This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft File: O4_iRlhDAxt3i7jYt701oJT8z0g.mft (raw, json) Hash identifier: zaW53dYNlhnLPow5aoqS+La8H+u8/KhkLsXbqAtFv5o= Subject key identifier: 50:70:AF:8D:70:CC:C7:DB:D3:B8:9D:7B:0B:8F:00:AC:64:05:2F:73 Authority key identifier: 3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48 Certificate issuer: /CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48 Certificate serial: 019B5229F453165FB32F53D76583094141CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft Manifest number: 11FA Signing time: Wed 24 Dec 2025 21:00:39 +0000 Manifest this update: Wed 24 Dec 2025 21:00:39 +0000 Manifest next update: Thu 25 Dec 2025 21:00:39 +0000 Files and hashes: 1: 1-Ls4q-ChZ0ZaOTjP1nQ6tqwVR7w.roa (hash: YXXZf8p+XXstJczN+ymTH8ANFDcZF/VCsvvC/wyu2tg=) 2: 3K66fkLdFIhZuPgVnT8dBkSPcIY.roa (hash: jrto9CYh3lf5yVyFB1TxobdXxUZh+GOGoL+a0rSxI8I=) 3: AF6uSBXXjV8m6D8T1L1tDnPI1pQ.roa (hash: 5ngifaMxS9mhHVtoSr7d4Aq0k4gtgdDqeUt6H7Q6K9U=) 4: GJq6jlu04Rm9wa7Cgp8cTcM0nxA.roa (hash: AENchPK3bfQJEdljclR0ie9L+vwumxV2eeigY07rGKw=) 5: O4_iRlhDAxt3i7jYt701oJT8z0g.crl (hash: h44loburNIupYIZTwZ5FjPE5u17hrW0hcaYjzjKa3oM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:29:f4:53:16:5f:b3:2f:53:d7:65:83:09:41:41:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48 Validity Not Before: Dec 24 21:00:39 2025 GMT Not After : Dec 25 21:00:39 2025 GMT Subject: CN=5070af8d70ccc7dbd3b89d7b0b8f00ac64052f73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:fe:92:64:5a:82:fd:24:3b:cf:9d:aa:01:de: 01:af:10:74:20:2b:c0:21:0e:c3:4d:6b:14:41:79: e5:bc:18:be:f5:ba:2e:6e:df:54:1b:7f:fa:6b:9c: 4b:cb:2a:5d:4e:0d:ef:a1:2f:08:59:ea:6e:f4:45: 16:80:d4:44:fd:44:29:4b:37:aa:27:f4:5e:bb:a1: 0a:81:52:1b:fe:2e:b0:b0:ec:24:a9:6d:7b:c6:94: be:7c:25:28:b9:ff:32:30:75:d4:ee:f6:51:e9:43: 0f:5d:50:ee:40:5c:93:d3:f0:81:b4:f8:cd:a4:d4: e6:25:f8:20:73:af:ca:bb:63:f7:23:9d:30:41:af: b4:87:36:bf:4a:9b:05:41:ac:2d:92:f8:09:db:df: d2:c5:a1:78:32:37:64:71:57:9a:11:a3:35:c9:1b: 8e:24:16:82:72:c5:7c:a0:a9:dc:71:dd:c0:f1:84: 0e:1b:ed:60:19:cd:6c:f7:60:d7:51:74:e8:c1:02: 37:c4:f0:7a:76:e7:4d:83:24:09:4a:02:39:6a:ed: 84:3e:58:89:e3:94:8c:d6:39:69:95:c7:9b:bd:6f: 71:9b:26:f1:29:03:0d:22:81:dd:22:a5:32:fd:ec: f0:92:61:ef:e2:bf:ac:96:04:0f:be:8e:3d:3d:eb: 22:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:70:AF:8D:70:CC:C7:DB:D3:B8:9D:7B:0B:8F:00:AC:64:05:2F:73 