This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft File: OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json) Hash identifier: 2wrZsyM19JGUoqRV+YLgE7VMHuE9AjUbctp6uew77zI= Subject key identifier: 4F:14:23:33:C7:9C:52:BB:56:56:D1:75:13:9E:62:7F:3C:E0:58:54 Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B Certificate issuer: /CN=382ad906d719a66a85a313d105294002cb657f7b Certificate serial: 019B548674D2E48D45CA0EAA4D26271D8671 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft Manifest number: 0375 Signing time: Thu 25 Dec 2025 08:00:56 +0000 Manifest this update: Thu 25 Dec 2025 08:00:56 +0000 Manifest next update: Fri 26 Dec 2025 08:00:56 +0000 Files and hashes: 1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: O/qQqgJ1V/QlKIdWFSiJJ4v+tj9cr5iRrZsYLnl64Ps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 08:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:86:74:d2:e4:8d:45:ca:0e:aa:4d:26:27:1d:86:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b Validity Not Before: Dec 25 08:00:56 2025 GMT Not After : Dec 26 08:00:56 2025 GMT Subject: CN=4f142333c79c52bb5656d175139e627f3ce05854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5b:e5:c7:dc:66:42:44:ea:f5:d6:a6:34:2a: 87:38:4f:01:4e:92:f4:55:44:15:89:60:77:4a:84: b3:98:12:ea:ea:30:72:76:ba:88:52:13:4e:e1:a8: 26:33:d6:d9:58:0b:30:6c:ea:fa:72:d6:38:28:b7: 47:ce:5a:67:3d:cc:bc:14:b6:d7:1e:ed:4c:35:50: 6e:53:44:1f:cb:e8:c1:59:3b:36:fd:59:a6:68:6e: 31:c3:ce:ec:dc:b8:08:16:d5:b5:64:99:4f:cd:85: c9:f7:7b:d3:43:3d:6a:48:a8:1d:01:30:7c:75:5a: 46:ad:05:02:02:f5:13:39:8e:e9:2c:0c:af:c4:7e: 73:b0:a3:c4:3c:b2:84:48:cc:be:6c:0c:f8:e3:01: b7:a2:71:bc:c4:77:04:18:ce:0c:ed:6e:a6:51:7f: 49:6f:c3:c8:19:f5:a5:ef:1d:9d:3f:7a:d9:1a:59: 0e:60:c9:9a:ab:13:f2:bb:38:c6:ab:c8:e2:c0:9e: 44:a4:05:c8:e6:a0:50:c3:b7:51:a4:15:e1:e5:cc: 32:fc:03:f5:9b:2f:51:16:fb:9f:16:3b:40:e4:62: f7:c3:8c:19:28:f9:c0:7d:c2:44:29:e1:a2:cf:6c: 09:19:fc:f4:97:0b:c1:88:57:38:3c:3d:e7:5f:27: 32:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:14:23:33:C7:9C:52:BB:56:56:D1:75:13:9E:62:7F:3C:E0:58:54 X509v3 Authority Key Identifier: keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:9c:44:c3:44:f5:a1:80:98:2b:e2:1f:93:9b:89:04:d8:bc: 89:4d:b3:c8:e7:52:41:b1:51:2d:40:00:b0:d5:58:04:78:5c: 2d:c4:1b:36:5c:16:03:20:cc:8d:d8:6d:da:b5:28:33:c2:90: cb:7a:49:5c:ef:ea:6c:09:ed:cc:ca:2d:0f:7c:0d:e8:23:b5: b6:92:1b:22:18:21:f1:0c:ea:07:3f:c9:fe:53:c1:c9:af:21: 7c:fb:bd:b4:68:37:95:d3:b7:f9:aa:24:2d:fe:dc:18:25:f9: 0f:1d:b0:fc:63:40:3b:2f:73:7e:49:aa:4b:7e:3b:ce:1d:6a: 36:83:b8:1d:e3:da:1e:6d:35:51:f2:75:dc:ce:98:40:5b:c5: bb:62:e0:a0:fc:cc:bf:ad:77:11:60:e6:44:94:f4:66:b5:3f: c6:b6:95:77:1e:f9:0b:f7:04:4c:81:67:3b:31:bd:1f:e5:af: 7c:14:b6:4d:4c:6e:8e:d7:44:cf:32:db:49:df:38:07:94:aa: c2:81:9d:20:ca:26:66:6d:e5:10:71:02:a3:9a:76:98:ec:77: be:33:c7:e9:58:81:5b:fd:bc:41:89:02:73:1a:41:a6:5e:67: e6:fa:f4:b1:86:f1:bb:e4:e1:0f:44:f5:bc:c4:92:16:c6:dc: 1b:c6:1a:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUhnTS5I1Fyg6qTSYnHYZxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2 NTdmN2IwHhcNMjUxMjI1MDgwMDU2WhcNMjUxMjI2MDgwMDU2WjAzMTEwLwYDVQQD Eyg0ZjE0MjMzM2M3OWM1MmJiNTY1NmQxNzUxMzllNjI3ZjNjZTA1ODU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFvlx9xmQkTq9damNCqHOE8BTpL0 VUQViWB3SoSzmBLq6jBydrqIUhNO4agmM9bZWAswbOr6ctY4KLdHzlpnPcy8FLbX Hu1MNVBuU0Qfy+jBWTs2/VmmaG4xw87s3LgIFtW1ZJlPzYXJ93vTQz1qSKgdATB8 dVpGrQUCAvUTOY7pLAyvxH5zsKPEPLKESMy+bAz44wG3onG8xHcEGM4M7W6mUX9J b8PIGfWl7x2dP3rZGlkOYMmaqxPyuzjGq8jiwJ5EpAXI5qBQw7dRpBXh5cwy/AP1 my9RFvufFjtA5GL3w4wZKPnAfcJEKeGiz2wJGfz0lwvBiFc4PD3nXycyAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE8UIzPHnFK7VlbRdROeYn884FhUMB8GA1UdIwQY MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpxEw0T1 oYCYK+Ifk5uJBNi8iU2zyOdSQbFRLUAAsNVYBHhcLcQbNlwWAyDMjdht2rUoM8KQ y3pJXO/qbAntzMotD3wN6CO1tpIbIhgh8QzqBz/J/lPBya8hfPu9tGg3ldO3+aok Lf7cGCX5Dx2w/GNAOy9zfkmqS347zh1qNoO4HePaHm01UfJ13M6YQFvFu2LgoPzM v613EWDmRJT0ZrU/xraVdx75C/cETIFnOzG9H+WvfBS2TUxujtdEzzLbSd84B5Sq woGdIMomZm3lEHECo5p2mOx3vjPH6ViBW/28QYkCcxpBpl5n5vr0sYbxu+ThD0T1 vMSSFsbcG8YaZg== -----END CERTIFICATE-----Generated at Thu Dec 25 14:16:14 2025 by rpki-client