This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft File: O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft (raw, json) Hash identifier: WWpO0tirClluQHgn/xKafM0fPVQBT9iqPd4MEn7vU10= Subject key identifier: 97:2B:21:D4:72:5A:AC:00:FC:25:CD:8E:49:42:A1:CA:BE:4A:DD:67 Authority key identifier: 3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6 Certificate issuer: /CN=3bed02136698701f74c49f8a2a9e73e84ec981b6 Certificate serial: 019B360E5CC442A53A03E8499D55CF89A647 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft Manifest number: 0BBD Signing time: Fri 19 Dec 2025 10:01:09 +0000 Manifest this update: Fri 19 Dec 2025 10:01:09 +0000 Manifest next update: Sat 20 Dec 2025 10:01:09 +0000 Files and hashes: 1: O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl (hash: 0I1D4JdxPj6/YjxvKwDJcGuqZACDDPOrF+b/sT6i4tI=) 2: w9ICT6cKkgB_pyRYfsBkT7I_e5A.roa (hash: Ogtb5a6VjW8bSqLn3V6UgYjH3Wl670+DPbn1H5LtdUE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0e:5c:c4:42:a5:3a:03:e8:49:9d:55:cf:89:a6:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bed02136698701f74c49f8a2a9e73e84ec981b6 Validity Not Before: Dec 19 10:01:09 2025 GMT Not After : Dec 20 10:01:09 2025 GMT Subject: CN=972b21d4725aac00fc25cd8e4942a1cabe4add67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b0:0f:eb:6f:3a:c6:ec:bb:44:85:52:4f:82: e5:26:04:87:dd:76:ee:53:30:05:16:90:1e:91:cb: ad:80:36:3d:19:c3:30:af:ea:64:aa:25:06:01:f1: 6c:cb:bd:d1:e6:4f:98:65:2c:da:3b:de:58:2d:0b: bc:25:e6:56:bf:6c:ce:bc:2d:6e:63:a3:bc:f4:84: 1d:3f:07:59:c8:ec:5f:49:25:67:b2:96:ee:99:9d: b7:e6:c7:33:0a:5a:81:61:57:72:42:e4:d6:bd:15: 91:72:50:73:81:80:7e:e2:ec:b1:7e:61:c4:bc:23: 4f:62:fc:b4:66:94:50:fd:e9:71:70:c3:ff:9c:63: 82:c6:36:20:f0:2e:b0:2e:11:24:20:3e:32:90:fb: d0:51:53:de:c4:d8:db:0e:1d:65:df:ee:ec:fe:ba: dd:ee:c5:8e:50:31:3d:d7:1c:20:21:01:f9:0a:0d: 6e:56:22:c2:24:65:89:5f:8c:c9:94:f5:c2:7b:51: b5:a9:cc:23:ba:a0:eb:ef:23:d4:d0:ed:78:cc:80: 63:32:a1:9f:17:2b:ba:7b:8e:9f:92:0a:8d:42:a8: 5f:ba:23:c4:09:a7:40:d2:f0:7a:87:7f:b9:2f:47: aa:bb:1e:83:96:c8:4d:81:81:bc:38:72:07:a7:7d: 05:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2B:21:D4:72:5A:AC:00:FC:25:CD:8E:49:42:A1:CA:BE:4A:DD:67 X509v3 Authority Key Identifier: keyid:3B:ED:02:13:66:98:70:1F:74:C4:9F:8A:2A:9E:73:E8:4E:C9:81:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-0CE2aYcB90xJ-KKp5z6E7JgbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9faed1-f642-4e82-8a73-ed99ef64adbf/1/O-0CE2aYcB90xJ-KKp5z6E7JgbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:bd:e8:0f:78:62:70:3b:12:aa:53:bc:73:7f:e6:31:e4:69: 