This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft File: O-lZPSkOAlAninOzE1UDKTJ71Yk.mft (raw, json) Hash identifier: FVKjU2aO8gZ88v4gaYWByvuJ8TupfU1n9jo0ztrEXmg= Subject key identifier: CE:24:57:52:31:33:D6:27:ED:CF:EF:5A:96:BA:02:8B:0B:9F:40:DD Authority key identifier: 3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89 Certificate issuer: /CN=3be9593d290e0250278a73b313550329327bd589 Certificate serial: 019B5D54256E0635242614EC91D389B65A3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft Manifest number: 179A Signing time: Sat 27 Dec 2025 01:02:34 +0000 Manifest this update: Sat 27 Dec 2025 01:02:34 +0000 Manifest next update: Sun 28 Dec 2025 01:02:34 +0000 Files and hashes: 1: O-lZPSkOAlAninOzE1UDKTJ71Yk.crl (hash: KgHzPAIXvpr0VGrCIu9hkAQqCByr1guCvezWHWcDlls=) 2: bxRO7kfiXfIBzrwx6__-lx4GD-Q.roa (hash: Yl6am4vWUQXhAPFuVgrQF79QPPtS7MoD02zbAbTLBHQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:54:25:6e:06:35:24:26:14:ec:91:d3:89:b6:5a:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3be9593d290e0250278a73b313550329327bd589 Validity Not Before: Dec 27 01:02:34 2025 GMT Not After : Dec 28 01:02:34 2025 GMT Subject: CN=ce2457523133d627edcfef5a96ba028b0b9f40dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:cd:b9:45:32:e3:11:31:09:58:52:6f:93:de: e5:0b:03:53:bf:fb:85:ea:2b:1a:03:4f:fa:52:88: f4:f0:8f:29:84:3d:ed:72:ba:8e:0b:ee:c6:5b:e6: f4:a5:9f:fb:c0:c7:37:55:6a:37:77:fe:f0:b3:b0: 2e:08:97:61:26:e8:9e:9a:b7:d5:cb:ff:e7:26:6b: 9c:32:42:c4:f5:31:f7:8b:b2:9c:f7:e9:4a:c5:de: 43:06:9b:5b:ac:75:70:a3:ce:2b:62:e6:04:72:64: 0a:e3:38:1f:4d:c8:d3:30:68:a7:ea:c5:7e:67:fe: b7:0e:b9:90:9c:b0:97:ef:f8:02:19:46:1a:ed:7a: 9c:c7:01:f0:8a:24:f4:1d:d7:d4:7a:3b:26:8e:40: 29:b3:6f:bb:65:ea:88:08:0c:2b:18:b9:ad:ea:3c: 78:d3:b9:29:63:6e:e0:e3:1a:19:bb:9a:47:e8:a8: 1d:76:36:ee:8c:3f:3f:c3:ac:d8:a2:0f:ba:69:01: 26:ce:d2:2c:60:a7:da:39:70:4f:3f:59:cb:1b:16: 2d:9e:b5:e9:53:1e:9d:6f:4b:37:f9:d4:12:e0:ec: e5:00:d8:9a:bb:3a:30:ff:c7:a6:d4:18:68:0d:d3: 09:2e:ba:c8:dd:2c:dc:e4:d3:2a:6d:43:9c:e2:13: 5b:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:24:57:52:31:33:D6:27:ED:CF:EF:5A:96:BA:02:8B:0B:9F:40:DD X509v3 Authority Key Identifier: keyid:3B:E9:59:3D:29:0E:02:50:27:8A:73:B3:13:55:03:29:32:7B:D5:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-lZPSkOAlAninOzE1UDKTJ71Yk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/744a6e-f3a2-40dd-a02e-4eab060f15fa/1/O-lZPSkOAlAninOzE1UDKTJ71Yk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ef:6d:29:8a:c9:64:dc:b9:90:da:b6:6d:b3:03:ba:18:cb:a3: 