This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft File: OFBtgKtZLee-CjMbv0-gBo1BQIo.mft (raw, json) Hash identifier: Le/kVj5y0kYBG/pFhRd34Mr9Yj4jtNLGbJR6kYcME2U= Subject key identifier: 2F:89:9B:73:73:CC:65:C7:81:D0:86:4B:61:23:0B:5C:51:08:25:53 Authority key identifier: 38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A Certificate issuer: /CN=38506d80ab592de7be0a331bbf4fa0068d41408a Certificate serial: 019B4EF2110D1F81BEF9C0D17F1C94A2DC3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft Manifest number: 1686 Signing time: Wed 24 Dec 2025 06:00:45 +0000 Manifest this update: Wed 24 Dec 2025 06:00:45 +0000 Manifest next update: Thu 25 Dec 2025 06:00:45 +0000 Files and hashes: 1: 8fjGJEbNOKgjtgGvG0x5bdVrRFo.roa (hash: 6ZZJ4QGkpbcq3hIOVhgvm79JeONPbl5ojVu1zQKUgnU=) 2: LiZI8DHKt2cl3ZGAwMQs7hzSWLY.roa (hash: YZv7B4YQ18wMpKvjotc88oKaw7AFVr3K3Ln8F9meSnc=) 3: OFBtgKtZLee-CjMbv0-gBo1BQIo.crl (hash: zAk+YN8/hpK4KcwQQ+ZCkojqvCzDTTKwmEkhuqLDKVE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 06:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:f2:11:0d:1f:81:be:f9:c0:d1:7f:1c:94:a2:dc:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38506d80ab592de7be0a331bbf4fa0068d41408a Validity Not Before: Dec 24 06:00:45 2025 GMT Not After : Dec 25 06:00:45 2025 GMT Subject: CN=2f899b7373cc65c781d0864b61230b5c51082553 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f9:36:3b:10:f9:c4:03:20:a7:37:3f:a2:8a: c4:f0:19:a3:13:41:74:c8:e7:a0:2d:25:81:16:34: fc:96:b6:53:55:bf:05:94:81:19:34:be:b7:df:e8: 1d:89:33:bb:3a:8f:5c:a3:e9:59:d1:a2:c5:25:d0: 72:ee:69:5b:b3:84:fa:b3:6d:3b:28:51:dc:cd:2c: 76:4d:b0:5e:44:bb:8f:11:97:82:36:ca:db:f7:02: 86:ed:60:99:a0:60:3a:34:11:b4:a7:da:29:c1:24: 31:56:69:c5:a7:c8:0a:b3:6b:8b:1a:45:c8:b1:16: d0:d8:4b:08:8e:89:12:a0:c2:92:51:0b:d6:c5:77: 9a:f3:ee:70:3e:aa:7c:d4:9a:38:2c:58:2b:79:7f: 46:b1:d3:76:b4:c5:cb:96:89:89:42:31:84:40:fa: e6:bb:92:ae:da:79:9f:fc:cb:9f:7e:35:74:3a:d5: c2:4f:e2:40:8c:36:bb:fe:1e:e3:3b:ad:30:8a:e8: cb:d5:cd:25:6a:c9:c2:5e:2f:39:53:98:19:0c:da: 87:8b:21:4c:9a:99:64:3c:87:aa:b4:2c:50:cb:74: aa:11:db:23:31:fe:42:a4:28:10:06:3e:bb:cb:1d: 76:01:ee:b3:b1:ab:70:36:98:6d:2a:a3:dd:f9:82: 7d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:89:9B:73:73:CC:65:C7:81:D0:86:4B:61:23:0B:5C:51:08:25:53 X509v3 