This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft File: OXsxr3cA59mVkO39nVhKG1A46tc.mft (raw, json) Hash identifier: d0T2N7SbejiOeA1Nxr7K+iQp2BNRx0QMvRev4Ylz+gs= Subject key identifier: 09:BA:B5:4C:9D:61:75:32:FD:64:34:BE:6C:C4:5D:8A:2D:DA:58:E5 Authority key identifier: 39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7 Certificate issuer: /CN=397b31af7700e7d99590edfd9d584a1b5038ead7 Certificate serial: 019B416DA2C1AC8B01EDF4F305EC0A68B6ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft Manifest number: 023F Signing time: Sun 21 Dec 2025 15:01:02 +0000 Manifest this update: Sun 21 Dec 2025 15:01:02 +0000 Manifest next update: Mon 22 Dec 2025 15:01:02 +0000 Files and hashes: 1: OXsxr3cA59mVkO39nVhKG1A46tc.crl (hash: j0GjNcJ5W2UW1Ja55yTMxUEnCSr3YgDwB+8ktuMCmbY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:a2:c1:ac:8b:01:ed:f4:f3:05:ec:0a:68:b6:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=397b31af7700e7d99590edfd9d584a1b5038ead7 Validity Not Before: Dec 21 15:01:02 2025 GMT Not After : Dec 22 15:01:02 2025 GMT Subject: CN=09bab54c9d617532fd6434be6cc45d8a2dda58e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:11:09:f5:b7:a6:8a:e0:87:d2:6f:33:70:1c: d9:93:3b:c8:b4:bf:84:5e:82:89:6b:78:b9:10:f6: d2:30:e2:49:ca:a0:65:7c:bc:81:28:b2:56:cf:54: b8:d9:3e:da:82:0d:aa:c1:a4:3f:5b:85:c1:b6:03: 24:80:33:5b:20:b8:89:3a:93:7b:e4:05:94:96:e9: 13:ef:bc:83:1c:73:36:bc:35:46:9e:51:11:ad:76: 7f:d7:5d:33:bc:e0:5f:37:a1:cc:70:ab:78:fb:0e: e6:db:fc:88:1a:8e:4f:d9:b2:37:d0:9a:f1:2a:b6: 39:0d:1b:9c:41:f3:f0:4d:36:54:53:83:4a:38:df: 60:f4:b6:78:cb:12:dd:e9:d8:17:bf:32:16:9a:0f: 3b:82:35:ae:2c:b4:57:e8:30:31:94:98:0d:d3:8d: 0f:fd:f9:e3:cd:55:97:a3:7c:aa:65:44:53:2d:2b: 41:f7:80:dc:1f:4b:e0:51:99:47:23:dc:f2:ae:4c: c7:24:64:71:0b:54:5a:3e:34:93:c8:70:82:32:6a: fc:d6:24:49:e3:3d:67:d2:e1:eb:40:8e:53:9e:66: b4:4a:33:6b:e4:c2:6b:b5:6c:d3:59:c5:8c:b8:dc: fa:5d:53:46:7f:21:e2:28:22:dd:9c:4d:8d:b2:1b: 1b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:BA:B5:4C:9D:61:75:32:FD:64:34:BE:6C:C4:5D:8A:2D:DA:58:E5 X509v3 Authority Key Identifier: keyid:39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:30:4a:27:a5:0e:07:48:ad:75:a1:e5:53:d8:f9:06:ca:33: 19:cc:e3:1a:7d:69:88:f5:09:f7:0c:aa:f6:23:1b:41:a6:90: fc:30:14:e1:17:1f:33:8e:d7:d6:67:2d:c2:c5:8c:cd:e2:7c: a8:ba:84:e5:57:9e:a6:bf:ee:42:6f:b5:ad:bb:0f:e1:d3:79: 6e:f1:05:85:9b:83:4e:c8:be:cd:77:fc:65:b1:8c:67:d0:e7: c6:d4:b1:2c:98:13:be:9c:ba:1a:ac:f5:b8:a2:47:5c:22:57: 4c:cf:f1:2d:42:ee:fd:47:9b:3f:8a:32:8b:a0:cc:72:b4:85: 83:43:d8:e6:ef:ea:3a:b4:ba:62:0f:cd:7d:ae:94:8f:10:80: 4d:0a:63:40:7c:aa:cd:aa:13:84:ee:15:86:42:79:be:ab:32: d8:bf:40:e1:5e:ef:0d:78:e4:07:f8:88:be:35:b3:9b:2b:ca: f3:33:02:91:80:e9:3e:25:45:d3:c2:88:6d:8e:e1:e3:88:77: c6:61:13:f0:25:84:1c:53:fa:15:bd:91:12:12:14:ba:d6:f3: e9:e5:41:f5:9b:e8:f3:6a:99:f7:d3:7d:b4:73:19:6c:63:c8: d2:8e:43:17:57:6f:d2:a0:f9:49:0d:30:5b:e7:08:66:c5:ba: 5a:9a:10:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbaLBrIsB7fTzBewKaLbtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5N2IzMWFmNzcwMGU3ZDk5NTkwZWRmZDlkNTg0YTFiNTAz OGVhZDcwHhcNMjUxMjIxMTUwMTAyWhcNMjUxMjIyMTUwMTAyWjAzMTEwLwYDVQQD EygwOWJhYjU0YzlkNjE3NTMyZmQ2NDM0YmU2Y2M0NWQ4YTJkZGE1OGU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBEJ9bemiuCH0m8zcBzZkzvItL+E XoKJa3i5EPbSMOJJyqBlfLyBKLJWz1S42T7agg2qwaQ/W4XBtgMkgDNbILiJOpN7 5AWUlukT77yDHHM2vDVGnlERrXZ/110zvOBfN6HMcKt4+w7m2/yIGo5P2bI30Jrx KrY5DRucQfPwTTZUU4NKON9g9LZ4yxLd6dgXvzIWmg87gjWuLLRX6DAxlJgN040P /fnjzVWXo3yqZURTLStB94DcH0vgUZlHI9zyrkzHJGRxC1RaPjSTyHCCMmr81iRJ 4z1n0uHrQI5Tnma0SjNr5MJrtWzTWcWMuNz6XVNGfyHiKCLdnE2NshsbnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAm6tUydYXUy/WQ0vmzEXYot2ljlMB8GA1UdIwQY MBaAFDl7Ma93AOfZlZDt/Z1YShtQOOrXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2Qt YjIwMmUwNWFjODRhLzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2QtYjIwMmUwNWFjODRh LzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzBKJ6UO B0itdaHlU9j5BsozGczjGn1piPUJ9wyq9iMbQaaQ/DAU4RcfM47X1mctwsWMzeJ8 qLqE5Veepr/uQm+1rbsP4dN5bvEFhZuDTsi+zXf8ZbGMZ9DnxtSxLJgTvpy6Gqz1 uKJHXCJXTM/xLULu/UebP4oyi6DMcrSFg0PY5u/qOrS6Yg/Nfa6UjxCATQpjQHyq zaoThO4VhkJ5vqsy2L9A4V7vDXjkB/iIvjWzmyvK8zMCkYDpPiVF08KIbY7h44h3 xmET8CWEHFP6Fb2REhIUutbz6eVB9Zvo82qZ99N9tHMZbGPI0o5DF1dv0qD5SQ0w W+cIZsW6WpoQeg== -----END CERTIFICATE-----Generated at Sun Dec 21 23:13:12 2025 by rpki-client