This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json) Hash identifier: lJ/DpQGC5LwlIth0/vjYo9q8MMo1SI4GNrmcbWnejAw= Subject key identifier: 80:15:AB:3C:54:23:89:20:FD:26:E3:A7:70:66:9B:D0:43:32:3A:FC Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Certificate serial: 019B3D23465AE59B938BE3AFE9E2A56555AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft Manifest number: 104C Signing time: Sat 20 Dec 2025 19:01:20 +0000 Manifest this update: Sat 20 Dec 2025 19:01:20 +0000 Manifest next update: Sun 21 Dec 2025 19:01:20 +0000 Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: 3MrDWo/qj67/2C81mltRliKAKTVWeIf89qeek7E1mJE=) 2: T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa (hash: l/FPlArXvYmwy1iwUTLkf9bdXt1EQpVFOKjPM76DwnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:46:5a:e5:9b:93:8b:e3:af:e9:e2:a5:65:55:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Validity Not Before: Dec 20 19:01:20 2025 GMT Not After : Dec 21 19:01:20 2025 GMT Subject: CN=8015ab3c54238920fd26e3a770669bd043323afc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c3:a5:53:86:16:99:60:e2:86:25:c5:e1:64: 57:cc:f2:a9:f1:02:2f:78:8d:b3:0b:5c:48:67:c7: 31:ae:1d:91:f5:1d:e5:86:d2:db:eb:95:ba:52:94: b1:04:2b:38:4a:c9:40:02:9f:de:78:55:28:a1:83: 9e:9e:5f:f9:17:f4:b1:bf:4b:ce:7c:90:89:5c:b9: 34:3f:3b:f7:3e:b5:d3:80:f4:6b:a7:a2:bc:10:45: a4:41:04:2a:49:04:3d:2d:12:4c:43:d6:0f:6c:ef: 45:e8:06:87:c8:67:51:dd:0a:1b:d7:55:fb:ee:4a: ca:5f:84:b0:24:16:d9:3d:42:f3:bb:2e:41:a8:b3: c6:95:02:db:72:09:60:f5:ff:de:c0:4e:4c:b5:8f: b6:3c:7f:76:ad:9d:47:bb:5b:c1:d9:4b:eb:68:fb: 67:d6:c7:3f:ae:7f:e8:94:95:c7:76:1c:53:1c:d8: f3:93:0b:54:44:ca:74:e4:fa:4a:01:c7:20:d0:29: 6e:7a:c6:cc:22:66:31:a6:ae:7d:85:d7:1a:22:27: 17:47:20:75:43:ab:a1:61:c6:8f:61:ed:81:97:8b: 2e:46:27:1b:c7:fc:cd:f0:53:49:f1:25:01:b7:19: 10:4d:12:a5:cd:6a:fc:c5:d9:51:89:59:eb:56:44: 0b:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:15:AB:3C:54:23:89:20:FD:26:E3:A7:70:66:9B:D0:43:32:3A:FC X509v3 Authority Key Identifier: keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:a2:de:60:3c:88:a0:33:3c:c6:1a:95:df:22:36:16:19:3e: aa:14:a6:d7:51:2f:63:ca:4e:c9:d3:31:ad:db:06:5e:b6:3e: fb:0e:83:4f:65:e2:8b:3c:1c:a0:3e:f2:38:80:01:ad:fc:7a: 14:59:b8:8d:f7:69:c0:16:b2:73:bb:18:84:38:b5:cd:35:c3: b5:88:58:60:d3:c8:c7:db:78:31:25:8e:48:42:49:6d:25:56: b8:2f:39:4a:ab:14:c5:30:85:5b:f2:5b:ef:4f:6f:1d:64:21: 5f:6b:db:e1:19:99:32:3d:fe:55:87:fa:67:26:81:87:4f:ac: 5b:c9:92:8f:c4:71:f9:ce:c2:fd:e3:5a:02:bd:06:9b:e2:8e: 8a:c9:29:44:f1:13:b7:a4:88:38:6f:32:7d:ca:d8:cb:31:6b: 4b:6f:7c:b1:17:96:c7:00:6d:55:76:1d:db:74:66:e7:ac:cb: 35:f9:c2:d7:31:e4:ab:ab:94:8b:30:7a:a5:a8:9f:aa:f9:c1: c2:d4:4e:41:47:3c:dd:58:3e:eb:73:91:08:4e:a9:79:b8:35: 38:89:fd:36:7f:5d:aa:e5:e0:42:46:93:d9:67:c3:5c:b1:ee: dc:36:63:9c:9d:65:0f:c8:d1:a9:df:dc:43:53:cd:39:b5:33: 1a:3c:f1:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I0Za5ZuTi+Ov6eKlZVWtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5 OWI1MjkwHhcNMjUxMjIwMTkwMTIwWhcNMjUxMjIxMTkwMTIwWjAzMTEwLwYDVQQD Eyg4MDE1YWIzYzU0MjM4OTIwZmQyNmUzYTc3MDY2OWJkMDQzMzIzYWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8OlU4YWmWDihiXF4WRXzPKp8QIv eI2zC1xIZ8cxrh2R9R3lhtLb65W6UpSxBCs4SslAAp/eeFUooYOenl/5F/Sxv0vO fJCJXLk0Pzv3PrXTgPRrp6K8EEWkQQQqSQQ9LRJMQ9YPbO9F6AaHyGdR3Qob11X7 7krKX4SwJBbZPULzuy5BqLPGlQLbcglg9f/ewE5MtY+2PH92rZ1Hu1vB2UvraPtn 1sc/rn/olJXHdhxTHNjzkwtURMp05PpKAccg0CluesbMImYxpq59hdcaIicXRyB1 Q6uhYcaPYe2Bl4suRicbx/zN8FNJ8SUBtxkQTRKlzWr8xdlRiVnrVkQLxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIAVqzxUI4kg/Sbjp3Bmm9BDMjr8MB8GA1UdIwQY MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqLeYDyI oDM8xhqV3yI2Fhk+qhSm11EvY8pOydMxrdsGXrY++w6DT2XiizwcoD7yOIABrfx6 FFm4jfdpwBayc7sYhDi1zTXDtYhYYNPIx9t4MSWOSEJJbSVWuC85SqsUxTCFW/Jb 709vHWQhX2vb4RmZMj3+VYf6ZyaBh0+sW8mSj8Rx+c7C/eNaAr0Gm+KOiskpRPET t6SIOG8yfcrYyzFrS298sReWxwBtVXYd23Rm56zLNfnC1zHkq6uUizB6paifqvnB wtROQUc83Vg+63ORCE6pebg1OIn9Nn9dquXgQkaT2WfDXLHu3DZjnJ1lD8jRqd/c Q1PNObUzGjzxdg== -----END CERTIFICATE-----Generated at Sun Dec 21 04:24:31 2025 by rpki-client