This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft File: O2HIth_0q5daL2xn0LzmN5Ni4v4.mft (raw, json) Hash identifier: d5oHqEljqvFuKi4oGESjOMficc3JRd/ObjX2ysPB1ms= Subject key identifier: 0A:FA:97:A3:DC:DF:38:AE:23:26:AF:85:A3:42:B2:5E:C0:C0:38:70 Authority key identifier: 3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE Certificate issuer: /CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe Certificate serial: 019B3BA2B8090FCD327B131F418DCBF13814 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft Manifest number: 0A9C Signing time: Sat 20 Dec 2025 12:01:18 +0000 Manifest this update: Sat 20 Dec 2025 12:01:18 +0000 Manifest next update: Sun 21 Dec 2025 12:01:18 +0000 Files and hashes: 1: O2HIth_0q5daL2xn0LzmN5Ni4v4.crl (hash: ZG4i15DwAs0YvXkc1FPOn4ORis1On5l9JIkg4zYrofE=) 2: zPHYYf64cnazRpEP2DM-tC5zi20.roa (hash: KRY5tyMHgi4pvRx1DdmJaDKEtzRxICuicXJ6HWfF+Yg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:b8:09:0f:cd:32:7b:13:1f:41:8d:cb:f1:38:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b61c8b61ff4ab975a2f6c67d0bce6379362e2fe Validity Not Before: Dec 20 12:01:18 2025 GMT Not After : Dec 21 12:01:18 2025 GMT Subject: CN=0afa97a3dcdf38ae2326af85a342b25ec0c03870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5b:34:db:3f:fe:a3:8b:09:e3:fc:13:01:3e: ee:17:a0:6b:ab:44:1e:6b:ec:d1:84:b8:d7:61:c5: 0f:a5:47:d5:50:d2:fd:5a:10:be:b3:48:24:58:83: a7:a6:26:9a:ac:b8:27:a5:95:d5:ca:07:0b:11:9d: e4:65:f3:ca:28:0e:5d:e2:1d:cb:af:61:c1:b5:ea: b6:99:ad:a9:18:58:97:e1:8a:4e:d9:62:8f:63:85: 1d:65:c9:15:47:a6:8d:e0:37:7f:27:ce:55:be:71: ea:e4:42:ef:2f:bb:c6:58:0c:41:ef:1f:d5:a9:8d: 85:3c:fb:bd:97:77:39:05:f6:c4:69:3b:6c:55:b1: 7f:d9:70:7a:e4:16:1c:b9:ef:3c:0d:64:d0:08:2b: e5:12:a8:e8:5a:26:97:07:c4:80:e5:b8:7f:f0:d5: cd:bd:6c:1e:a0:9c:73:a8:5f:e4:22:6a:96:d7:6f: 4a:51:5e:d4:b4:a8:8a:88:ea:93:a9:fe:ec:2f:5a: f6:e1:4f:e4:99:42:dd:8e:d2:ee:2f:20:cb:7a:cf: 7c:c1:9a:0e:33:a4:4e:2f:82:e7:01:7d:94:8b:b0: 52:0e:6f:31:e7:b3:60:42:6a:ed:77:43:9e:bb:19: fe:9c:f5:dc:b7:a1:bd:5b:92:f5:b2:af:cd:86:9c: dc:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:FA:97:A3:DC:DF:38:AE:23:26:AF:85:A3:42:B2:5E:C0:C0:38:70 X509v3 Authority Key Identifier: keyid:3B:61:C8:B6:1F:F4:AB:97:5A:2F:6C:67:D0:BC:E6:37:93:62:E2:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2HIth_0q5daL2xn0LzmN5Ni4v4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fc0ed1-5666-4bb7-bb7c-7b627582fd2d/1/O2HIth_0q5daL2xn0LzmN5Ni4v4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:08:a7:f6:05:d5:e4:8e:ba:83:85:35:5e:6a:9c:83:b7:f6: 