This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json) Hash identifier: iZ7ifuFMArkVbiPuMtQjRJMDN+JS2zIX3uEXtl8iZ0U= Subject key identifier: D4:0D:7E:8C:E8:48:15:DF:2A:54:F7:A9:3B:A1:92:BC:A9:5B:87:C9 Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0 Certificate serial: 019B3A58864A77ACCB7A746834A5BA96EC80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft Manifest number: 1784 Signing time: Sat 20 Dec 2025 06:00:38 +0000 Manifest this update: Sat 20 Dec 2025 06:00:38 +0000 Manifest next update: Sun 21 Dec 2025 06:00:38 +0000 Files and hashes: 1: 7_8yBJLyqtyIR9OHFg7LU1M1Onc.roa (hash: RwjNHeRVHQ2HqUbmJiZCyAxBMEck7wiXEWN73Kexaq4=) 2: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: GNvUypyvOUVaWsTCXsQAvegqR6VTUeMNle4ycvQFMX4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 06:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:58:86:4a:77:ac:cb:7a:74:68:34:a5:ba:96:ec:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0 Validity Not Before: Dec 20 06:00:38 2025 GMT Not After : Dec 21 06:00:38 2025 GMT Subject: CN=d40d7e8ce84815df2a54f7a93ba192bca95b87c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7c:39:be:db:be:e8:e6:eb:a5:05:a9:8c:39: 82:9f:11:5b:89:e9:e5:fa:83:d1:9a:3e:67:88:ce: da:17:5f:2f:31:dc:35:5a:42:05:52:49:05:c1:ec: d0:e9:8f:58:db:19:61:72:d2:03:ee:54:a9:12:f2: 1a:b8:1e:6a:33:d0:11:f5:32:18:ce:e1:bc:6f:d3: d4:aa:71:60:cf:8b:48:8a:4a:91:8f:98:4a:d4:87: 63:ef:06:73:fc:38:c8:33:9d:39:79:1a:82:56:ea: cd:26:58:86:5c:18:68:b0:b1:b1:0e:23:da:ba:c4: 5c:7f:96:6a:ad:85:21:4d:c3:33:4b:c0:66:05:5d: 78:a0:aa:2c:a2:03:35:e2:d4:ab:87:80:37:16:11: 08:5f:82:cf:a7:a2:6b:40:a8:ee:cd:76:34:91:42: 99:b5:bf:24:29:35:94:de:21:f6:d1:ba:1d:02:30: 30:91:f1:e0:1f:ea:56:17:71:93:fc:2c:9d:0b:0d: 3e:38:83:f9:df:70:9e:f7:86:70:7a:be:2d:00:20: 75:1e:3b:9f:85:cc:38:75:e6:11:03:71:3e:53:71: 7e:3b:46:9a:b2:6f:ce:a7:9a:bd:f8:3f:02:73:2f: e6:aa:9e:ae:35:4e:cf:ee:7e:14:d8:bd:e5:e7:91: 8d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:0D:7E:8C:E8:48:15:DF:2A:54:F7:A9:3B:A1:92:BC:A9:5B:87:C9 X509v3 Authority Key Identifier: keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:a6:dc:b2:01:a0:9f:34:26:c6:e2:ac:05:42:14:84:e0:81: e9:a3:c4:07:6b:ee:c8:fe:ea:7a:6f:89:c4:75:db:cc:86:a4: 6e:7a:ee:b2:37:81:cd:fb:45:77:de:36:56:24:f3:44:64:66: 1d:28:60:de:31:a2:c0:c1:77:37:bc:b7:74:16:36:a5:99:69: bc:70:37:10:9f:27:75:64:88:49:9b:ab:f4:70:7e:ab:1f:ed: 7d:ff:7a:2f:5c:48:1c:e0:59:f3:be:a0:96:5f:3a:62:e4:8b: 3d:2e:e9:b7:71:e5:ad:cc:49:b9:e9:99:85:17:0e:d8:85:4e: 27:d6:49:f7:da:3e:af:53:83:16:ec:96:12:67:49:0c:e7:0c: ee:2a:36:b7:ae:55:42:14:ec:8d:37:e5:6a:7f:f7:5d:fb:4c: 6b:fb:d9:ce:8c:87:55:9f:08:95:a0:92:fc:5f:72:80:50:d0: a8:37:6c:dc:e7:19:08:68:a0:f6:26:48:9b:17:12:ce:d2:9d: 90:e8:be:2c:f2:bd:7c:59:2a:55:1e:60:06:a4:66:29:ee:de: c7:27:8e:6a:ce:3e:15:5d:87:4e:d7:1c:18:7c:a2:9f:d8:5c: 5f:7f:57:25:15:8b:ba:05:20:0d:37:cb:4d:03:fd:99:fa:f2: ab:0f:0b:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6WIZKd6zLenRoNKW6luyAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz NjdjZTAwHhcNMjUxMjIwMDYwMDM4WhcNMjUxMjIxMDYwMDM4WjAzMTEwLwYDVQQD EyhkNDBkN2U4Y2U4NDgxNWRmMmE1NGY3YTkzYmExOTJiY2E5NWI4N2M5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3w5vtu+6ObrpQWpjDmCnxFbienl +oPRmj5niM7aF18vMdw1WkIFUkkFwezQ6Y9Y2xlhctID7lSpEvIauB5qM9AR9TIY zuG8b9PUqnFgz4tIikqRj5hK1Idj7wZz/DjIM505eRqCVurNJliGXBhosLGxDiPa usRcf5ZqrYUhTcMzS8BmBV14oKosogM14tSrh4A3FhEIX4LPp6JrQKjuzXY0kUKZ tb8kKTWU3iH20bodAjAwkfHgH+pWF3GT/CydCw0+OIP533Ce94Zwer4tACB1Hjuf hcw4deYRA3E+U3F+O0aasm/Op5q9+D8Ccy/mqp6uNU7P7n4U2L3l55GNqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNQNfozoSBXfKlT3qTuhkrypW4fJMB8GA1UdIwQY MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0 LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnabcsgGg nzQmxuKsBUIUhOCB6aPEB2vuyP7qem+JxHXbzIakbnrusjeBzftFd942ViTzRGRm HShg3jGiwMF3N7y3dBY2pZlpvHA3EJ8ndWSISZur9HB+qx/tff96L1xIHOBZ876g ll86YuSLPS7pt3HlrcxJuemZhRcO2IVOJ9ZJ99o+r1ODFuyWEmdJDOcM7io2t65V QhTsjTflan/3XftMa/vZzoyHVZ8IlaCS/F9ygFDQqDds3OcZCGig9iZImxcSztKd kOi+LPK9fFkqVR5gBqRmKe7exyeOas4+FV2HTtccGHyin9hcX39XJRWLugUgDTfL TQP9mfryqw8L/A== -----END CERTIFICATE-----Generated at Sat Dec 20 13:13:58 2025 by rpki-client