This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft File: OQJ3OPl4_tokqdh7DLi7mqevVA0.mft (raw, json) Hash identifier: g/T+KE9vllOqnSWdtmuxNFEKI6pMB6+2z1nSL9aJ+gU= Subject key identifier: 6A:6C:95:91:2E:AD:D7:98:A4:71:29:C1:D6:44:B0:34:38:39:FF:08 Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d Certificate serial: 019B5DC093AD6BA28732E02928ED524BF568 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft Manifest number: 17A3 Signing time: Sat 27 Dec 2025 03:01:00 +0000 Manifest this update: Sat 27 Dec 2025 03:01:00 +0000 Manifest next update: Sun 28 Dec 2025 03:01:00 +0000 Files and hashes: 1: OQJ3OPl4_tokqdh7DLi7mqevVA0.crl (hash: mdAbGW/5J2KF1fMZ0QeoeWqG7VnF4eY88TwdJXy/MhU=) 2: THEjTsFNcxDVZEOdq3GfXqXC4zc.roa (hash: x5CBmcScUC+Y/Wuw5WgYT+dNtpSqSEasQSVqzZJLzc4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:c0:93:ad:6b:a2:87:32:e0:29:28:ed:52:4b:f5:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d Validity Not Before: Dec 27 03:01:00 2025 GMT Not After : Dec 28 03:01:00 2025 GMT Subject: CN=6a6c95912eadd798a47129c1d644b0343839ff08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:6d:e4:31:6b:c8:ed:58:94:0e:57:f3:6b:a3: 2c:c4:8d:c6:85:3b:d7:c8:90:8f:f1:d4:6e:bf:6c: cc:4a:24:46:aa:11:15:ed:d8:9f:c8:35:12:03:c5: 43:9c:54:b5:79:39:67:53:90:a0:f2:17:bb:7f:7f: b0:8b:9f:6c:70:c0:b8:95:91:a8:33:38:9c:81:d4: c7:c6:d3:d6:2d:74:2b:a9:ec:29:08:8a:14:5e:44: 42:0b:6c:80:70:33:2c:08:0f:1f:c2:0c:42:95:90: 71:bf:78:5d:9e:95:1c:2f:1b:17:f7:41:70:90:ac: 91:5f:39:5b:89:f8:03:b9:5f:74:a2:f7:39:f9:70: a3:86:7e:da:e8:4d:3d:fe:0a:6e:d3:cd:13:ab:14: 2b:07:d1:b5:c9:9f:aa:bb:48:1f:6c:89:ab:ad:0f: 7e:87:b9:f3:90:22:3f:72:5e:a1:d8:ec:2e:a2:ef: 15:1f:b6:12:2c:62:6b:57:6f:99:d0:31:6b:d3:f1: 06:b9:49:ec:f4:3a:21:5c:b6:98:67:2e:ab:60:9f: 28:f3:be:e5:3d:63:fb:2d:61:00:de:4d:a5:e6:ec: 72:47:63:4a:30:13:34:0d:3f:b4:5b:24:46:3f:24: b0:2a:fa:9e:ef:7a:f0:73:8d:3b:69:d2:43:3f:cd: f7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:6C:95:91:2E:AD:D7:98:A4:71:29:C1:D6:44:B0:34:38:39:FF:08 X509v3 Authority Key Identifier: keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:d7:3b:85:71:be:8c:76:21:cd:78:a7:7b:0d:ed:da:79:a8: 26:29:6d:c8:92:8b:fe:28:38:12:80:9f:11:39:14:79:d3:52: e1:c0:28:75:1c:f1:c6:47:be:8e:d7:ed:80:f2:bf:ab:f5:9b: e3:a8:4b:e6:be:8e:76:20:42:a6:81:b6:5d:16:23:26:c8:b4: 9e:cd:c9:b3:46:f4:cf:81:04:a1:98:e5:91:88:97:8d:39:4f: de:1f:89:72:e8:64:5d:64:2a:9b:44:2a:8f:f5:80:38:98:a3: b3:12:b9:b1:aa:df:40:c6:53:e7:ae:78:2d:48:ba:82:07:06: fb:16:24:66:17:cd:bd:c6:04:79:58:c9:3d:6d:07:78:1f:5d: 59:0d:d5:b4:48:60:20:02:7a:e5:0f:b9:ba:6a:1c:5d:c4:65: 60:f9:ac:7c:a2:60:df:a5:3c:d4:60:f0:d5:3a:87:a2:4e:0f: 2b:a3:30:8f:bd:b0:06:ae:8d:0e:52:4f:f5:56:02:31:11:1b: 10:19:b4:e1:d8:b7:a3:a1:43:f1:1f:3b:b8:a0:31:cd:79:6c: ad:99:55:bc:ba:a2:c7:7b:da:16:64:be:57:8e:fc:52:48:4d: 4b:d2:81:2f:7a:de:67:97:f6:9a:85:e8:cb:82:d3:63:78:78: b1:11:cf:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdwJOta6KHMuApKO1SS/VoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh ZjU0MGQwHhcNMjUxMjI3MDMwMTAwWhcNMjUxMjI4MDMwMTAwWjAzMTEwLwYDVQQD Eyg2YTZjOTU5MTJlYWRkNzk4YTQ3MTI5YzFkNjQ0YjAzNDM4MzlmZjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4m3kMWvI7ViUDlfza6MsxI3GhTvX yJCP8dRuv2zMSiRGqhEV7difyDUSA8VDnFS1eTlnU5Cg8he7f3+wi59scMC4lZGo MzicgdTHxtPWLXQrqewpCIoUXkRCC2yAcDMsCA8fwgxClZBxv3hdnpUcLxsX90Fw kKyRXzlbifgDuV90ovc5+XCjhn7a6E09/gpu080TqxQrB9G1yZ+qu0gfbImrrQ9+ h7nzkCI/cl6h2Owuou8VH7YSLGJrV2+Z0DFr0/EGuUns9DohXLaYZy6rYJ8o877l PWP7LWEA3k2l5uxyR2NKMBM0DT+0WyRGPySwKvqe73rwc407adJDP8337QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGpslZEurdeYpHEpwdZEsDQ4Of8IMB8GA1UdIwQY MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt ZjVkOGFiN2MxNWYwLzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9c7hXG+ jHYhzXinew3t2nmoJiltyJKL/ig4EoCfETkUedNS4cAodRzxxke+jtftgPK/q/Wb 46hL5r6OdiBCpoG2XRYjJsi0ns3Js0b0z4EEoZjlkYiXjTlP3h+JcuhkXWQqm0Qq j/WAOJijsxK5sarfQMZT5654LUi6ggcG+xYkZhfNvcYEeVjJPW0HeB9dWQ3VtEhg IAJ65Q+5umocXcRlYPmsfKJg36U81GDw1TqHok4PK6Mwj72wBq6NDlJP9VYCMREb EBm04di3o6FD8R87uKAxzXlsrZlVvLqix3vaFmS+V478UkhNS9KBL3reZ5f2moXo y4LTY3h4sRHPvQ== -----END CERTIFICATE-----Generated at Sat Dec 27 05:41:44 2025 by rpki-client