X509v3 Authority Key Identifier: keyid:3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:8c:34:a2:70:40:9c:da:9e:c4:00:d8:70:91:79:eb:2e:9d: b6:76:a3:46:a2:b0:0b:f9:f9:91:34:85:6c:9a:ad:47:96:9d: 60:0f:e3:0b:b6:76:64:e4:99:c0:11:b1:ec:53:e0:c1:e2:31: 7c:44:fa:95:64:55:e1:d2:24:21:40:e5:97:b4:59:89:37:34: 47:99:34:05:56:67:d4:b2:11:3e:02:47:86:e8:83:fb:66:36: f4:7f:99:e7:19:81:11:1b:01:66:95:64:0e:38:08:d5:33:c3: ec:1a:2f:56:96:36:f3:16:49:e4:34:88:b2:ec:d2:4a:b1:10: 1d:63:36:17:e2:39:21:d1:64:1a:89:8b:8b:97:b8:62:95:10: a6:4b:f1:e4:67:6e:fd:6b:cb:3a:b5:04:3e:12:39:f9:e3:61: fa:eb:6e:b5:1b:66:41:2f:ce:ca:e1:0a:69:83:e6:d7:72:2a: 32:d5:93:8f:49:7d:2f:11:47:b6:3e:db:76:3b:88:05:c8:c3: 09:21:65:af:a3:f4:2a:f9:fa:c7:e0:6f:7a:7c:b3:50:06:88: da:f5:78:d3:be:67:6c:4d:e4:30:b9:67:0c:2a:01:f6:71:d0: 79:9c:f6:ed:b6:80:a0:ed:be:c5:f6:dd:45:63:d7:f9:b0:5c: 9f:8d:50:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKfRTFl+zL1PXZYMJQUHPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiOGZlMjQ2NTg0MzAzMWI3NzhiYjhkOGI3YmQzNWEwOTRm Y2NmNDgwHhcNMjUxMjI0MjEwMDM5WhcNMjUxMjI1MjEwMDM5WjAzMTEwLwYDVQQD Eyg1MDcwYWY4ZDcwY2NjN2RiZDNiODlkN2IwYjhmMDBhYzY0MDUyZjczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/6SZFqC/SQ7z52qAd4BrxB0ICvA IQ7DTWsUQXnlvBi+9boubt9UG3/6a5xLyypdTg3voS8IWepu9EUWgNRE/UQpSzeq J/Reu6EKgVIb/i6wsOwkqW17xpS+fCUouf8yMHXU7vZR6UMPXVDuQFyT0/CBtPjN pNTmJfggc6/Ku2P3I50wQa+0hza/SpsFQawtkvgJ29/SxaF4MjdkcVeaEaM1yRuO JBaCcsV8oKnccd3A8YQOG+1gGc1s92DXUXTowQI3xPB6dudNgyQJSgI5au2EPliJ 45SM1jlplcebvW9xmybxKQMNIoHdIqUy/ezwkmHv4r+slgQPvo49PesiOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBwr41wzMfb07idewuPAKxkBS9zMB8GA1UdIwQY MBaAFDuP4kZYQwMbd4u42Le9NaCU/M9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2Mt N2MzNTAwNmUwN2ExLzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2MtN2MzNTAwNmUwN2Ex LzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeow0onBA nNqexADYcJF56y6dtnajRqKwC/n5kTSFbJqtR5adYA/jC7Z2ZOSZwBGx7FPgweIx fET6lWRV4dIkIUDll7RZiTc0R5k0BVZn1LIRPgJHhuiD+2Y29H+Z5xmBERsBZpVk DjgI1TPD7BovVpY28xZJ5DSIsuzSSrEQHWM2F+I5IdFkGomLi5e4YpUQpkvx5Gdu /WvLOrUEPhI5+eNh+ututRtmQS/OyuEKaYPm13IqMtWTj0l9LxFHtj7bdjuIBcjD CSFlr6P0Kvn6x+BvenyzUAaI2vV4075nbE3kMLlnDCoB9nHQeZz27baAoO2+xfbd RWPX+bBcn41QBA== -----END CERTIFICATE-----Generated at Thu Dec 25 03:01:40 2025 by rpki-client