11:40:ad:17:46:98:56:d8:2f:dd:fb:67:62:44:44:03:96:7f: ab:04:35:07:86:ec:59:53:9e:41:03:0e:01:2f:d7:7e:42:22: b0:36:2e:fa:e4:26:8d:da:37:c6:b5:0d:85:03:d1:cc:c7:13: fb:5c:cf:2b:13:f7:78:f3:f5:a6:99:88:6f:2d:ac:5b:c1:99: 46:b5:29:bb:3e:69:36:44:27:42:a5:a7:e8:2c:ed:40:a5:a6: 6f:16:0b:49:d0:bf:62:5a:c3:43:4d:ba:1f:e9:0a:88:37:24: 4d:a3:10:05:3c:cc:33:c6:bd:a8:c0:fd:f1:b7:d7:d6:63:a7: 37:ce:e1:9a:76:a4:38:2a:00:2a:50:43:c0:99:88:4d:f6:b5: ef:47:eb:b1:4d:b8:75:ab:e1:2d:8b:f5:d9:2b:0f:92:b3:22: f2:57:a0:31:d0:8a:fc:3b:fe:86:44:16:80:f0:92:30:30:38: f9:e0:ac:d5:4f:0f:44:7e:0b:bc:1f:77:ba:90:81:86:ba:03: 96:c9:4f:80:58:aa:51:cd:6f:ae:f7:e1:5f:8d:6e:80:f0:03: 5a:82:22:59:7f:1e:b8:dd:1b:93:b4:53:f3:1d:e2:86:f2:d5: e1:3a:a7:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7orgJD80yexMfQY3L8TgUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNjFjOGI2MWZmNGFiOTc1YTJmNmM2N2QwYmNlNjM3OTM2 MmUyZmUwHhcNMjUxMjIwMTIwMTE4WhcNMjUxMjIxMTIwMTE4WjAzMTEwLwYDVQQD EygwYWZhOTdhM2RjZGYzOGFlMjMyNmFmODVhMzQyYjI1ZWMwYzAzODcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFs02z/+o4sJ4/wTAT7uF6Brq0Qe a+zRhLjXYcUPpUfVUNL9WhC+s0gkWIOnpiaarLgnpZXVygcLEZ3kZfPKKA5d4h3L r2HBteq2ma2pGFiX4YpO2WKPY4UdZckVR6aN4Dd/J85VvnHq5ELvL7vGWAxB7x/V qY2FPPu9l3c5BfbEaTtsVbF/2XB65BYcue88DWTQCCvlEqjoWiaXB8SA5bh/8NXN vWweoJxzqF/kImqW129KUV7UtKiKiOqTqf7sL1r24U/kmULdjtLuLyDLes98wZoO M6ROL4LnAX2Ui7BSDm8x57NgQmrtd0Oeuxn+nPXct6G9W5L1sq/NhpzcxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAr6l6Pc3ziuIyavhaNCsl7AwDhwMB8GA1UdIwQY MBaAFDthyLYf9KuXWi9sZ9C85jeTYuL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2Mt N2I2Mjc1ODJmZDJkLzEvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mYzBlZDEtNTY2Ni00YmI3LWJiN2MtN2I2Mjc1ODJmZDJk LzEvTzJISXRoXzBxNWRhTDJ4bjBMem1ONU5pNHY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgin9gXV 5I66g4U1Xmqcg7f2EUCtF0aYVtgv3ftnYkREA5Z/qwQ1B4bsWVOeQQMOAS/XfkIi sDYu+uQmjdo3xrUNhQPRzMcT+1zPKxP3ePP1ppmIby2sW8GZRrUpuz5pNkQnQqWn 6CztQKWmbxYLSdC/YlrDQ026H+kKiDckTaMQBTzMM8a9qMD98bfX1mOnN87hmnak OCoAKlBDwJmITfa170frsU24davhLYv12SsPkrMi8legMdCK/Dv+hkQWgPCSMDA4 +eCs1U8PRH4LvB93upCBhroDlslPgFiqUc1vrvfhX41ugPADWoIiWX8euN0bk7RT 8x3ihvLV4TqnPw== -----END CERTIFICATE-----Generated at Sat Dec 20 18:51:56 2025 by rpki-client