This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json) Hash identifier: 2G0mT5dFBnVpPU9EomRek1c/W5Ng7Vqz0nfZoMAbhpE= Subject key identifier: 51:F5:89:DD:EF:94:D0:73:C9:FA:71:0A:DA:CD:83:9F:32:87:90:4A Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Certificate serial: 019B4E847A46511C3468B1552ACC804A43B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft Manifest number: 1055 Signing time: Wed 24 Dec 2025 04:01:03 +0000 Manifest this update: Wed 24 Dec 2025 04:01:03 +0000 Manifest next update: Thu 25 Dec 2025 04:01:03 +0000 Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: Y+DEoYTWFIXEw+oKWFmDy+/Wq8ongx3+plkc4LWFsVA=) 2: T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa (hash: l/FPlArXvYmwy1iwUTLkf9bdXt1EQpVFOKjPM76DwnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 04:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:84:7a:46:51:1c:34:68:b1:55:2a:cc:80:4a:43:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Validity Not Before: Dec 24 04:01:03 2025 GMT Not After : Dec 25 04:01:03 2025 GMT Subject: CN=51f589ddef94d073c9fa710adacd839f3287904a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bb:9b:3d:a1:3c:08:55:21:15:c3:10:a3:e5: 08:42:50:2e:ed:f8:db:cf:d1:05:fb:c6:e5:5f:e9: cc:d4:ed:45:ba:04:c9:e5:3b:4d:2a:46:bf:5c:dc: cf:32:f0:9e:d8:9b:fa:d9:1f:c7:7a:52:dc:f4:10: 24:7f:eb:41:f4:01:79:8c:ca:a5:55:1b:a3:8e:9f: 25:12:fa:c6:45:3c:d1:43:6a:1d:10:f5:f3:52:1c: c3:64:42:10:d3:89:28:22:6d:00:49:48:0a:cf:b8: c5:9f:17:b3:fa:9b:21:e5:ca:6b:6a:9f:78:65:5c: 84:c6:d6:13:dd:53:97:88:d7:82:46:fe:15:55:77: ad:f4:08:da:eb:2b:10:ff:87:9e:fa:7b:a7:a3:92: 62:c6:1c:e4:2c:6a:32:08:24:de:5d:b3:ac:68:01: 5a:22:bb:98:86:0d:dc:ff:22:09:df:c7:38:30:cb: cc:fb:95:53:61:89:1a:8c:3b:79:ca:35:5d:d8:37: 49:b7:8e:bc:ee:c0:76:aa:84:4a:ae:1c:aa:8e:32: 48:cf:7b:de:87:01:b9:20:ce:b4:d5:cd:6d:85:bc: 80:9e:ce:59:fa:95:1b:5f:bb:1c:47:ff:b6:37:0b: ed:f1:4f:1b:13:cb:64:c0:1c:46:47:5f:66:09:f6: 48:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:F5:89:DD:EF:94:D0:73:C9:FA:71:0A:DA:CD:83:9F:32:87:90:4A X509v3 Authority Key Identifier: keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:71:a9:c4:a7:e6:fe:db:5d:c0:49:c7:b3:f0:1e:c4:2b:04: 16:a9:8b:c4:da:0c:31:4a:5e:8a:26:3b:a3:5e:dc:44:d6:15: b4:54:b5:42:15:97:9c:cb:ec:40:2d:84:50:2f:27:d3:17:4f: a8:2f:2e:bc:0f:d5:88:78:c4:a8:fd:5d:9d:a4:a6:b4:1e:dd: a9:e3:b0:d9:8f:47:11:3e:56:7b:2a:e3:64:91:a6:c4:11:6f: 58:e2:1d:f2:58:7d:5e:94:ff:30:20:ed:5a:30:18:4c:ba:c7: 8b:b0:44:e8:11:03:2b:5c:15:b5:31:cb:7b:0c:11:d4:8d:a4: 43:22:ae:f6:fe:ab:b4:a4:5b:05:ee:bc:3b:39:88:08:a6:e5: ef:58:0e:cc:82:1a:16:83:a3:18:6e:99:f6:fa:ad:27:f5:ea: ea:45:b7:d1:76:e7:67:7b:0e:42:a0:08:9c:f5:cd:55:1d:cf: dc:d9:8b:4e:cd:a1:b9:c4:b6:32:d0:11:ca:a9:03:d3:d8:4a: 74:cc:54:f5:b3:aa:a3:f4:2d:6d:1c:5f:79:e5:1e:d4:b7:dd: 65:9c:d3:58:5e:73:7a:63:18:55:1d:d9:85:5b:04:bc:18:84: f2:81:66:82:e7:07:ec:bf:00:86:ff:3a:3e:32:50:c9:bf:92: 4a:97:0b:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOhHpGURw0aLFVKsyASkOwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5 OWI1MjkwHhcNMjUxMjI0MDQwMTAzWhcNMjUxMjI1MDQwMTAzWjAzMTEwLwYDVQQD Eyg1MWY1ODlkZGVmOTRkMDczYzlmYTcxMGFkYWNkODM5ZjMyODc5MDRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7ubPaE8CFUhFcMQo+UIQlAu7fjb z9EF+8blX+nM1O1FugTJ5TtNKka/XNzPMvCe2Jv62R/HelLc9BAkf+tB9AF5jMql VRujjp8lEvrGRTzRQ2odEPXzUhzDZEIQ04koIm0ASUgKz7jFnxez+psh5cprap94 ZVyExtYT3VOXiNeCRv4VVXet9Aja6ysQ/4ee+nuno5JixhzkLGoyCCTeXbOsaAFa IruYhg3c/yIJ38c4MMvM+5VTYYkajDt5yjVd2DdJt4687sB2qoRKrhyqjjJIz3ve hwG5IM601c1thbyAns5Z+pUbX7scR/+2Nwvt8U8bE8tkwBxGR19mCfZIvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFH1id3vlNBzyfpxCtrNg58yh5BKMB8GA1UdIwQY MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV3GpxKfm /ttdwEnHs/AexCsEFqmLxNoMMUpeiiY7o17cRNYVtFS1QhWXnMvsQC2EUC8n0xdP qC8uvA/ViHjEqP1dnaSmtB7dqeOw2Y9HET5WeyrjZJGmxBFvWOId8lh9XpT/MCDt WjAYTLrHi7BE6BEDK1wVtTHLewwR1I2kQyKu9v6rtKRbBe68OzmICKbl71gOzIIa FoOjGG6Z9vqtJ/Xq6kW30XbnZ3sOQqAInPXNVR3P3NmLTs2hucS2MtARyqkD09hK dMxU9bOqo/QtbRxfeeUe1LfdZZzTWF5zemMYVR3ZhVsEvBiE8oFmgucH7L8Ahv86 PjJQyb+SSpcLcw== -----END CERTIFICATE-----Generated at Wed Dec 24 11:26:06 2025 by rpki-client