This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json) Hash identifier: tbWR15CFxECxFu2rVySftA0hVAjes2Xg0UugrO9tlsw= Subject key identifier: C1:55:4F:62:5A:6A:4C:25:EE:9C:18:63:1A:83:CE:7E:12:42:37:20 Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Certificate serial: 019B3C7DBDC90B6244F6286341344E7DE9FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft Manifest number: 048D Signing time: Sat 20 Dec 2025 16:00:31 +0000 Manifest this update: Sat 20 Dec 2025 16:00:31 +0000 Manifest next update: Sun 21 Dec 2025 16:00:31 +0000 Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=) 2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: P7SxcX4j8G6WKp64eBvcPzb5JOMjEkx/dSmXFgGVoCo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:bd:c9:0b:62:44:f6:28:63:41:34:4e:7d:e9:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Validity Not Before: Dec 20 16:00:31 2025 GMT Not After : Dec 21 16:00:31 2025 GMT Subject: CN=c1554f625a6a4c25ee9c18631a83ce7e12423720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:24:7f:4f:77:9e:45:08:f8:28:f1:9e:ef:b3: ed:89:82:c2:a1:af:f1:5e:54:f1:5d:f3:04:06:b4: 43:97:65:6d:7b:d4:d0:59:da:d3:3d:95:b7:be:96: a7:27:3c:e7:52:1d:49:91:7b:e1:a0:cd:d8:5d:12: cf:cf:3c:84:34:9b:aa:24:ff:af:bb:f6:5b:c1:a6: aa:70:39:1e:c0:cd:74:6e:fe:f7:49:5e:59:6d:01: 8d:42:87:65:be:b2:a8:35:ca:8d:bb:ae:10:09:38: 65:1e:21:ed:16:0e:35:67:8f:1b:1b:dc:d2:3b:e7: 63:e3:f0:be:b3:e4:c6:54:b1:a9:fc:4b:e9:2c:2b: a3:e3:92:29:1b:6f:e9:e4:07:8b:7c:47:de:4d:8c: 39:bd:ae:75:4d:9f:d7:fd:fc:e0:e2:6e:cf:87:fb: 04:0b:97:2b:d6:4f:49:79:b9:fe:63:8e:47:ad:13: ba:a5:00:3b:30:88:31:59:43:19:58:89:ad:8d:9c: 7c:85:e2:08:4c:87:97:74:0a:1d:24:53:e0:ba:8d: 86:f6:d1:27:b9:43:b8:93:7f:5d:8a:bd:2e:73:88: b2:3a:e7:10:73:f2:a2:12:37:5d:c2:d9:47:14:f7: 1f:62:9e:f2:6a:c3:4d:ef:0f:90:bd:a8:2c:0c:d6: a0:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:55:4F:62:5A:6A:4C:25:EE:9C:18:63:1A:83:CE:7E:12:42:37:20 X509v3 Authority Key Identifier: keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:2c:b9:11:5d:24:c7:7b:85:a1:98:29:cc:1f:57:66:87:c5: 8a:a6:82:18:14:88:91:ce:5e:e1:59:0d:83:12:c1:d5:a6:ec: b0:35:3c:60:9f:a0:a9:14:c9:a3:e4:06:92:06:8a:1b:93:01: 75:b9:94:92:17:47:69:e4:6c:74:78:bb:f0:dd:de:39:43:fd: 04:d3:ab:f7:7b:17:97:a7:15:eb:75:55:cf:e5:0e:84:90:f9: 37:99:86:ea:eb:bb:e9:d4:1a:26:52:d6:39:df:94:8a:c1:60: c8:50:d5:50:97:9e:d3:b4:a5:55:b9:ea:ee:29:66:2d:15:f9: de:34:69:de:74:44:2c:0a:bd:5b:f8:b9:6d:3f:35:c5:c1:7d: 41:79:24:29:fd:a8:ef:0e:3a:54:10:db:25:fb:34:e7:8d:5d: 86:e1:cf:49:0c:c8:9c:17:35:4c:f0:59:95:54:8f:aa:9b:a6: a7:16:5e:42:64:59:c9:bf:42:58:3f:43:2f:32:3e:78:ff:09: 82:21:f1:d9:f3:9d:84:60:4e:c2:95:b7:53:40:1a:d9:02:81: 91:2e:9e:87:34:cf:d8:6a:e9:02:96:0b:85:1a:66:dd:32:0d: be:db:0b:d4:8f:39:e8:6f:62:fb:f8:dd:79:80:00:ca:ea:41: ee:94:a5:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fb3JC2JE9ihjQTROfen7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0 M2ViNzkwHhcNMjUxMjIwMTYwMDMxWhcNMjUxMjIxMTYwMDMxWjAzMTEwLwYDVQQD EyhjMTU1NGY2MjVhNmE0YzI1ZWU5YzE4NjMxYTgzY2U3ZTEyNDIzNzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyR/T3eeRQj4KPGe77PtiYLCoa/x XlTxXfMEBrRDl2Vte9TQWdrTPZW3vpanJzznUh1JkXvhoM3YXRLPzzyENJuqJP+v u/ZbwaaqcDkewM10bv73SV5ZbQGNQodlvrKoNcqNu64QCThlHiHtFg41Z48bG9zS O+dj4/C+s+TGVLGp/EvpLCuj45IpG2/p5AeLfEfeTYw5va51TZ/X/fzg4m7Ph/sE C5cr1k9Jebn+Y45HrRO6pQA7MIgxWUMZWImtjZx8heIITIeXdAodJFPguo2G9tEn uUO4k39dir0uc4iyOucQc/KiEjddwtlHFPcfYp7yasNN7w+QvagsDNagjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMFVT2Jaakwl7pwYYxqDzn4SQjcgMB8GA1UdIwQY MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4 LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyy5EV0k x3uFoZgpzB9XZofFiqaCGBSIkc5e4VkNgxLB1abssDU8YJ+gqRTJo+QGkgaKG5MB dbmUkhdHaeRsdHi78N3eOUP9BNOr93sXl6cV63VVz+UOhJD5N5mG6uu76dQaJlLW Od+UisFgyFDVUJee07SlVbnq7ilmLRX53jRp3nRELAq9W/i5bT81xcF9QXkkKf2o 7w46VBDbJfs0541dhuHPSQzInBc1TPBZlVSPqpumpxZeQmRZyb9CWD9DLzI+eP8J giHx2fOdhGBOwpW3U0Aa2QKBkS6ehzTP2GrpApYLhRpm3TINvtsL1I856G9i+/jd eYAAyupB7pSlmQ== -----END CERTIFICATE-----Generated at Sun Dec 21 00:52:03 2025 by rpki-client