This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft File: OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json) Hash identifier: 2xwRkJIKJHLYljSUuswfvvmmA+WzsuhxTLGN1efrc0o= Subject key identifier: 14:27:6A:AE:82:1D:4E:1A:B5:28:B5:DE:80:19:7E:2A:D2:D2:BE:18 Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D Certificate issuer: /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d Certificate serial: 019B42EE32232B44465F6E8FA28BA1AB5D03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft Manifest number: 1788 Signing time: Sun 21 Dec 2025 22:01:05 +0000 Manifest this update: Sun 21 Dec 2025 22:01:05 +0000 Manifest next update: Mon 22 Dec 2025 22:01:05 +0000 Files and hashes: 1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: GR6zJ1oFKwpfymvda7e0O5V2o4TI1IStB+RT9S+WrN8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:32:23:2b:44:46:5f:6e:8f:a2:8b:a1:ab:5d:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d Validity Not Before: Dec 21 22:01:05 2025 GMT Not After : Dec 22 22:01:05 2025 GMT Subject: CN=14276aae821d4e1ab528b5de80197e2ad2d2be18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3d:6e:dc:c4:4a:dd:43:b0:6a:84:a5:5a:94: 60:e8:92:75:c6:3a:e4:e3:02:4c:03:4e:32:1b:62: e9:94:b1:94:c6:f8:e3:44:a2:62:5c:38:f7:58:2b: 94:03:78:54:32:d3:e2:71:57:ff:f0:75:57:4c:1a: 81:6c:b9:ba:f9:9c:04:ba:8e:26:a6:5f:dc:e9:6d: 6c:57:13:2e:3a:e4:8f:e2:c2:f7:5c:21:a9:2c:16: 6f:ca:97:e1:d5:db:a9:81:84:a0:d5:e4:21:5c:49: 07:68:db:4a:84:f6:9d:fb:06:43:1c:f9:74:48:52: 54:e2:51:32:0f:3d:15:30:83:2b:b8:63:dd:bd:d0: fb:0c:46:39:b7:6c:a1:7f:32:74:26:2c:1a:bb:92: 63:3a:17:b1:04:ec:3b:2f:5a:04:65:de:e8:37:3b: 12:a9:52:d6:1d:42:e4:ad:2a:70:73:23:c1:1d:bb: 6b:a6:7c:17:6c:8c:6c:1a:fb:f1:35:87:ae:1c:26: 6a:1a:65:a2:77:b4:0f:9b:07:6c:5f:f4:11:bb:0b: d9:25:16:4b:8e:b7:d1:d6:fa:2d:02:18:65:c5:c1: b0:eb:dc:6d:de:34:c7:a7:1f:fe:da:b4:9f:ad:3d: 97:79:db:0b:45:96:3b:93:5e:9d:9d:25:a7:7c:62: a3:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:27:6A:AE:82:1D:4E:1A:B5:28:B5:DE:80:19:7E:2A:D2:D2:BE:18 X509v3 Authority Key Identifier: keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:e0:1d:a3:28:ed:93:82:cd:a4:39:4e:a2:1d:c5:e1:c9:9e: e7:63:b3:f8:b1:47:8c:35:f2:f8:04:aa:29:be:cb:db:bf:2b: 75:5a:b6:8f:08:e2:04:86:08:2a:30:ad:90:47:f9:38:03:83: 02:d8:0b:f8:73:e8:2e:29:51:5e:cb:6c:3d:bb:22:b1:53:12: 01:01:57:52:81:39:a8:3c:1e:cd:b7:74:e2:ad:c2:a3:4a:1c: 08:1a:35:36:ae:e3:3f:c4:dd:a0:24:fc:56:d5:b7:90:7e:a1: 27:02:40:1a:b2:9e:6d:28:3f:d5:57:e5:d5:de:c1:03:fe:d1: 2d:36:c9:e4:b7:7c:90:43:3e:6d:3e:e6:7d:a4:26:95:ba:e7: b9:99:8c:06:60:fc:5a:b1:c1:32:22:25:22:5c:61:81:65:a4: ed:f7:78:e0:f5:ee:e1:07:aa:79:79:3e:26:82:9c:d6:8f:98: 79:02:9d:fb:fd:61:12:f9:b4:2f:20:88:fd:f3:82:7f:83:05: d3:ee:08:a0:d2:11:a2:21:53:74:8e:4f:3e:7a:49:31:94:40: 0c:fd:5f:e9:86:3a:9b:40:e8:14:98:e7:26:69:f0:78:1c:ac: 93:54:1d:8d:71:bf:f2:2f:be:c2:bc:33:f3:a8:c6:8a:e0:63: 04:72:b5:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7jIjK0RGX26Poouhq10DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4 OWJmOWQwHhcNMjUxMjIxMjIwMTA1WhcNMjUxMjIyMjIwMTA1WjAzMTEwLwYDVQQD EygxNDI3NmFhZTgyMWQ0ZTFhYjUyOGI1ZGU4MDE5N2UyYWQyZDJiZTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT1u3MRK3UOwaoSlWpRg6JJ1xjrk 4wJMA04yG2LplLGUxvjjRKJiXDj3WCuUA3hUMtPicVf/8HVXTBqBbLm6+ZwEuo4m pl/c6W1sVxMuOuSP4sL3XCGpLBZvypfh1dupgYSg1eQhXEkHaNtKhPad+wZDHPl0 SFJU4lEyDz0VMIMruGPdvdD7DEY5t2yhfzJ0Jiwau5JjOhexBOw7L1oEZd7oNzsS qVLWHULkrSpwcyPBHbtrpnwXbIxsGvvxNYeuHCZqGmWid7QPmwdsX/QRuwvZJRZL jrfR1votAhhlxcGw69xt3jTHpx/+2rSfrT2XedsLRZY7k16dnSWnfGKjLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBQnaq6CHU4atSi13oAZfirS0r4YMB8GA1UdIwQY MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+Adoyjt k4LNpDlOoh3F4cme52Oz+LFHjDXy+ASqKb7L278rdVq2jwjiBIYIKjCtkEf5OAOD AtgL+HPoLilRXstsPbsisVMSAQFXUoE5qDwezbd04q3Co0ocCBo1Nq7jP8TdoCT8 VtW3kH6hJwJAGrKebSg/1Vfl1d7BA/7RLTbJ5Ld8kEM+bT7mfaQmlbrnuZmMBmD8 WrHBMiIlIlxhgWWk7fd44PXu4QeqeXk+JoKc1o+YeQKd+/1hEvm0LyCI/fOCf4MF 0+4IoNIRoiFTdI5PPnpJMZRADP1f6YY6m0DoFJjnJmnweBysk1QdjXG/8i++wrwz 86jGiuBjBHK13A== -----END CERTIFICATE-----Generated at Mon Dec 22 01:41:57 2025 by rpki-client