This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft File: ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json) Hash identifier: cr10kVOOcRLtm7La+L3YHSmfMUUyLxyq1RKk41CaJ30= Subject key identifier: 04:A3:CB:B1:C5:4A:D1:D7:F1:FA:CC:DC:57:91:53:6E:A2:33:EF:DD Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C Certificate issuer: /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Certificate serial: 019B3BA28987F3088F84C923458692D7AA95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft Manifest number: 05BA Signing time: Sat 20 Dec 2025 12:01:06 +0000 Manifest this update: Sat 20 Dec 2025 12:01:06 +0000 Manifest next update: Sun 21 Dec 2025 12:01:06 +0000 Files and hashes: 1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: oR3JSANQ0JUNUYLekEOD+11tkVdRdqrIOrxmxkB+CPk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 12:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:89:87:f3:08:8f:84:c9:23:45:86:92:d7:aa:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Validity Not Before: Dec 20 12:01:06 2025 GMT Not After : Dec 21 12:01:06 2025 GMT Subject: CN=04a3cbb1c54ad1d7f1faccdc5791536ea233efdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:bd:0c:98:1d:8b:77:6f:b9:d1:f6:ca:21:de: d2:89:ca:a6:68:8f:a8:57:89:f7:a7:50:c4:05:48: c8:29:86:11:a0:cc:57:e1:d7:f1:66:88:9a:25:b6: 61:46:ff:93:a4:8d:a9:1d:83:c7:a9:ab:10:39:89: 5f:64:e0:6a:c2:3f:f7:da:84:77:4c:67:4a:da:12: 8a:e3:a3:1e:75:14:10:06:18:05:5c:7d:61:a7:6a: 06:fa:27:dc:bf:ee:8d:a4:d5:87:2d:5a:e4:f7:e2: 9e:ed:02:26:9c:9d:b5:52:55:bf:26:48:f1:6d:22: 21:0f:79:16:7a:1c:05:a5:45:bc:f0:e0:a5:11:62: 8d:c2:e3:1a:e5:db:cd:37:1a:59:b7:bf:90:fe:99: 79:8d:d1:6d:66:3b:f7:e2:da:cd:e2:0a:41:3f:64: 4c:82:f7:11:29:1f:8d:76:b3:8c:89:25:d7:8b:9e: 1a:4c:64:89:b5:a3:7d:d3:0e:78:ff:75:e2:ef:9b: ec:60:0e:49:4f:0e:f1:3b:45:86:d9:b5:9f:f7:11: 0d:ff:70:6d:3e:8a:24:f1:04:a9:48:2e:b0:41:d9: 28:37:5c:61:7e:65:c0:d7:7e:df:20:6d:f0:80:aa: c8:ae:e4:5c:6f:0b:87:43:c9:22:1e:b6:5e:e6:58: bb:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A3:CB:B1:C5:4A:D1:D7:F1:FA:CC:DC:57:91:53:6E:A2:33:EF:DD X509v3 Authority Key Identifier: keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:2e:32:af:9e:2c:f2:5d:87:3e:94:0b:9f:53:00:89:34:c9: 9a:26:19:ce:cb:4d:b5:43:51:fb:ac:70:e9:3e:87:ba:36:60: 5d:49:34:ce:33:57:d7:75:7a:62:2f:ed:7f:75:6a:3e:80:53: 86:bb:7d:89:5a:64:00:98:fb:ad:3b:33:1d:bf:7c:21:54:36: 75:89:15:99:26:a6:47:36:c8:6c:17:6f:06:9e:ea:ce:5b:66: fe:68:2b:31:3a:2d:5f:ba:82:3c:4e:be:fc:87:8c:62:7e:97: a9:cf:82:f2:5b:ea:f3:77:d4:84:3f:a9:07:28:93:fe:7f:ba: 98:4d:9d:b3:bc:8e:f1:96:8c:16:be:e8:53:9f:76:20:3d:2b: 4b:5b:d7:55:aa:02:f2:a1:64:27:89:59:12:b7:e0:86:ef:4a: 52:24:f7:fd:82:06:8c:c9:a4:a2:ff:bf:2b:47:64:e3:f6:7f: f5:ab:60:e6:07:a0:e1:f0:f6:60:40:24:71:24:bb:21:b5:05: 62:c6:bf:bb:f1:ed:16:ba:18:84:60:3e:c1:8c:da:a9:3b:19: 26:a2:6d:02:e1:90:40:5c:20:76:d7:76:4d:69:a0:37:ac:76: bb:21:3c:72:5b:5e:68:dd:78:cd:1c:f2:ad:4a:b4:e0:07:ed: ac:9a:28:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7oomH8wiPhMkjRYaS16qVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm ZjUwOWMwHhcNMjUxMjIwMTIwMTA2WhcNMjUxMjIxMTIwMTA2WjAzMTEwLwYDVQQD EygwNGEzY2JiMWM1NGFkMWQ3ZjFmYWNjZGM1NzkxNTM2ZWEyMzNlZmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb0MmB2Ld2+50fbKId7SicqmaI+o V4n3p1DEBUjIKYYRoMxX4dfxZoiaJbZhRv+TpI2pHYPHqasQOYlfZOBqwj/32oR3 TGdK2hKK46MedRQQBhgFXH1hp2oG+ifcv+6NpNWHLVrk9+Ke7QImnJ21UlW/Jkjx bSIhD3kWehwFpUW88OClEWKNwuMa5dvNNxpZt7+Q/pl5jdFtZjv34trN4gpBP2RM gvcRKR+NdrOMiSXXi54aTGSJtaN90w54/3Xi75vsYA5JTw7xO0WG2bWf9xEN/3Bt Pook8QSpSC6wQdkoN1xhfmXA137fIG3wgKrIruRcbwuHQ8kiHrZe5li7/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFASjy7HFStHX8frM3FeRU26iM+/dMB8GA1UdIwQY MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIy4yr54s 8l2HPpQLn1MAiTTJmiYZzstNtUNR+6xw6T6HujZgXUk0zjNX13V6Yi/tf3VqPoBT hrt9iVpkAJj7rTszHb98IVQ2dYkVmSamRzbIbBdvBp7qzltm/mgrMTotX7qCPE6+ /IeMYn6Xqc+C8lvq83fUhD+pByiT/n+6mE2ds7yO8ZaMFr7oU592ID0rS1vXVaoC 8qFkJ4lZErfghu9KUiT3/YIGjMmkov+/K0dk4/Z/9atg5geg4fD2YEAkcSS7IbUF Ysa/u/HtFroYhGA+wYzaqTsZJqJtAuGQQFwgdtd2TWmgN6x2uyE8clteaN14zRzy rUq04AftrJooCQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:02:35 2025 by rpki-client