This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft File: oVJWhcluMm8grjcpwDD0T9FJmwU.mft (raw, json) Hash identifier: 8TAkFG5MYiuohT/R5UWigpDdPuJX5UFBVRJtdR1n19I= Subject key identifier: 1C:50:7A:5D:CF:56:1F:71:98:91:08:D4:9C:8D:00:78:05:19:AF:CA Authority key identifier: A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05 Certificate issuer: /CN=a1525685c96e326f20ae3729c030f44fd1499b05 Certificate serial: 019B4C28622E0A910D5F5577F9C29C391893 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft Manifest number: 099C Signing time: Tue 23 Dec 2025 17:01:13 +0000 Manifest this update: Tue 23 Dec 2025 17:01:13 +0000 Manifest next update: Wed 24 Dec 2025 17:01:13 +0000 Files and hashes: 1: oVJWhcluMm8grjcpwDD0T9FJmwU.crl (hash: p3AWxj5z0LwzxfIJS8HCr5laYgGUxWnunYbINTSrKVo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:28:62:2e:0a:91:0d:5f:55:77:f9:c2:9c:39:18:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1525685c96e326f20ae3729c030f44fd1499b05 Validity Not Before: Dec 23 17:01:13 2025 GMT Not After : Dec 24 17:01:13 2025 GMT Subject: CN=1c507a5dcf561f71989108d49c8d00780519afca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f1:2d:e7:08:05:01:a2:9f:c1:fd:fb:64:69: 1b:52:59:b1:49:17:a0:c5:5e:61:54:b4:c1:5f:69: b5:0c:b3:0c:5c:df:b8:85:a4:84:73:6c:67:c4:e9: 53:e1:7e:b0:dc:84:88:98:c0:ab:37:62:66:1c:00: b8:b0:b1:6c:f2:ca:92:c9:5e:a3:50:18:09:96:56: 43:b6:cd:08:74:a7:a4:f0:d5:36:58:e3:40:7f:35: a8:1b:d1:ce:ae:f8:65:d6:a8:cf:01:35:67:e6:02: 2e:58:ef:d8:7e:3a:a1:3e:bb:64:7e:d9:e4:80:e0: 40:a4:2d:af:18:cb:ff:d8:48:b7:f0:8e:17:78:57: 61:61:d8:c2:f7:29:91:6d:45:44:31:c8:22:98:eb: 87:82:42:be:be:82:67:bf:0c:f8:27:1f:5f:1a:f7: b0:e6:3f:40:d5:34:3c:61:96:c1:10:55:e6:89:ad: 1c:b5:bb:06:25:35:2b:d7:67:86:a3:e2:26:04:de: 8f:79:14:91:73:02:42:cf:dd:81:dd:e1:70:94:55: fd:04:a8:54:ba:30:10:47:cb:ae:e4:2c:c6:a6:d2: 9e:87:98:03:6f:9e:3f:34:51:c5:b6:8b:7e:92:54: cf:16:0f:98:e8:e6:5e:9a:02:1d:f9:0d:99:c6:b4: 59:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:50:7A:5D:CF:56:1F:71:98:91:08:D4:9C:8D:00:78:05:19:AF:CA X509v3 Authority Key Identifier: keyid:A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:e7:cf:8d:76:94:ce:36:41:b2:a9:6f:3e:de:73:f6:26:28: 02:ca:42:e1:0a:35:95:59:a0:c8:4c:ef:07:e6:e9:23:8a:e0: 0e:87:ef:e0:e9:e3:a8:75:32:57:42:7e:2d:19:b0:27:58:0e: cd:be:33:1f:c3:c1:d3:e5:df:21:a1:c0:80:6c:27:97:e2:15: 14:29:bb:76:16:2f:43:0b:6d:29:37:3d:4f:38:f9:31:c7:59: 99:76:bc:99:f7:ec:2c:9b:16:95:33:9a:eb:f1:b5:71:68:40: 1a:99:50:d9:ff:9b:88:a3:b5:1f:22:e2:ef:9a:39:57:3b:a6: bc:99:f7:f0:e4:c6:09:24:d5:58:dc:b5:31:78:b5:42:29:8f: f9:e6:07:ee:7b:01:4f:39:aa:8e:44:7c:5e:73:54:b8:84:9a: 2a:5c:52:94:d7:0a:ad:21:ef:3e:1f:9d:55:7e:3d:67:c8:58: cc:38:46:ad:9e:96:d9:a6:78:c3:6b:69:99:6c:52:83:8a:28: 20:8a:7d:76:4d:24:31:ad:19:c3:c4:0d:10:ce:82:f4:62:e9: ed:a8:da:ef:0a:70:c5:18:bc:07:b3:56:e7:64:45:e8:22:91: 61:b4:0e:e9:01:2c:45:e5:88:64:a3:b6:60:b9:07:39:55:08: 78:01:80:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMKGIuCpENX1V3+cKcORiTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNTI1Njg1Yzk2ZTMyNmYyMGFlMzcyOWMwMzBmNDRmZDE0 OTliMDUwHhcNMjUxMjIzMTcwMTEzWhcNMjUxMjI0MTcwMTEzWjAzMTEwLwYDVQQD EygxYzUwN2E1ZGNmNTYxZjcxOTg5MTA4ZDQ5YzhkMDA3ODA1MTlhZmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfEt5wgFAaKfwf37ZGkbUlmxSReg xV5hVLTBX2m1DLMMXN+4haSEc2xnxOlT4X6w3ISImMCrN2JmHAC4sLFs8sqSyV6j UBgJllZDts0IdKek8NU2WONAfzWoG9HOrvhl1qjPATVn5gIuWO/YfjqhPrtkftnk gOBApC2vGMv/2Ei38I4XeFdhYdjC9ymRbUVEMcgimOuHgkK+voJnvwz4Jx9fGvew 5j9A1TQ8YZbBEFXmia0ctbsGJTUr12eGo+ImBN6PeRSRcwJCz92B3eFwlFX9BKhU ujAQR8uu5CzGptKeh5gDb54/NFHFtot+klTPFg+Y6OZemgId+Q2ZxrRZawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBxQel3PVh9xmJEI1JyNAHgFGa/KMB8GA1UdIwQY MBaAFKFSVoXJbjJvIK43KcAw9E/RSZsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAt NDQzNzFiMWNjNzJmLzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAtNDQzNzFiMWNjNzJm LzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQOfPjXaU zjZBsqlvPt5z9iYoAspC4Qo1lVmgyEzvB+bpI4rgDofv4OnjqHUyV0J+LRmwJ1gO zb4zH8PB0+XfIaHAgGwnl+IVFCm7dhYvQwttKTc9Tzj5McdZmXa8mffsLJsWlTOa 6/G1cWhAGplQ2f+biKO1HyLi75o5VzumvJn38OTGCSTVWNy1MXi1QimP+eYH7nsB TzmqjkR8XnNUuISaKlxSlNcKrSHvPh+dVX49Z8hYzDhGrZ6W2aZ4w2tpmWxSg4oo IIp9dk0kMa0Zw8QNEM6C9GLp7aja7wpwxRi8B7NW52RF6CKRYbQO6QEsReWIZKO2 YLkHOVUIeAGANw== -----END CERTIFICATE-----Generated at Tue Dec 23 18:51:49 2025 by rpki-client