This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft File: ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json) Hash identifier: 7itNgGUaRSIlolpEV7UPHg23oeUCKb7CkXUynNhdaYs= Subject key identifier: 84:E5:27:0F:D2:75:97:CF:39:0F:86:AF:26:B1:FB:77:59:9A:D1:FB Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9 Certificate issuer: /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9 Certificate serial: 019B6CC6D6842EC4CCC2FE154A25A3E50294 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft Manifest number: 0F9F Signing time: Tue 30 Dec 2025 01:02:08 +0000 Manifest this update: Tue 30 Dec 2025 01:02:08 +0000 Manifest next update: Wed 31 Dec 2025 01:02:08 +0000 Files and hashes: 1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: zi9AjjQ2Ehe0SQbGS5g5FUoeiSh8okz4VVShycEk20o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c6:d6:84:2e:c4:cc:c2:fe:15:4a:25:a3:e5:02:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9 Validity Not Before: Dec 30 01:02:08 2025 GMT Not After : Dec 31 01:02:08 2025 GMT Subject: CN=84e5270fd27597cf390f86af26b1fb77599ad1fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e1:58:fb:48:36:a3:f1:af:46:1d:25:71:de: 3a:3c:20:8a:b6:d6:87:e0:0b:ab:57:b5:28:10:99: 5c:c3:35:68:b6:93:22:da:5a:b3:ad:92:7b:5e:08: 4a:6e:98:7a:24:f8:04:6a:e1:9b:e4:30:a0:65:fb: ba:80:d8:a2:7e:36:d2:64:f7:7f:da:84:cc:33:47: ca:19:01:c2:75:a6:85:3e:0e:b3:e8:61:c9:35:15: a0:e8:d1:46:e5:08:b2:79:bd:79:a1:33:17:ed:8e: eb:ec:9c:58:e6:22:43:49:cd:a5:df:0b:6b:49:9e: 36:ed:33:72:a8:73:a0:ee:d2:ed:19:e3:59:87:28: 36:87:7c:b4:c0:43:99:ae:c1:4c:00:d4:d0:0a:92: 3a:7e:0f:23:1f:ab:fb:77:6c:94:83:0a:1e:6b:34: 90:f2:b7:ee:1a:3f:49:1a:13:29:85:c6:15:5f:1b: a6:f8:57:d7:2e:3e:81:8e:62:20:5e:29:75:d4:53: 96:a5:f9:c7:90:a0:00:62:92:0a:13:06:4d:8c:f8: ee:75:75:0a:49:15:c2:25:ca:29:ef:f5:d8:35:a1: 95:46:63:2e:74:be:43:13:ff:e1:10:05:c4:cf:bf: ab:f3:f6:2f:89:de:36:0e:e5:e9:57:6c:7a:47:b2: c2:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:E5:27:0F:D2:75:97:CF:39:0F:86:AF:26:B1:FB:77:59:9A:D1:FB X509v3 Authority Key Identifier: keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:eb:d6:b1:f6:a8:97:f2:57:35:93:40:43:07:cc:95:80:1f: 4d:f0:f9:ad:c5:48:a1:a4:1d:2f:ce:39:21:45:2e:4b:2d:cb: 07:a7:f1:27:22:bd:f2:6f:b4:f6:47:4f:80:6a:db:bf:cf:88: 5a:94:35:63:d1:02:a8:1a:05:da:ff:af:05:96:1a:22:91:6d: d9:5a:a7:42:6b:52:22:ca:f6:a2:0b:75:26:f1:e9:ac:21:c5: 33:37:cd:ec:20:74:71:3e:be:87:8f:13:69:8f:32:78:41:75: 7d:9d:6b:dd:58:74:a7:0c:2f:9c:77:42:6d:21:b7:79:fe:80: e7:81:a9:45:c1:56:d3:59:19:c1:b8:f3:45:50:19:82:f4:cd: f4:88:a2:fd:bb:2f:be:92:d7:7d:b7:f7:a8:98:6e:d0:13:24: 12:7c:68:88:be:e2:ed:05:23:98:01:35:d3:35:95:34:db:d3: 9e:73:f2:42:6c:33:f0:58:25:d6:82:47:72:21:0d:45:89:75: 33:4e:0b:0c:8a:3f:2d:90:6c:e9:43:1b:fa:f7:9c:d7:60:61: 2b:fa:94:99:9d:36:e1:e3:5b:f9:de:56:0a:3e:63:f5:c5:fd: 1f:e4:7f:db:d4:90:5c:ce:06:c2:ed:a2:1c:19:f7:43:3c:ff: cb:e2:e4:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxtaELsTMwv4VSiWj5QKUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1 ZmM2ZTkwHhcNMjUxMjMwMDEwMjA4WhcNMjUxMjMxMDEwMjA4WjAzMTEwLwYDVQQD Eyg4NGU1MjcwZmQyNzU5N2NmMzkwZjg2YWYyNmIxZmI3NzU5OWFkMWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuFY+0g2o/GvRh0lcd46PCCKttaH 4AurV7UoEJlcwzVotpMi2lqzrZJ7XghKbph6JPgEauGb5DCgZfu6gNiifjbSZPd/ 2oTMM0fKGQHCdaaFPg6z6GHJNRWg6NFG5Qiyeb15oTMX7Y7r7JxY5iJDSc2l3wtr SZ427TNyqHOg7tLtGeNZhyg2h3y0wEOZrsFMANTQCpI6fg8jH6v7d2yUgwoeazSQ 8rfuGj9JGhMphcYVXxum+FfXLj6BjmIgXil11FOWpfnHkKAAYpIKEwZNjPjudXUK SRXCJcop7/XYNaGVRmMudL5DE//hEAXEz7+r8/Yvid42DuXpV2x6R7LCcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFITlJw/SdZfPOQ+Gryax+3dZmtH7MB8GA1UdIwQY MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3 LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADevWsfao l/JXNZNAQwfMlYAfTfD5rcVIoaQdL845IUUuSy3LB6fxJyK98m+09kdPgGrbv8+I WpQ1Y9ECqBoF2v+vBZYaIpFt2VqnQmtSIsr2ogt1JvHprCHFMzfN7CB0cT6+h48T aY8yeEF1fZ1r3Vh0pwwvnHdCbSG3ef6A54GpRcFW01kZwbjzRVAZgvTN9Iii/bsv vpLXfbf3qJhu0BMkEnxoiL7i7QUjmAE10zWVNNvTnnPyQmwz8Fgl1oJHciENRYl1 M04LDIo/LZBs6UMb+vec12BhK/qUmZ024eNb+d5WCj5j9cX9H+R/29SQXM4Gwu2i HBn3Qzz/y+LkMQ== -----END CERTIFICATE-----Generated at Tue Dec 30 07:13:08 2025 by rpki-client