0d:21:a9:24:ec:71:06:2f:d8:f9:f3:6b:33:77:9d:a2:f5:5e: fe:6c:9d:c0:92:b7:05:e7:6c:56:18:1d:95:fa:59:fe:d1:6b: db:e8:21:51:9f:87:32:c0:39:33:42:23:68:6a:79:22:a3:11: 3c:b5:b3:15:8f:2e:c8:55:df:f3:7e:09:b5:38:a0:3a:58:5b: 19:35:c4:67:47:05:9e:df:4c:cc:6b:df:49:5b:09:d4:7a:73: f0:d2:39:e7:b4:22:26:af:42:ff:77:1a:c6:00:ad:09:87:f6: a7:15:00:69:df:1f:8e:78:82:f7:ab:71:72:88:b5:8f:fc:39: ef:5d:ff:82:f6:bd:f8:a8:cf:bc:08:44:9a:88:29:c0:16:cd: 93:58:a2:77:13:11:05:ec:b7:7f:e3:a5:86:aa:a7:67:2c:b8: da:79:a4:f7:3e:d9:39:dc:4c:bf:a0:74:e7:86:50:17:78:e9: b9:59:f4:fc:a4:12:aa:8e:47:33:6e:29:e3:9c:28:da:fe:16: b0:5e:74:fc:55:a6:61:3a:0c:41:7c:4c:1d:fa:63:98:c9:ec: 21:0a:d0:88:5b:11:e6:c4:1b:fe:b8:0f:5d:30:44:96:c6:4d: 91:fa:7b:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdVCVuBjUkJhTskdOJtlo+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZTk1OTNkMjkwZTAyNTAyNzhhNzNiMzEzNTUwMzI5MzI3 YmQ1ODkwHhcNMjUxMjI3MDEwMjM0WhcNMjUxMjI4MDEwMjM0WjAzMTEwLwYDVQQD EyhjZTI0NTc1MjMxMzNkNjI3ZWRjZmVmNWE5NmJhMDI4YjBiOWY0MGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc25RTLjETEJWFJvk97lCwNTv/uF 6isaA0/6Uoj08I8phD3tcrqOC+7GW+b0pZ/7wMc3VWo3d/7ws7AuCJdhJuiemrfV y//nJmucMkLE9TH3i7Kc9+lKxd5DBptbrHVwo84rYuYEcmQK4zgfTcjTMGin6sV+ Z/63DrmQnLCX7/gCGUYa7XqcxwHwiiT0HdfUejsmjkAps2+7ZeqICAwrGLmt6jx4 07kpY27g4xoZu5pH6KgddjbujD8/w6zYog+6aQEmztIsYKfaOXBPP1nLGxYtnrXp Ux6db0s3+dQS4OzlANiauzow/8em1BhoDdMJLrrI3Szc5NMqbUOc4hNbhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4kV1IxM9Yn7c/vWpa6AosLn0DdMB8GA1UdIwQY MBaAFDvpWT0pDgJQJ4pzsxNVAykye9WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUt NGVhYjA2MGYxNWZhLzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS83NDRhNmUtZjNhMi00MGRkLWEwMmUtNGVhYjA2MGYxNWZh LzEvTy1sWlBTa09BbEFuaW5PekUxVURLVEo3MVlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA720pislk 3LmQ2rZtswO6GMujDSGpJOxxBi/Y+fNrM3edovVe/mydwJK3BedsVhgdlfpZ/tFr 2+ghUZ+HMsA5M0IjaGp5IqMRPLWzFY8uyFXf834JtTigOlhbGTXEZ0cFnt9MzGvf SVsJ1Hpz8NI557QiJq9C/3caxgCtCYf2pxUAad8fjniC96txcoi1j/w5713/gva9 +KjPvAhEmogpwBbNk1iidxMRBey3f+OlhqqnZyy42nmk9z7ZOdxMv6B054ZQF3jp uVn0/KQSqo5HM24p45wo2v4WsF50/FWmYToMQXxMHfpjmMnsIQrQiFsR5sQb/rgP XTBElsZNkfp7sw== -----END CERTIFICATE-----Generated at Sat Dec 27 07:03:32 2025 by rpki-client