Authority Key Identifier: keyid:38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:b9:6b:2d:cf:b3:77:c0:87:6a:2c:08:b9:1c:a3:51:ff:32: ee:b0:aa:25:a0:33:80:10:dd:76:f4:c0:91:47:4d:1f:ba:60: 4e:d6:dc:7a:bf:26:c1:d6:17:4e:2b:72:f2:71:77:0b:03:df: 52:6e:58:80:19:20:4a:86:9c:39:8d:ce:2c:a8:54:62:73:88: dd:94:25:6e:c8:81:82:5f:3e:51:58:b4:81:c0:c4:7e:15:8e: 4c:0b:28:f6:de:68:34:6a:5a:a8:4f:d8:e4:6e:40:50:3e:3d: 19:93:4f:c3:2f:d1:f7:f1:41:ee:34:b6:2f:64:de:b9:f7:76: fe:c5:7b:76:4a:4e:43:ea:ea:6a:71:e6:08:f3:ff:df:86:02: 8d:d8:7e:29:a2:90:42:52:34:30:fb:31:d7:ba:3b:70:c4:e3: e7:e1:f7:17:2a:5a:50:60:82:14:48:87:d9:26:83:e3:47:d2: b9:b7:32:ae:bf:bf:26:3e:01:5d:52:4e:fb:ea:86:d8:b7:0e: aa:08:37:d0:db:77:0d:bc:d7:3d:56:de:03:2c:c0:09:b0:2f: 39:a3:2f:4e:b2:68:8c:2f:36:1a:26:05:f3:33:7f:07:22:ee: d8:84:5d:68:90:1a:09:a5:09:a3:9e:06:cf:be:d3:60:40:d2: 0c:0a:1a:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtO8hENH4G++cDRfxyUotw+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NTA2ZDgwYWI1OTJkZTdiZTBhMzMxYmJmNGZhMDA2OGQ0 MTQwOGEwHhcNMjUxMjI0MDYwMDQ1WhcNMjUxMjI1MDYwMDQ1WjAzMTEwLwYDVQQD EygyZjg5OWI3MzczY2M2NWM3ODFkMDg2NGI2MTIzMGI1YzUxMDgyNTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvk2OxD5xAMgpzc/oorE8BmjE0F0 yOegLSWBFjT8lrZTVb8FlIEZNL633+gdiTO7Oo9co+lZ0aLFJdBy7mlbs4T6s207 KFHczSx2TbBeRLuPEZeCNsrb9wKG7WCZoGA6NBG0p9opwSQxVmnFp8gKs2uLGkXI sRbQ2EsIjokSoMKSUQvWxXea8+5wPqp81Jo4LFgreX9GsdN2tMXLlomJQjGEQPrm u5Ku2nmf/MuffjV0OtXCT+JAjDa7/h7jO60wiujL1c0lasnCXi85U5gZDNqHiyFM mplkPIeqtCxQy3SqEdsjMf5CpCgQBj67yx12Ae6zsatwNphtKqPd+YJ9nwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC+Jm3NzzGXHgdCGS2EjC1xRCCVTMB8GA1UdIwQY MBaAFDhQbYCrWS3nvgozG79PoAaNQUCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgt OGRmOGFmMzAwMWJjLzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgtOGRmOGFmMzAwMWJj LzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARblrLc+z d8CHaiwIuRyjUf8y7rCqJaAzgBDddvTAkUdNH7pgTtbcer8mwdYXTity8nF3CwPf Um5YgBkgSoacOY3OLKhUYnOI3ZQlbsiBgl8+UVi0gcDEfhWOTAso9t5oNGpaqE/Y 5G5AUD49GZNPwy/R9/FB7jS2L2Teufd2/sV7dkpOQ+rqanHmCPP/34YCjdh+KaKQ QlI0MPsx17o7cMTj5+H3FypaUGCCFEiH2SaD40fSubcyrr+/Jj4BXVJO++qG2LcO qgg30Nt3DbzXPVbeAyzACbAvOaMvTrJojC82GiYF8zN/ByLu2IRdaJAaCaUJo54G z77TYEDSDAoaGw== -----END CERTIFICATE-----Generated at Wed Dec 24 12:09:38 2025 by rpki-client