:69:36: 70:af:2d:40:70:8e:bd:e4:24:d3:2f:d4:48:3f:85:9b:8f:42: fd:55:56:4d:29:bc:1e:f3:8f:bd:df:bb:c6:6f:58:82:f9:ec: 2d:b8:0e:a3:1d:51:2b:06:75:a0:4b:6c:5d:ca:6f:c2:be:6e: 2a:02:01:79:f4:f5:fc:f0:28:f7:1c:d5:c2:f7:4e:c4:3e:1d: 29:be:93:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCtsPUBWbEdF1/uxJMKMyrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MDViN2VjMWNiOGU4OTVhMjViZDRhYzY3YmMzMTY2NjE1 ZDhiNjIwHhcNMjUxMjIxMjEwMDMyWhcNMjUxMjIyMjEwMDMyWjAzMTEwLwYDVQQD Eyg5OTg2MjA0MGEwMjkwNjAzYjg1NDgwNTIyZjgxZGY4MDcyZTk2Y2FmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf4GJ6VTRyYz020nQKncynYL63KT BPxZetBb+ISlpsD8I/8FAXu+kLIF9nkZdcyLu9pgr10OtznSu4OV/i/SxY1MWTe1 aD9TJygX4HQgjlu7Auis4kfK2t8559CdlhSmQFvnVsxVa5FV73AmIveXCUzWXg7h r4yOjwkT22BcIP65k/6uWkAwzHzgZaVDN9BxaeybylrU2tgwgcaonreS80LYd+OM zjNG1FeQz8orhvS1Lv/fEpYVel9cHpCG3r77K52JKiT7ZIC9o/jtb9DzdYKNXSxY JCbetM7ko1bDwJq5k5M+gvOprUT4XRr2D4crfhgG11RGpIfn82KDHK1OMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJmGIECgKQYDuFSAUi+B34By6WyvMB8GA1UdIwQY MBaAFDkFt+wcuOiVolvUrGe8MWZhXYtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1FXMzdCeTQ2SldpVzlTc1o3d3habUZkaTJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80ZTZiNDMtMTNkNy00ZDNiLTkyZWQt ZDlhZWJlNDNlZjQyLzEvT1FXMzdCeTQ2SldpVzlTc1o3d3habUZkaTJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS80ZTZiNDMtMTNkNy00ZDNiLTkyZWQtZDlhZWJlNDNlZjQy LzEvT1FXMzdCeTQ2SldpVzlTc1o3d3habUZkaTJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATO3sNywi SMR1AIor/Lyy39DGsA8pkV7CPu9Id6SuychLz2CMFerQsiVX/QXLbUblPsEVcvaA YqKfa3tVU8q81wT6t2QYxKIAf2MtdP7oMAgg9PIoNl6coOeKe+BGIfuHxDSrFqwl X6ZUKY9tRt0SjXURfDNVlxVG308xcXOejE/Kypo/pJk6Ai9fHN8iIZUftvxglzdT 1C6GazpeOjydTu7JVw/0YkK2DdVzk+IfEMu0QWk2cK8tQHCOveQk0y/USD+Fm49C /VVWTSm8HvOPvd+7xm9YgvnsLbgOox1RKwZ1oEtsXcpvwr5uKgIBefT1/PAo9xzV wvdOxD4dKb6TmQ== -----END CERTIFICATE-----Generated at Mon Dec 22 02:34:59 2025 by rpki-client