7c:5a:94:30:ef:07:a3:ee:40:6a:b2:2c:5a:01:4f:07:1a:f6: dc:4d:1b:13:83:dc:76:14:c7:47:e3:2b:4c:6a:a7:68:12:f3: 2d:cd:5f:8c:66:33:57:01:d4:8d:61:fd:a6:9c:fe:d9:07:67: 54:eb:5e:1a:38:a9:d8:34:c6:ba:de:8e:b3:f9:1b:8b:5c:58: f9:f2:9a:9e:28:8d:ad:87:1b:e5:90:9b:05:33:51:b7:1b:2f: 87:30:aa:38:40:9e:0e:fc:5e:47:99:90:26:b6:3a:d6:0e:d0: bd:73:28:d8:4b:35:b3:68:7c:31:c7:05:69:df:7c:d0:70:1e: b1:29:ed:94:05:a2:66:fc:16:f4:31:6c:e1:d5:0a:87:c0:86: 39:04:82:64:0b:49:da:2e:77:45:c3:2e:df:13:9e:7a:b0:9d: 25:54:17:03:0d:3c:61:ac:d3:89:1a:d7:63:73:f5:8e:d1:5c: 94:a5:6d:94:e2:c2:46:e3:a4:51:6c:6c:43:6b:87:fd:f1:52: 60:3f:f0:1c:73:a1:9d:c1:3f:5b:01:e0:e2:1f:a4:a6:30:3e: 09:c1:dd:52:d2:95:68:21:af:0d:1c:a9:2b:8d:00:49:44:2c: 9e:75:cf:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DlzEQqU6A+hJnVXPiaZHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZWQwMjEzNjY5ODcwMWY3NGM0OWY4YTJhOWU3M2U4NGVj OTgxYjYwHhcNMjUxMjE5MTAwMTA5WhcNMjUxMjIwMTAwMTA5WjAzMTEwLwYDVQQD Eyg5NzJiMjFkNDcyNWFhYzAwZmMyNWNkOGU0OTQyYTFjYWJlNGFkZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrAP6286xuy7RIVST4LlJgSH3Xbu UzAFFpAekcutgDY9GcMwr+pkqiUGAfFsy73R5k+YZSzaO95YLQu8JeZWv2zOvC1u Y6O89IQdPwdZyOxfSSVnspbumZ235sczClqBYVdyQuTWvRWRclBzgYB+4uyxfmHE vCNPYvy0ZpRQ/elxcMP/nGOCxjYg8C6wLhEkID4ykPvQUVPexNjbDh1l3+7s/rrd 7sWOUDE91xwgIQH5Cg1uViLCJGWJX4zJlPXCe1G1qcwjuqDr7yPU0O14zIBjMqGf Fyu6e46fkgqNQqhfuiPECadA0vB6h3+5L0equx6DlshNgYG8OHIHp30FLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJcrIdRyWqwA/CXNjklCocq+St1nMB8GA1UdIwQY MBaAFDvtAhNmmHAfdMSfiiqec+hOyYG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMt ZWQ5OWVmNjRhZGJmLzEvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS85ZmFlZDEtZjY0Mi00ZTgyLThhNzMtZWQ5OWVmNjRhZGJm LzEvTy0wQ0UyYVljQjkweEotS0twNXo2RTdKZ2JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATr3oD3hi cDsSqlO8c3/mMeRpfFqUMO8Ho+5AarIsWgFPBxr23E0bE4PcdhTHR+MrTGqnaBLz Lc1fjGYzVwHUjWH9ppz+2QdnVOteGjip2DTGut6Os/kbi1xY+fKaniiNrYcb5ZCb BTNRtxsvhzCqOECeDvxeR5mQJrY61g7QvXMo2Es1s2h8MccFad980HAesSntlAWi ZvwW9DFs4dUKh8CGOQSCZAtJ2i53RcMu3xOeerCdJVQXAw08YazTiRrXY3P1jtFc lKVtlOLCRuOkUWxsQ2uH/fFSYD/wHHOhncE/WwHg4h+kpjA+CcHdUtKVaCGvDRyp K40ASUQsnnXPCA== -----END CERTIFICATE-----Generated at Fri Dec 19 13:38:50 2025 by rpki-client