This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft File: o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft (raw, json) Hash identifier: ID94n6xRSD7iS02KKOC9nqiZNePswxiXWGXl7oSCIPo= Subject key identifier: 82:5A:C7:E3:A8:CB:9E:67:37:39:18:F8:4A:C7:72:B7:74:07:0C:DD Authority key identifier: A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75 Certificate issuer: /CN=a3688305fed5c99760aec7c894c6ba21e4ead675 Certificate serial: 019B3CEB93A3902D3A949D0BE5C9FDFD1ABE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft Manifest number: 1288 Signing time: Sat 20 Dec 2025 18:00:30 +0000 Manifest this update: Sat 20 Dec 2025 18:00:30 +0000 Manifest next update: Sun 21 Dec 2025 18:00:30 +0000 Files and hashes: 1: 29zZRujAn8DGdUDp5utUkmVO-uo.roa (hash: pdGXIGI1eFN6x7W6e3AuHm1Q9j3iH8yigptYTm3P3QA=) 2: o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl (hash: 9M+QVbdRDM0wWG3U/O6hhPFK3h2zt/nS8+IXdThdHsY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:93:a3:90:2d:3a:94:9d:0b:e5:c9:fd:fd:1a:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3688305fed5c99760aec7c894c6ba21e4ead675 Validity Not Before: Dec 20 18:00:30 2025 GMT Not After : Dec 21 18:00:30 2025 GMT Subject: CN=825ac7e3a8cb9e67373918f84ac772b774070cdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d8:e7:01:bd:f6:b2:61:06:b2:fe:6a:8c:f2: ad:58:cf:6a:8c:42:d6:f5:b5:63:0f:ab:0c:d8:f4: f9:88:c4:4c:c2:70:0c:93:6a:d9:c0:c1:41:7c:b8: 3c:52:19:fc:ba:9e:e6:21:71:64:03:01:28:cd:43: bf:8a:4f:63:e9:6d:db:a7:ce:74:92:fa:59:4e:6c: 5d:3b:1c:da:be:1b:7f:5b:a2:d4:bb:30:15:8c:e3: 9e:9c:04:47:28:15:09:b7:32:e7:55:41:3a:c3:36: 87:61:2f:16:b5:3c:6f:b1:8a:6b:f6:72:ec:c8:f0: 2a:37:25:e7:53:4c:b2:87:ba:06:f3:1a:c2:9c:08: ed:8d:42:14:d9:7c:f7:92:54:c0:1c:c4:21:84:a7: a2:56:52:62:32:e2:68:6d:64:4a:03:37:12:99:c1: 30:fb:9c:d3:d2:7b:75:79:18:0a:5d:17:cc:8c:63: 79:81:a4:c2:8b:c5:13:9d:c1:a4:fd:d5:4c:31:52: 92:ba:28:5d:ae:5a:23:b9:bf:e6:9a:2e:0b:24:1e: 77:5b:7e:c5:70:e3:4b:a1:87:84:f3:75:fe:84:37: db:ab:0f:fc:1b:19:00:ab:a7:91:18:83:e8:8b:f4: be:86:ff:53:7d:f8:f6:aa:35:cb:a6:b0:d7:eb:ac: 8e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:5A:C7:E3:A8:CB:9E:67:37:39:18:F8:4A:C7:72:B7:74:07:0C:DD X509v3 Authority Key Identifier: keyid:A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:1b:c8:50:13:c7:40:31:ba:a8:a8:a8:5d:ff:29:37:99:55: a4:15:f6:b5:f3:4c:65:55:08:49:a4:75:5e:cb:09:13:6b:26: b4:ae:f3:18:70:72:12:2f:18:d3:98:ad:fa:19:46:97:fa:0b: dc:13:14:2e:1e:bb:e8:d2:77:4a:8d:be:a3:8a:bf:75:61:b8: 45:bb:b6:3b:f2:cf:8a:5f:b4:fb:d9:80:96:5c:2a:94:cb:41: dd:5c:88:a0:fe:ec:c0:b4:43:49:82:ce:29:82:cb:b1:a5:a2: 4d:38:18:5f:e1:8e:64:ed:76:93:1f:23:0c:87:54:d9:cf:2c: 17:ae:00:b4:79:6d:b2:86:ba:12:67:bb:5c:28:bb:df:93:de: 88:a8:44:dc:cb:7c:10:0c:d8:f7:92:54:0a:a0:86:4b:79:4a: e2:29:d6:1d:72:2d:13:4c:b1:aa:5b:e0:c5:f9:da:5a:07:47: f2:bf:6c:ff:42:87:8e:cc:dd:5d:14:dc:72:6d:18:4e:6a:e0: f3:14:63:d7:d0:bc:a0:37:7f:4e:cf:30:3f:d3:52:20:59:3b: f3:fc:02:48:d5:c7:2e:6b:15:b0:be:ad:e3:15:4e:ed:87:43: 7d:de:ca:2c:96:9b:93:7b:00:2d:1c:f6:ec:20:17:78:cf:65: 2b:8a:d5:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs865OjkC06lJ0L5cn9/Rq+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjg4MzA1ZmVkNWM5OTc2MGFlYzdjODk0YzZiYTIxZTRl YWQ2NzUwHhcNMjUxMjIwMTgwMDMwWhcNMjUxMjIxMTgwMDMwWjAzMTEwLwYDVQQD Eyg4MjVhYzdlM2E4Y2I5ZTY3MzczOTE4Zjg0YWM3NzJiNzc0MDcwY2RkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdjnAb32smEGsv5qjPKtWM9qjELW 9bVjD6sM2PT5iMRMwnAMk2rZwMFBfLg8Uhn8up7mIXFkAwEozUO/ik9j6W3bp850 kvpZTmxdOxzavht/W6LUuzAVjOOenARHKBUJtzLnVUE6wzaHYS8WtTxvsYpr9nLs yPAqNyXnU0yyh7oG8xrCnAjtjUIU2Xz3klTAHMQhhKeiVlJiMuJobWRKAzcSmcEw +5zT0nt1eRgKXRfMjGN5gaTCi8UTncGk/dVMMVKSuihdrlojub/mmi4LJB53W37F cONLoYeE83X+hDfbqw/8GxkAq6eRGIPoi/S+hv9Tffj2qjXLprDX66yOnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIJax+Ooy55nNzkY+ErHcrd0BwzdMB8GA1UdIwQY MBaAFKNogwX+1cmXYK7HyJTGuiHk6tZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQt ZGVjOTc5NmY2MjIzLzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQtZGVjOTc5NmY2MjIz LzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRvIUBPH QDG6qKioXf8pN5lVpBX2tfNMZVUISaR1XssJE2smtK7zGHByEi8Y05it+hlGl/oL 3BMULh676NJ3So2+o4q/dWG4Rbu2O/LPil+0+9mAllwqlMtB3VyIoP7swLRDSYLO KYLLsaWiTTgYX+GOZO12kx8jDIdU2c8sF64AtHltsoa6Eme7XCi735PeiKhE3Mt8 EAzY95JUCqCGS3lK4inWHXItE0yxqlvgxfnaWgdH8r9s/0KHjszdXRTccm0YTmrg 8xRj19C8oDd/Ts8wP9NSIFk78/wCSNXHLmsVsL6t4xVO7YdDfd7KLJabk3sALRz2 7CAXeM9lK4rVSg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:39:47 2025 by rpki-client