This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.mft File: 0OhNbWqe7eaC7xtcePGz8KMxORE.mft (raw, json) Hash identifier: GpqEOToRftcn2a6oIW+d9Yjf9TeLAu6tGxCEX+YOO08= Subject key identifier: FD:D6:61:A6:60:74:82:8C:09:B8:B0:04:91:45:B2:1A:6A:47:02:1C Authority key identifier: D0:E8:4D:6D:6A:9E:ED:E6:82:EF:1B:5C:78:F1:B3:F0:A3:31:39:11 Certificate issuer: /CN=d0e84d6d6a9eede682ef1b5c78f1b3f0a3313911 Certificate serial: 019B7335C6995C3BF89156836CF27058D071 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OhNbWqe7eaC7xtcePGz8KMxORE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.mft Manifest number: 0978 Signing time: Wed 31 Dec 2025 07:01:02 +0000 Manifest this update: Wed 31 Dec 2025 07:01:02 +0000 Manifest next update: Thu 01 Jan 2026 07:01:02 +0000 Files and hashes: 1: 0OhNbWqe7eaC7xtcePGz8KMxORE.crl (hash: MAkiSQRPj4mH/9NwVbkZe7IU2KCEn5SSDMbOJkwfElg=) 2: eEAcVM4h3e_6uLTwXzH2smck964.roa (hash: 2dyqSC4Nr999y8UdL9+8BtI2W3QPoxUvEaAKvO9sMtg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.crl rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.mft rsync://rpki.ripe.net/repository/DEFAULT/0OhNbWqe7eaC7xtcePGz8KMxORE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 07:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:73:35:c6:99:5c:3b:f8:91:56:83:6c:f2:70:58:d0:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0e84d6d6a9eede682ef1b5c78f1b3f0a3313911 Validity Not Before: Dec 31 07:01:02 2025 GMT Not After : Jan 1 07:01:02 2026 GMT Subject: CN=fdd661a66074828c09b8b0049145b21a6a47021c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bd:68:79:13:46:85:1b:7a:ea:fc:21:e7:d3: 77:fc:e6:48:e7:ab:53:14:bf:da:7f:ba:e7:63:52: 88:da:20:3d:42:b1:6b:d0:e6:a7:8a:2a:c8:2e:3c: 10:c6:5d:88:7d:52:42:39:90:58:d5:1b:ed:44:87: 4a:a1:69:51:ca:8a:f6:4e:57:c7:7d:dc:c6:ac:84: f9:88:d9:04:e3:a0:f1:60:21:95:1f:26:14:dc:a9: f8:e2:89:58:6f:5a:be:39:8a:d7:cd:7c:20:62:d5: 55:00:a8:81:cc:8c:c6:1b:39:06:ca:41:2d:5e:04: 61:65:d5:68:09:f7:e0:36:15:dd:8b:ce:cb:6b:dd: f0:d0:fb:ec:3f:0c:cd:13:2d:d0:3b:ea:2d:93:3d: 3f:0f:ba:f7:cd:81:66:bc:fa:ef:90:3c:54:3c:1e: a5:88:5f:e0:5c:82:de:e8:f5:af:61:3f:82:50:24: cc:8a:55:87:5f:35:73:c0:16:db:b4:92:e5:74:57: 9e:96:e3:29:f1:3a:4b:03:37:b3:fc:69:37:5e:2a: 72:9e:73:3d:d6:6a:3e:fb:1e:9c:db:57:79:76:34: 39:24:fe:74:1b:15:53:32:31:c2:35:93:fa:cd:e2: 28:19:8a:62:41:0b:76:67:be:d3:0a:2a:ec:bc:ce: c9:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:D6:61:A6:60:74:82:8C:09:B8:B0:04:91:45:B2:1A:6A:47:02:1C X509v3 Authority Key Identifier: