This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft File: o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft (raw, json) Hash identifier: 0HG8/sQjzm1izjTjCQlML2+lhYn1uKchOyP8+7VMD3A= Subject key identifier: 87:A4:69:0F:72:06:05:13:65:84:D7:1F:13:5E:D1:CE:92:C8:96:86 Authority key identifier: A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75 Certificate issuer: /CN=a3688305fed5c99760aec7c894c6ba21e4ead675 Certificate serial: 019B6956BF581C3655EEAA8B8E8EEE89B7C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft Manifest number: 129F Signing time: Mon 29 Dec 2025 09:00:51 +0000 Manifest this update: Mon 29 Dec 2025 09:00:51 +0000 Manifest next update: Tue 30 Dec 2025 09:00:51 +0000 Files and hashes: 1: 29zZRujAn8DGdUDp5utUkmVO-uo.roa (hash: pdGXIGI1eFN6x7W6e3AuHm1Q9j3iH8yigptYTm3P3QA=) 2: o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl (hash: 5SLsT1YkInAXzagFclHRU1soIXKz1rf3zAc3Fqqzk6A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 09:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:56:bf:58:1c:36:55:ee:aa:8b:8e:8e:ee:89:b7:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3688305fed5c99760aec7c894c6ba21e4ead675 Validity Not Before: Dec 29 09:00:51 2025 GMT Not After : Dec 30 09:00:51 2025 GMT Subject: CN=87a4690f720605136584d71f135ed1ce92c89686 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:81:d1:52:2d:ec:30:fd:02:2d:db:14:94:d9: 6e:62:bd:06:92:9e:7c:78:a0:ea:91:e6:6c:e0:9e: 64:80:6e:37:96:7d:46:49:35:53:f3:b9:54:ee:92: ce:ac:c2:a8:ba:15:ab:69:90:ff:18:07:e6:d8:29: a8:3c:f1:66:5c:5e:d4:41:cd:02:c4:ab:b1:2f:68: a1:4a:52:0c:0b:36:ee:54:45:58:05:5b:3d:d2:37: aa:b4:ec:ac:bd:96:c8:eb:ff:2b:37:d7:99:b2:ef: 6e:fd:66:92:50:53:f9:c8:e1:bb:da:2f:21:b6:0f: f1:76:ad:53:34:e3:5f:58:09:ce:9a:42:7a:cb:06: 53:65:14:86:5d:3d:3a:ef:9f:87:38:fe:4c:88:a4: 29:b8:a3:83:98:0b:5e:80:15:da:47:35:b7:b1:ab: 14:8e:38:1d:4a:fc:f9:e3:64:59:30:77:77:d8:e3: f6:be:0e:74:da:11:b7:9c:7a:69:de:4d:15:69:69: 0b:9b:7b:1b:15:4c:ac:1b:84:0a:7b:6a:cb:26:51: d1:20:d3:26:b7:44:6b:fa:f1:98:13:bb:93:4b:1e: 1c:fb:47:30:99:21:37:61:d9:c2:31:db:11:f4:cf: 73:b2:cc:70:68:8c:53:c4:34:3f:3b:b8:57:92:57: e7:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A4:69:0F:72:06:05:13:65:84:D7:1F:13:5E:D1:CE:92:C8:96:86 X509v3 Authority Key Identifier: