This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft File: OC-G8tvQd2xOUZycmuT60EJvOf8.mft (raw, json) Hash identifier: 1L6r8oyRqr+ioXJsW48qRZ1GMsE6IugDMxoGyWZ1TKY= Subject key identifier: 16:C8:02:E5:29:5E:50:01:01:95:59:2F:8E:33:16:3B:7E:D0:E5:DA Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff Certificate serial: 019B3B34B06297E28B7F831301BF6E177F93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft Manifest number: 0366 Signing time: Sat 20 Dec 2025 10:01:07 +0000 Manifest this update: Sat 20 Dec 2025 10:01:07 +0000 Manifest next update: Sun 21 Dec 2025 10:01:07 +0000 Files and hashes: 1: OC-G8tvQd2xOUZycmuT60EJvOf8.crl (hash: M91ouEskvjiWroMm2VLM6+N15/fNaSqfJWX0TaThE2U=) 2: b1pNAkro7aHA3V-NejpmqoURwAk.roa (hash: spfghQnj6hS6URb2NmqLLwW6s6Py+YxHJ+ws3VJ1shQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:b0:62:97:e2:8b:7f:83:13:01:bf:6e:17:7f:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff Validity Not Before: Dec 20 10:01:07 2025 GMT Not After : Dec 21 10:01:07 2025 GMT Subject: CN=16c802e5295e50010195592f8e33163b7ed0e5da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9a:a1:73:0f:39:5a:ed:6e:d9:9f:0c:6a:90: 43:5a:85:92:b9:64:26:84:71:20:7b:57:04:b4:22: 44:9d:de:24:a6:80:f5:68:01:45:28:c6:7b:62:c8: 05:e0:94:a6:4b:d2:6e:31:0b:00:f1:a9:53:3b:31: 41:1d:7a:4c:5c:1e:71:d6:15:5c:5b:51:f2:77:2b: 2d:08:7e:d1:c3:3e:a6:d5:ce:63:51:46:17:c1:6a: 20:40:19:45:92:f9:ea:d8:95:2c:c5:11:a9:a7:98: e5:aa:39:62:2c:db:57:63:87:07:06:18:d6:4b:2d: 41:30:30:96:14:28:95:3f:e6:d6:9f:fa:f2:07:86: 0a:41:c9:b6:67:2a:4d:3d:dd:da:56:67:e5:6b:b3: 22:51:cc:b5:fb:b5:b1:05:27:0c:d1:f6:70:db:47: 07:37:d0:76:fc:4a:d1:ea:d8:8b:5a:91:cd:f5:e8: 8e:01:4b:3b:71:59:a3:8e:63:cc:af:67:8d:f1:2a: cc:f9:d8:14:63:d5:f8:fd:33:9a:d9:06:bc:4b:0b: c0:a1:5d:30:20:e1:93:e9:cd:e4:ae:6d:5d:80:56: 77:2b:2a:21:d3:16:c6:de:b1:fb:09:68:47:2f:ea: 87:96:4c:5c:94:d1:66:ce:45:d5:b2:79:ab:d2:4c: f0:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:C8:02:E5:29:5E:50:01:01:95:59:2F:8E:33:16:3B:7E:D0:E5:DA X509v3 Authority Key Identifier: keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d8:f3:67:55:d7:49:83:d3:3d:78:d2:2b:84:13:f7:92:f8:5a: df:b0:3f:dd:18:59:1c:b2:61:1a:ba:8c:7f:77:11:9d:75:8e: ff:ba:69:5f:cb:47:b3:a7:00:4e:42:33:07:48:e2:d3:ff:8e: 6d:bd:93:44:96:81:d9:d9:ae:4a:74:a0:b8:c8:74:79:a5:f2: ea:fa:2b:9f:d5:b1:ab:5e:f0:3f:88:79:5d:f8:e3:6d:ec:be: d9:54:64:59:8e:d9:8b:f0:f9:1f:e6:28:3e:57:bf:ab:2e:c9: 69:a8:97:4b:d2:b3:af:51:0b:fa:02:f0:6c:ca:5d:8d:bd:b7: 0a:96:37:b6:d2:d9:d7:09:80:6f:e5:bc:80:b9:93:3c:f1:a0: 03:d3:16:84:4a:6f:b7:39:35:b3:c5:54:45:58:17:6f:85:dd: de:b1:58:61:23:1b:0a:80:c4:f1:23:bc:ef:32:5c:38:d3:53: b0:9e:6d:a1:89:64:1f:92:b9:54:4d:d4:35:17:bb:60:8e:fa: e1:f7:22:ba:16:aa:31:f1:3e:29:21:37:4c:9a:c8:e4:b1:d5: 8c:38:fb:87:f4:c6:ce:3b:0b:30:f9:9c:5d:be:42:91:64:8d: 99:f2:06:2c:fb:4f:7f:2d:dd:5a:35:5a:d6:31:95:0e:4c:1b: 10:d3:f4:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NLBil+KLf4MTAb9uF3+TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2 ZjM5ZmYwHhcNMjUxMjIwMTAwMTA3WhcNMjUxMjIxMTAwMTA3WjAzMTEwLwYDVQQD EygxNmM4MDJlNTI5NWU1MDAxMDE5NTU5MmY4ZTMzMTYzYjdlZDBlNWRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZqhcw85Wu1u2Z8MapBDWoWSuWQm hHEge1cEtCJEnd4kpoD1aAFFKMZ7YsgF4JSmS9JuMQsA8alTOzFBHXpMXB5x1hVc W1HydystCH7Rwz6m1c5jUUYXwWogQBlFkvnq2JUsxRGpp5jlqjliLNtXY4cHBhjW Sy1BMDCWFCiVP+bWn/ryB4YKQcm2ZypNPd3aVmfla7MiUcy1+7WxBScM0fZw20cH N9B2/ErR6tiLWpHN9eiOAUs7cVmjjmPMr2eN8SrM+dgUY9X4/TOa2Qa8SwvAoV0w IOGT6c3krm1dgFZ3Kyoh0xbG3rH7CWhHL+qHlkxclNFmzkXVsnmr0kzwEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBbIAuUpXlABAZVZL44zFjt+0OXaMB8GA1UdIwQY MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt MjAzNTYzZjg0NWJiLzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2PNnVddJ g9M9eNIrhBP3kvha37A/3RhZHLJhGrqMf3cRnXWO/7ppX8tHs6cATkIzB0ji0/+O bb2TRJaB2dmuSnSguMh0eaXy6vorn9Wxq17wP4h5Xfjjbey+2VRkWY7Zi/D5H+Yo Ple/qy7JaaiXS9Kzr1EL+gLwbMpdjb23CpY3ttLZ1wmAb+W8gLmTPPGgA9MWhEpv tzk1s8VURVgXb4Xd3rFYYSMbCoDE8SO87zJcONNTsJ5toYlkH5K5VE3UNRe7YI76 4fciuhaqMfE+KSE3TJrI5LHVjDj7h/TGzjsLMPmcXb5CkWSNmfIGLPtPfy3dWjVa 1jGVDkwbENP0kA== -----END CERTIFICATE-----Generated at Sat Dec 20 15:10:25 2025 by rpki-client