keyid:D0:E8:4D:6D:6A:9E:ED:E6:82:EF:1B:5C:78:F1:B3:F0:A3:31:39:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OhNbWqe7eaC7xtcePGz8KMxORE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e1:04:02:fc:1f:48:22:ef:69:72:52:ac:d0:04:d4:d7:6f:cf: 5d:43:ca:b0:5c:99:1b:c0:d3:0d:f4:be:52:d9:76:90:ce:89: 6d:25:1f:66:67:7d:b4:a2:45:57:c4:9a:43:eb:00:6e:0d:49: 23:68:f7:d0:36:f2:8e:ef:9a:15:2e:cb:77:92:f9:65:2c:3e: 01:06:08:30:c3:35:49:27:a4:9b:a8:40:fc:12:52:a9:ce:6b: 98:43:f0:2d:c3:22:e5:1e:68:8e:bb:6f:6b:95:5e:4b:8c:98: 7f:ce:42:99:e6:68:2c:4e:3b:8a:80:d2:9c:37:ac:d4:27:86: c4:a0:d1:87:6f:dc:79:85:c9:4f:82:dc:0f:63:a4:88:0f:a7: a5:c4:64:6c:52:45:24:41:81:fd:63:de:25:46:cf:53:04:fa: ff:0e:5b:63:f9:ab:59:8e:03:42:00:7c:ea:43:4d:32:b6:e9: b1:9f:34:7b:8d:00:56:b6:60:fe:9e:bd:c7:6a:bd:d0:21:d9: a4:96:3d:e1:61:4f:96:9c:ce:e5:9f:1a:a0:ab:17:f7:4b:1c: d3:58:41:19:e8:94:ac:92:92:ca:77:7e:fb:2e:2a:4c:23:1c: 6c:b3:ea:7d:e6:be:ee:31:08:0e:0c:01:06:68:39:19:b8:36: 82:2b:d4:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtzNcaZXDv4kVaDbPJwWNBxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwZTg0ZDZkNmE5ZWVkZTY4MmVmMWI1Yzc4ZjFiM2YwYTMz MTM5MTEwHhcNMjUxMjMxMDcwMTAyWhcNMjYwMTAxMDcwMTAyWjAzMTEwLwYDVQQD EyhmZGQ2NjFhNjYwNzQ4MjhjMDliOGIwMDQ5MTQ1YjIxYTZhNDcwMjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu71oeRNGhRt66vwh59N3/OZI56tT FL/af7rnY1KI2iA9QrFr0OaniirILjwQxl2IfVJCOZBY1RvtRIdKoWlRyor2TlfH fdzGrIT5iNkE46DxYCGVHyYU3Kn44olYb1q+OYrXzXwgYtVVAKiBzIzGGzkGykEt XgRhZdVoCffgNhXdi87La93w0PvsPwzNEy3QO+otkz0/D7r3zYFmvPrvkDxUPB6l iF/gXILe6PWvYT+CUCTMilWHXzVzwBbbtJLldFeeluMp8TpLAzez/Gk3XipynnM9 1mo++x6c21d5djQ5JP50GxVTMjHCNZP6zeIoGYpiQQt2Z77TCirsvM7JAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP3WYaZgdIKMCbiwBJFFshpqRwIcMB8GA1UdIwQY MBaAFNDoTW1qnu3mgu8bXHjxs/CjMTkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvME9oTmJXcWU3ZWFDN3h0Y2VQR3o4S014T1JFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MmI3NzUtNzg0MS00YTYxLWI3OGMt YjdiYTI4MTY1YTc3LzEvME9oTmJXcWU3ZWFDN3h0Y2VQR3o4S014T1JFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS82MmI3NzUtNzg0MS00YTYxLWI3OGMtYjdiYTI4MTY1YTc3 LzEvME9oTmJXcWU3ZWFDN3h0Y2VQR3o4S014T1JFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4QQC/B9I Iu9pclKs0ATU12/PXUPKsFyZG8DTDfS+Utl2kM6JbSUfZmd9tKJFV8SaQ+sAbg1J I2j30Dbyju+aFS7Ld5L5ZSw+AQYIMMM1SSekm6hA/BJSqc5rmEPwLcMi5R5ojrtv a5VeS4yYf85CmeZoLE47ioDSnDes1CeGxKDRh2/ceYXJT4LcD2OkiA+npcRkbFJF JEGB/WPeJUbPUwT6/w5bY/mrWY4DQgB86kNNMrbpsZ80e40AVrZg/p69x2q90CHZ pJY94WFPlpzO5Z8aoKsX90sc01hBGeiUrJKSynd++y4qTCMcbLPqfea+7jEIDgwB Bmg5Gbg2givUqw== -----END CERTIFICATE-----Generated at Wed Dec 31 12:34:34 2025 by rpki-client