This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft File: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json) Hash identifier: DAB/WU/5SXRW+bfprMUnr4d81S2QA/QP5w1SqQhgVpo= Subject key identifier: 6A:98:0F:40:34:21:2A:6C:4F:B2:A7:37:34:76:E0:D6:6D:70:DF:09 Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1 Certificate issuer: /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1 Certificate serial: 019B424AAE86714EC3332A3464CF4AF06878 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft Manifest number: 1105 Signing time: Sun 21 Dec 2025 19:02:29 +0000 Manifest this update: Sun 21 Dec 2025 19:02:29 +0000 Manifest next update: Mon 22 Dec 2025 19:02:29 +0000 Files and hashes: 1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: PBap0dXq9GXioS2gvCujY/BiaXq1rrTVTyu9FkJHCBU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:ae:86:71:4e:c3:33:2a:34:64:cf:4a:f0:68:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1 Validity Not Before: Dec 21 19:02:29 2025 GMT Not After : Dec 22 19:02:29 2025 GMT Subject: CN=6a980f4034212a6c4fb2a7373476e0d66d70df09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b1:cf:4e:0e:b3:23:f8:34:17:c0:70:bd:eb: 8e:57:8c:ae:72:d2:d4:36:88:51:ee:c6:09:a7:95: 94:89:e2:95:06:51:9f:c5:d5:8a:38:14:79:c9:46: 5b:b4:a3:b4:81:77:37:56:df:9a:7a:34:6e:a6:1b: 12:0b:77:7b:e8:13:ec:2a:72:46:7b:d7:2d:e9:9a: 81:b0:b8:60:93:78:c5:a5:c1:55:b3:d6:b4:66:35: d6:0c:b9:bb:aa:73:68:46:84:2f:68:27:d8:a5:11: 29:20:32:2c:f6:4c:f5:3b:f3:48:75:63:bb:4a:6b: 39:6a:60:70:4c:bf:38:c6:75:59:5a:b7:9d:50:67: 74:b9:af:10:2e:19:89:af:bc:bf:2d:98:e3:f6:d0: de:4f:24:ce:1b:08:f0:47:e8:8c:58:3b:4e:3c:90: 9d:6e:76:15:cc:0c:21:3f:65:01:57:dc:f2:84:94: f4:b1:96:c6:c1:66:0b:4a:d3:e4:35:88:6d:f2:e7: 81:7d:5f:36:4d:05:5d:b6:d2:54:90:bf:25:c0:36: 12:26:5d:5a:bc:50:1a:60:1d:8d:b9:39:64:8f:62: 11:2d:06:7d:b9:15:18:bc:a1:97:75:05:99:37:54: db:b9:d3:ae:0b:e3:41:8a:79:e6:d9:07:3a:b2:09: 01:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:98:0F:40:34:21:2A:6C:4F:B2:A7:37:34:76:E0:D6:6D:70:DF:09 X509v3 Authority Key Identifier: keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:be:59:1d:52:72:4b:5c:36:27:02:73:eb:30:fd:c9:25:4c: 83:9d:78:28:6a:39:c2:2f:3e:55:be:8a:e5:a0:d9:6f:06:1b: ae:e6:0d:85:c4:63:12:8a:3f:0d:eb:64:b0:8c:48:34:43:01: c7:7a:84:a1:b3:10:78:2f:44:e8:cf:91:b6:ac:72:c4:f6:54: 3d:a1:35:f1:b4:e7:75:7a:69:92:fc:88:74:b3:f9:cc:29:75: b7:2f:99:bc:54:b6:2b:33:96:a8:96:28:8e:03:d7:19:c6:40: a8:04:84:7f:6e:0c:f9:8b:be:44:93:cb:9e:9e:41:2b:ba:91: 8c:0f:8a:10:45:65:b0:85:c3:74:7a:9a:cf:58:f5:bb:1c:a0: 18:23:58:da:68:fc:a4:5b:2d:31:fa:46:36:6d:78:36:50:fa: 00:88:d2:b6:cc:17:4c:b1:2e:ef:45:4f:9e:aa:b0:ab:fc:4a: 64:af:4f:4f:d0:93:26:af:e6:ba:62:42:ec:2f:1c:f7:34:39: 66:9d:08:8e:3e:62:6d:e8:18:11:af:c3:25:4d:fe:ae:6d:6f: b6:77:a0:c7:45:f6:6b:3f:4b:c6:15:08:78:4f:aa:d2:7e:77: a0:e1:8f:89:e4:25:99:b5:b6:e8:36:4f:da:43:1a:d7:a8:40: fc:b1:d6:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSq6GcU7DMyo0ZM9K8Gh4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm YjIxZDEwHhcNMjUxMjIxMTkwMjI5WhcNMjUxMjIyMTkwMjI5WjAzMTEwLwYDVQQD Eyg2YTk4MGY0MDM0MjEyYTZjNGZiMmE3MzczNDc2ZTBkNjZkNzBkZjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbHPTg6zI/g0F8BwveuOV4yuctLU NohR7sYJp5WUieKVBlGfxdWKOBR5yUZbtKO0gXc3Vt+aejRuphsSC3d76BPsKnJG e9ct6ZqBsLhgk3jFpcFVs9a0ZjXWDLm7qnNoRoQvaCfYpREpIDIs9kz1O/NIdWO7 Sms5amBwTL84xnVZWredUGd0ua8QLhmJr7y/LZjj9tDeTyTOGwjwR+iMWDtOPJCd bnYVzAwhP2UBV9zyhJT0sZbGwWYLStPkNYht8ueBfV82TQVdttJUkL8lwDYSJl1a vFAaYB2NuTlkj2IRLQZ9uRUYvKGXdQWZN1TbudOuC+NBinnm2Qc6sgkBYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGqYD0A0ISpsT7KnNzR24NZtcN8JMB8GA1UdIwQY MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0 LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO75ZHVJy S1w2JwJz6zD9ySVMg514KGo5wi8+Vb6K5aDZbwYbruYNhcRjEoo/DetksIxINEMB x3qEobMQeC9E6M+RtqxyxPZUPaE18bTndXppkvyIdLP5zCl1ty+ZvFS2KzOWqJYo jgPXGcZAqASEf24M+Yu+RJPLnp5BK7qRjA+KEEVlsIXDdHqaz1j1uxygGCNY2mj8 pFstMfpGNm14NlD6AIjStswXTLEu70VPnqqwq/xKZK9PT9CTJq/mumJC7C8c9zQ5 Zp0Ijj5ibegYEa/DJU3+rm1vtnegx0X2az9LxhUIeE+q0n53oOGPieQlmbW26DZP 2kMa16hA/LHW3w== -----END CERTIFICATE-----Generated at Sun Dec 21 22:27:40 2025 by rpki-client