keyid:A3:68:83:05:FE:D5:C9:97:60:AE:C7:C8:94:C6:BA:21:E4:EA:D6:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2iDBf7VyZdgrsfIlMa6IeTq1nU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f9e257-0162-4def-96ad-dec9796f6223/1/o2iDBf7VyZdgrsfIlMa6IeTq1nU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:89:39:c1:44:91:5b:a8:23:22:ba:8a:45:9a:9c:0e:b2:e0: ff:2e:1f:23:04:89:ae:c3:cb:34:16:68:9b:75:8d:bb:f9:01: d5:40:19:ac:22:a8:58:7c:c1:95:ba:5c:26:a6:c2:4c:1e:f0: 9d:58:65:f0:bb:cc:aa:ac:c1:2c:4f:d8:64:80:05:2e:2c:61: 4b:71:3f:9f:9e:3e:ec:f6:8d:e3:c0:47:0c:e1:87:9d:cd:0c: af:76:b9:4e:7c:1e:fa:79:d6:e5:61:ea:f4:cf:7e:98:42:41: 15:75:93:9e:7a:37:6b:06:e3:c6:d1:56:7a:e8:87:4d:1e:3a: 23:6c:08:b2:dc:56:10:f0:9b:d2:c5:8d:56:7c:72:cb:6a:5c: f4:80:bf:ac:bd:ad:92:ed:74:11:ec:e9:a5:8f:98:58:13:5c: 0a:9a:99:76:89:d1:f1:4e:3a:40:d8:1a:94:fe:a8:40:d7:53: c2:03:b8:40:49:d7:18:54:ef:12:8b:a3:db:58:aa:ec:e9:ff: 3c:06:2b:26:31:da:39:d4:ed:cc:d3:7d:65:e9:7f:87:30:d4: 4f:2e:0a:ca:3b:07:9b:7d:62:f0:7a:3f:71:d6:8c:65:a8:35: d3:75:10:bb:d1:b7:79:2b:b6:b7:c4:f2:27:50:be:6a:40:e5: d0:d2:e0:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtpVr9YHDZV7qqLjo7uibfJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjg4MzA1ZmVkNWM5OTc2MGFlYzdjODk0YzZiYTIxZTRl YWQ2NzUwHhcNMjUxMjI5MDkwMDUxWhcNMjUxMjMwMDkwMDUxWjAzMTEwLwYDVQQD Eyg4N2E0NjkwZjcyMDYwNTEzNjU4NGQ3MWYxMzVlZDFjZTkyYzg5Njg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIHRUi3sMP0CLdsUlNluYr0Gkp58 eKDqkeZs4J5kgG43ln1GSTVT87lU7pLOrMKouhWraZD/GAfm2CmoPPFmXF7UQc0C xKuxL2ihSlIMCzbuVEVYBVs90jeqtOysvZbI6/8rN9eZsu9u/WaSUFP5yOG72i8h tg/xdq1TNONfWAnOmkJ6ywZTZRSGXT0675+HOP5MiKQpuKODmAtegBXaRzW3sasU jjgdSvz542RZMHd32OP2vg502hG3nHpp3k0VaWkLm3sbFUysG4QKe2rLJlHRINMm t0Rr+vGYE7uTSx4c+0cwmSE3YdnCMdsR9M9zssxwaIxTxDQ/O7hXklfnMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIekaQ9yBgUTZYTXHxNe0c6SyJaGMB8GA1UdIwQY MBaAFKNogwX+1cmXYK7HyJTGuiHk6tZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQt ZGVjOTc5NmY2MjIzLzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9mOWUyNTctMDE2Mi00ZGVmLTk2YWQtZGVjOTc5NmY2MjIz LzEvbzJpREJmN1Z5WmRncnNmSWxNYTZJZVRxMW5VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV4k5wUSR W6gjIrqKRZqcDrLg/y4fIwSJrsPLNBZom3WNu/kB1UAZrCKoWHzBlbpcJqbCTB7w nVhl8LvMqqzBLE/YZIAFLixhS3E/n54+7PaN48BHDOGHnc0Mr3a5Tnwe+nnW5WHq 9M9+mEJBFXWTnno3awbjxtFWeuiHTR46I2wIstxWEPCb0sWNVnxyy2pc9IC/rL2t ku10EezppY+YWBNcCpqZdonR8U46QNgalP6oQNdTwgO4QEnXGFTvEouj21iq7On/ PAYrJjHaOdTtzNN9Zel/hzDUTy4KyjsHm31i8Ho/cdaMZag103UQu9G3eSu2t8Ty J1C+akDl0NLgVA== -----END CERTIFICATE-----Generated at Mon Dec 29 14:40:04 2025 by rpki-client