This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json) Hash identifier: QtSyTtu8AxwvYBgRH07xHguU49vC5OHaV9Z5Jr9GYyQ= Subject key identifier: FF:BE:AD:28:41:E1:34:E3:4A:1E:60:90:A4:30:98:49:86:27:7B:BA Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4 Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4 Certificate serial: 019B3C0FFBDCEB8EB205B94F59AD07F20B31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft Manifest number: 028D Signing time: Sat 20 Dec 2025 14:00:38 +0000 Manifest this update: Sat 20 Dec 2025 14:00:38 +0000 Manifest next update: Sun 21 Dec 2025 14:00:38 +0000 Files and hashes: 1: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: F1/LOuOVRM3hVlH2JKUj7+QBX7mmt9FEIirz5+t0mzQ=) 2: cvTvlJFXIrx4LNBKFN32BnQowu0.roa (hash: 2SQfqAvlePWceYDa/Gr4IqsSS7uQeMq3g8yyqM6DnK8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:0f:fb:dc:eb:8e:b2:05:b9:4f:59:ad:07:f2:0b:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4 Validity Not Before: Dec 20 14:00:38 2025 GMT Not After : Dec 21 14:00:38 2025 GMT Subject: CN=ffbead2841e134e34a1e6090a430984986277bba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:1c:aa:4a:50:cc:38:4b:2e:5e:f1:cd:e9:67: 39:64:0c:85:1f:98:f9:ff:59:0b:41:3c:fc:8e:3f: 8a:d5:3f:d4:ef:51:8d:b4:78:de:3d:ef:84:0b:57: c1:d8:17:39:09:80:8b:8c:86:5d:ef:00:03:76:9e: 0b:6c:a7:c5:c5:1c:e9:d0:58:92:ee:81:4f:da:05: be:a5:b2:63:6f:1f:96:a6:9a:0e:f4:00:4c:75:2c: 1d:dc:ba:50:4b:16:b7:0b:31:43:e7:ef:da:4d:8e: 53:fe:8b:34:13:af:b7:17:fc:0b:00:ec:70:11:3d: 4d:e9:7a:e9:93:b9:c3:91:70:25:f8:c4:81:97:63: 52:2f:58:eb:7a:46:8e:02:2d:66:ea:bf:df:ab:33: 03:64:1a:6d:c9:b9:78:2e:fc:36:6b:ba:40:d7:26: 5b:47:dc:dc:c2:7b:ab:31:b4:50:bd:cc:1c:0e:17: 6d:47:68:e0:74:1f:c2:bd:16:dd:60:31:95:fa:d2: 5e:cd:fa:32:fb:b7:3b:1c:0b:de:a5:b8:fe:da:9e: fc:b0:5b:db:62:49:be:d1:50:e0:31:a4:70:30:0b: a2:2d:9a:9d:42:34:94:7d:89:29:2a:db:69:a7:b4: 52:c5:70:51:02:53:21:9c:d1:5f:12:b1:9b:d8:a5: 7e:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:BE:AD:28:41:E1:34:E3:4A:1E:60:90:A4:30:98:49:86:27:7B:BA X509v3 Authority Key Identifier: keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:ad:95:c1:cd:fd:5c:8f:b4:b5:a6:c3:70:86:d9:08:53:72: 95:69:fe:4a:d4:56:7e:49:1b:1a:f8:c5:bd:61:55:89:37:6d: 5b:1c:bb:b9:f1:1e:82:41:3a:ee:78:a4:81:f6:81:51:8e:6c: a4:4c:ed:c4:3a:14:52:b8:da:0f:a1:c6:e5:fe:e9:40:43:a0: 5e:8b:1e:a4:85:25:47:b4:c3:fe:31:cd:cb:eb:2d:30:72:62: 1e:ff:79:f8:57:6e:df:f2:8b:15:a4:2b:98:10:b6:59:69:c6: a0:5a:19:d7:ca:f3:12:a5:04:97:58:d9:e9:2b:2b:d4:34:69: 1e:b0:a9:5c:37:ab:02:ef:65:ad:8b:cf:10:3a:65:21:59:13: 65:9d:a1:06:37:81:e6:c1:55:32:1f:98:b6:1c:24:83:11:9c: 6c:a1:49:fc:27:fa:06:56:ac:54:f2:a0:1a:c6:52:60:3a:56: ab:0c:50:72:9e:17:87:09:cb:a2:1b:3a:9f:20:30:ea:a3:99: 83:31:ee:2d:77:1f:b5:ad:5d:e1:13:9f:be:32:63:61:2e:6b: 59:9f:3b:e1:dd:ca:3f:82:c4:ec:af:59:a8:e9:8d:1e:ee:8b: ca:8c:54:d1:34:31:d9:c8:33:8d:14:96:1b:ec:84:19:a7:ba: f1:5c:77:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8D/vc646yBblPWa0H8gsxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2 NDRkZTQwHhcNMjUxMjIwMTQwMDM4WhcNMjUxMjIxMTQwMDM4WjAzMTEwLwYDVQQD EyhmZmJlYWQyODQxZTEzNGUzNGExZTYwOTBhNDMwOTg0OTg2Mjc3YmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhyqSlDMOEsuXvHN6Wc5ZAyFH5j5 /1kLQTz8jj+K1T/U71GNtHjePe+EC1fB2Bc5CYCLjIZd7wADdp4LbKfFxRzp0FiS 7oFP2gW+pbJjbx+WppoO9ABMdSwd3LpQSxa3CzFD5+/aTY5T/os0E6+3F/wLAOxw ET1N6Xrpk7nDkXAl+MSBl2NSL1jrekaOAi1m6r/fqzMDZBptybl4Lvw2a7pA1yZb R9zcwnurMbRQvcwcDhdtR2jgdB/CvRbdYDGV+tJezfoy+7c7HAvepbj+2p78sFvb Ykm+0VDgMaRwMAuiLZqdQjSUfYkpKttpp7RSxXBRAlMhnNFfErGb2KV+rwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP++rShB4TTjSh5gkKQwmEmGJ3u6MB8GA1UdIwQY MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3 LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV62Vwc39 XI+0tabDcIbZCFNylWn+StRWfkkbGvjFvWFViTdtWxy7ufEegkE67nikgfaBUY5s pEztxDoUUrjaD6HG5f7pQEOgXosepIUlR7TD/jHNy+stMHJiHv95+Fdu3/KLFaQr mBC2WWnGoFoZ18rzEqUEl1jZ6Ssr1DRpHrCpXDerAu9lrYvPEDplIVkTZZ2hBjeB 5sFVMh+YthwkgxGcbKFJ/Cf6BlasVPKgGsZSYDpWqwxQcp4XhwnLohs6nyAw6qOZ gzHuLXcfta1d4ROfvjJjYS5rWZ874d3KP4LE7K9ZqOmNHu6LyoxU0TQx2cgzjRSW G+yEGae68Vx3Qw== -----END CERTIFICATE-----Generated at Sat Dec 20 17:57:08 2025 by rpki-client