This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json) Hash identifier: naTs9TVr+Xsp3YuF3lfejre7y7Nt06o/EwWbluTBML8= Subject key identifier: 16:52:38:20:04:82:49:50:7A:60:42:23:EB:EF:6A:2A:C5:95:72:69 Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff Certificate serial: 019B582C5049D6CCE91BEAFF550D52082AAF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft Manifest number: 0375 Signing time: Fri 26 Dec 2025 01:00:57 +0000 Manifest this update: Fri 26 Dec 2025 01:00:57 +0000 Manifest next update: Sat 27 Dec 2025 01:00:57 +0000 Files and hashes: 1: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: KyZ6BJsm1/xiKh2P7V2mmdyH3wz5e/GEePo5yFdCBmQ=) 2: b1pNAkro7aHA3V-NejpmqoURwAk.roa (hash: spfghQnj6hS6URb2NmqLLwW6s6Py+YxHJ+ws3VJ1shQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 01:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:2c:50:49:d6:cc:e9:1b:ea:ff:55:0d:52:08:2a:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff Validity Not Before: Dec 26 01:00:57 2025 GMT Not After : Dec 27 01:00:57 2025 GMT Subject: CN=16523820048249507a604223ebef6a2ac5957269 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8a:4d:37:aa:f7:7b:74:11:6c:78:fd:63:56: a5:4f:46:fe:c9:00:d2:c4:02:87:a2:1a:c5:da:5d: 77:43:1d:e1:cc:58:72:34:c6:fa:b9:b5:a3:2b:67: 0e:3d:b1:fa:84:07:4a:1b:86:25:ee:92:fb:f2:df: 9d:9d:07:86:ea:c4:b5:a7:0a:60:92:7f:a6:41:55: 7f:03:2b:fc:e6:2d:d2:34:02:78:dc:0d:69:d9:66: b9:f2:67:06:09:ba:35:00:68:cb:e3:48:81:3c:9a: fa:f1:cc:6f:49:11:9e:7c:4c:9f:45:73:9f:2a:c6: de:0c:3e:f9:6e:6d:c9:60:73:a5:6a:2d:be:f9:4d: a3:ce:6e:df:66:54:0c:2a:51:d5:67:31:60:f4:83: 2d:75:b6:99:9f:e8:d2:2e:02:74:3a:91:8b:8b:13: 52:e9:83:bf:05:47:e2:d2:80:67:8d:fb:15:52:17: 1f:72:e6:2c:53:b8:93:86:ac:94:2d:85:52:2d:52: fb:ce:4a:19:6b:2d:59:bc:b1:80:b8:3c:4a:dc:15: 8f:b8:73:9b:89:27:29:d5:05:3b:a5:86:7b:01:44: 39:14:7d:6c:31:d2:e5:07:ca:86:e2:af:ca:ef:28: ee:28:4c:73:36:54:27:fa:39:ce:17:bc:66:08:6b: 86:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:52:38:20:04:82:49:50:7A:60:42:23:EB:EF:6A:2A:C5:95:72:69 X509v3 Authority Key Identifier: keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:43:d7:03:69:f2:d8:f0:2c:be:9e:34:07:dd:c3:88:cd:29: 5d:8b:f8:bd:ea:a9:8f:05:a0:be:1c:7f:d2:82:c9:1c:e1:84: ad:93:c2:c0:68:e6:9a:19:9b:13:0a:89:50:f2:9c:98:a6:f3: 3f:85:99:96:9d:75:1b:4a:5e:8c:79:9b:ef:8f:a9:f3:b2:37: 12:fd:51:a0:c2:0f:3f:5c:6d:b4:90:c8:a1:41:57:a9:9b:31: ae:20:88:5d:b5:fa:ed:00:e1:ad:a2:aa:20:9d:ee:04:07:eb: bc:82:0e:38:91:0a:30:8f:e5:5e:de:bf:13:1f:0a:40:fd:2d: 23:14:9e:cf:cf:15:50:77:ac:21:20:30:87:92:28:df:b8:fc: cf:16:51:56:0e:1b:af:a7:a8:c5:b9:b3:4e:8b:a0:9e:8e:0e: 72:a5:79:c7:eb:9d:c3:cd:00:a7:da:ff:65:d3:75:03:24:a2: f7:6e:75:f8:04:5e:85:4d:c3:59:77:7e:f5:ce:e7:fc:7e:16: 04:08:e6:11:73:19:0b:92:b6:fa:a3:b9:7c:7f:55:d8:bb:ca: f1:de:ac:ea:0a:cf:fd:46:f6:b8:db:f2:1d:2d:6d:23:c0:48: ee:ad:47:20:ae:39:ce:e1:d4:1f:c1:24:5a:be:39:c8:cf:89: d1:8f:b4:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtYLFBJ1szpG+r/VQ1SCCqvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2 ZjM5ZmYwHhcNMjUxMjI2MDEwMDU3WhcNMjUxMjI3MDEwMDU3WjAzMTEwLwYDVQQD EygxNjUyMzgyMDA0ODI0OTUwN2E2MDQyMjNlYmVmNmEyYWM1OTU3MjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4pNN6r3e3QRbHj9Y1alT0b+yQDS xAKHohrF2l13Qx3hzFhyNMb6ubWjK2cOPbH6hAdKG4Yl7pL78t+dnQeG6sS1pwpg kn+mQVV/Ayv85i3SNAJ43A1p2Wa58mcGCbo1AGjL40iBPJr68cxvSRGefEyfRXOf KsbeDD75bm3JYHOlai2++U2jzm7fZlQMKlHVZzFg9IMtdbaZn+jSLgJ0OpGLixNS 6YO/BUfi0oBnjfsVUhcfcuYsU7iThqyULYVSLVL7zkoZay1ZvLGAuDxK3BWPuHOb iScp1QU7pYZ7AUQ5FH1sMdLlB8qG4q/K7yjuKExzNlQn+jnOF7xmCGuGHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBZSOCAEgklQemBCI+vvairFlXJpMB8GA1UdIwQY MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKEPXA2ny 2PAsvp40B93DiM0pXYv4veqpjwWgvhx/0oLJHOGErZPCwGjmmhmbEwqJUPKcmKbz P4WZlp11G0pejHmb74+p87I3Ev1RoMIPP1xttJDIoUFXqZsxriCIXbX67QDhraKq IJ3uBAfrvIIOOJEKMI/lXt6/Ex8KQP0tIxSez88VUHesISAwh5Io37j8zxZRVg4b r6eoxbmzTougno4OcqV5x+udw80Ap9r/ZdN1AySi9251+ARehU3DWXd+9c7n/H4W BAjmEXMZC5K2+qO5fH9V2LvK8d6s6grP/Ub2uNvyHS1tI8BI7q1HIK45zuHUH8Ek Wr45yM+J0Y+06g== -----END CERTIFICATE-----Generated at Fri Dec 26 07:49:59 2025 by rpki-client