This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft File: OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft (raw, json) Hash identifier: vXlGepD1qO9qznmaEBh/+udrR76Joz/v6uP7rcLhhVA= Subject key identifier: AE:F3:C3:01:BD:22:32:66:E0:7D:B4:33:37:2A:AB:F8:8B:92:DA:62 Authority key identifier: 38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82 Certificate issuer: /CN=389755423f832a528c93136110f0fe4b10453582 Certificate serial: 019B4438F43182873B77E77EFCE8B294177F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft Manifest number: 0E22 Signing time: Mon 22 Dec 2025 04:02:21 +0000 Manifest this update: Mon 22 Dec 2025 04:02:21 +0000 Manifest next update: Tue 23 Dec 2025 04:02:21 +0000 Files and hashes: 1: Gn-kDrXRDHHv43q56kRDHjj8q1w.roa (hash: Tu0d5Ny8jllovtj2b3OGyqwDSE7dzSUuYk4aE5120L8=) 2: OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl (hash: Aini3nf8yJCh1uObV9T9CqmesIxAhysISuS0Itu1EMI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:f4:31:82:87:3b:77:e7:7e:fc:e8:b2:94:17:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=389755423f832a528c93136110f0fe4b10453582 Validity Not Before: Dec 22 04:02:21 2025 GMT Not After : Dec 23 04:02:21 2025 GMT Subject: CN=aef3c301bd223266e07db433372aabf88b92da62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:03:1e:d3:ca:b0:98:e3:d8:93:6f:34:5d:60: 9c:84:2a:3e:85:60:66:d6:bc:ad:69:6b:d8:e4:69: 55:d1:23:0b:35:2c:cd:17:44:9c:bd:b0:96:5d:b4: a8:a0:2a:ac:50:aa:81:59:af:57:17:b8:ca:90:25: 54:1d:a7:cf:f7:58:a3:d4:ab:d2:23:4f:fc:bb:c8: fb:ce:8f:66:a3:10:49:09:c4:cc:b3:19:39:42:9b: 20:47:83:e7:b7:98:15:3d:44:7e:74:45:70:e8:0f: d4:ff:9f:56:50:3f:58:16:05:d0:17:27:26:9f:a4: 50:b7:74:79:03:e6:12:95:57:82:1d:bd:a9:03:08: 3f:0b:58:4a:03:e8:f2:e3:85:25:a7:b8:55:e7:12: 64:83:68:9d:22:9c:67:ef:7f:8d:fe:76:3e:f7:eb: 42:2d:0d:8f:e6:4b:04:d6:86:e1:7c:c7:d7:03:b1: 31:e1:7a:2b:a2:38:99:4b:bd:15:13:ca:00:23:2d: 8f:1d:2d:50:63:9d:21:71:9e:09:a5:76:87:8b:fb: 19:c7:1e:e9:28:34:0f:1b:8b:49:9f:1e:b4:57:11: 8f:51:46:e5:79:71:0b:d2:30:76:c3:03:a9:82:1c: 6d:af:cf:e3:fd:ea:84:9c:09:c4:49:a4:15:1d:03: 33:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:F3:C3:01:BD:22:32:66:E0:7D:B4:33:37:2A:AB:F8:8B:92:DA:62 X509v3 Authority Key Identifier: keyid:38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:e9:60:d9:9e:f8:76:33:d7:05:35:c1:71:cb:78:ab:3c:95: a5:64:38:d6:3f:52:29:99:f4:1e:f1:a1:de:33:4e:84:54:99: f7:d0:83:ba:67:87:73:fb:17:a9:25:d4:84:72:21:48:e9:98: 19:c6:31:9e:49:aa:bf:bc:75:a8:df:7c:3b:b5:14:db:81:1f: 35:90:b6:68:1b:64:f6:95:f1:1c:06:c1:b7:45:c2:26:ae:7d: 40:f5:b9:d4:ae:db:22:b5:9d:36:0a:57:bf:bb:bc:67:ae:f4: 70:8e:cd:d6:85:7d:03:62:83:84:9a:96:3c:a5:52:1d:3b:e9: ee:23:b8:c6:82:32:10:e7:57:97:8e:1d:04:cb:fa:ae:9a:9a: 69:1b:9f:d0:18:6a:e0:60:e0:bb:79:1f:c6:7a:3d:77:3c:ad: 03:f6:32:94:c2:0c:80:85:2b:88:40:1d:51:67:14:76:5b:ba: 45:9e:27:b8:3e:e4:41:89:8f:42:69:a4:98:ef:4f:e9:a7:1b: 3d:f4:43:83:77:d2:d1:14:d6:e1:93:28:94:91:9d:19:af:9c: d3:10:5a:ab:6b:e4:24:72:8d:83:f3:91:61:24:32:bb:d7:a7: b1:03:0a:f6:02:10:04:5b:ac:f9:e3:c6:49:a9:0a:c9:ed:92: ac:a0:b4:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOPQxgoc7d+d+/OiylBd/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OTc1NTQyM2Y4MzJhNTI4YzkzMTM2MTEwZjBmZTRiMTA0 NTM1ODIwHhcNMjUxMjIyMDQwMjIxWhcNMjUxMjIzMDQwMjIxWjAzMTEwLwYDVQQD EyhhZWYzYzMwMWJkMjIzMjY2ZTA3ZGI0MzMzNzJhYWJmODhiOTJkYTYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAMe08qwmOPYk280XWCchCo+hWBm 1rytaWvY5GlV0SMLNSzNF0ScvbCWXbSooCqsUKqBWa9XF7jKkCVUHafP91ij1KvS I0/8u8j7zo9moxBJCcTMsxk5QpsgR4Pnt5gVPUR+dEVw6A/U/59WUD9YFgXQFycm n6RQt3R5A+YSlVeCHb2pAwg/C1hKA+jy44Ulp7hV5xJkg2idIpxn73+N/nY+9+tC LQ2P5ksE1obhfMfXA7Ex4XorojiZS70VE8oAIy2PHS1QY50hcZ4JpXaHi/sZxx7p KDQPG4tJnx60VxGPUUbleXEL0jB2wwOpghxtr8/j/eqEnAnESaQVHQMzzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK7zwwG9IjJm4H20Mzcqq/iLktpiMB8GA1UdIwQY MBaAFDiXVUI/gypSjJMTYRDw/ksQRTWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0Mjgt NDY5NTdiZDg4NjBkLzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0MjgtNDY5NTdiZDg4NjBk LzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+lg2Z74 djPXBTXBcct4qzyVpWQ41j9SKZn0HvGh3jNOhFSZ99CDumeHc/sXqSXUhHIhSOmY GcYxnkmqv7x1qN98O7UU24EfNZC2aBtk9pXxHAbBt0XCJq59QPW51K7bIrWdNgpX v7u8Z670cI7N1oV9A2KDhJqWPKVSHTvp7iO4xoIyEOdXl44dBMv6rpqaaRuf0Bhq 4GDgu3kfxno9dzytA/YylMIMgIUriEAdUWcUdlu6RZ4nuD7kQYmPQmmkmO9P6acb PfRDg3fS0RTW4ZMolJGdGa+c0xBaq2vkJHKNg/ORYSQyu9ensQMK9gIQBFus+ePG SakKye2SrKC0PA== -----END CERTIFICATE-----Generated at Mon Dec 22 09:35:14 2025 by rpki-client