This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft File: owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json) Hash identifier: 32GcAiqqhg/eeVUq411xqHL8s175oLOnoDgScwea9Uk= Subject key identifier: AC:15:B7:D5:82:5F:0C:F8:38:3A:39:22:8A:67:50:B5:2D:20:7B:4F Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E Certificate issuer: /CN=a3055f07bd47a86478c3bf47392573acd53d636e Certificate serial: 019B4693A2D6E59B38E945B297AA32A70AA7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft Manifest number: 1789 Signing time: Mon 22 Dec 2025 15:00:39 +0000 Manifest this update: Mon 22 Dec 2025 15:00:39 +0000 Manifest next update: Tue 23 Dec 2025 15:00:39 +0000 Files and hashes: 1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: YY+q46qW8kBqA3ynzpQCv4h1pMENeLGoU0cRJDZ+JPc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:93:a2:d6:e5:9b:38:e9:45:b2:97:aa:32:a7:0a:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e Validity Not Before: Dec 22 15:00:39 2025 GMT Not After : Dec 23 15:00:39 2025 GMT Subject: CN=ac15b7d5825f0cf8383a39228a6750b52d207b4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e7:fc:72:e4:a3:71:9a:0a:83:ec:ac:96:7a: 8d:b5:13:b8:e6:aa:ca:25:db:b1:7d:fd:d6:cf:44: 66:6c:6f:b3:65:67:00:78:20:51:5f:bf:eb:2f:1c: a0:3c:98:49:2e:44:a7:32:ac:de:27:93:ff:de:c1: d2:e4:b9:17:9c:f8:24:9c:10:b3:12:ee:9f:79:c3: 1a:e6:1f:ee:4d:06:25:44:b6:ab:04:39:20:06:0e: 18:09:58:47:c2:fe:60:40:8c:b2:29:fb:9b:21:3a: b1:e0:f4:8a:6c:0f:78:70:a8:15:c9:04:05:c7:de: 9b:fb:e8:99:14:d0:87:4a:39:64:a5:6e:6b:67:07: a7:7c:0c:7a:ac:2e:cb:47:d9:ce:c6:5e:b0:3d:df: 2c:ef:b6:a4:47:04:8b:02:4a:33:73:39:ac:04:66: 47:c0:68:aa:b1:df:71:de:81:a0:ba:58:cd:f7:d9: 9b:2e:77:a0:c4:45:42:45:e1:67:8b:80:ea:79:0f: 2c:ec:2e:51:72:06:40:2a:b2:82:ba:32:cb:9f:ee: 58:aa:53:27:a7:dd:e0:90:de:3b:76:68:0f:b7:e0: af:78:3e:53:e3:13:ac:57:71:2b:59:e3:06:c3:e1: f9:53:22:6a:f7:90:27:b3:32:25:b6:49:84:aa:b6: 06:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:15:B7:D5:82:5F:0C:F8:38:3A:39:22:8A:67:50:B5:2D:20:7B:4F X509v3 Authority Key Identifier: keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:f6:c2:15:52:34:ca:89:64:5c:da:84:a3:c4:3a:94:00:b9: 34:f7:c7:6e:c0:b9:fd:85:50:8d:34:12:fb:c7:5f:97:a8:bc: 4c:a9:24:68:07:c7:43:dc:ef:cc:49:5c:37:8f:35:90:62:4b: 87:a5:12:db:48:e6:5c:1d:b1:0f:5b:d0:89:ae:a5:ad:2d:cc: 9c:f9:c1:81:09:72:df:c1:c8:48:2f:55:b3:2b:59:99:1e:b4: 39:25:e6:4b:5c:96:fc:43:a0:50:1f:d4:cf:68:5d:d5:c6:d4: 31:cc:15:c6:48:6d:8a:17:fd:25:9e:64:b9:82:f8:73:93:c0: 4a:2d:cb:29:1f:05:70:fc:ba:e1:87:49:2a:9d:54:f0:bb:1a: 71:ca:ec:4f:39:bf:6e:8e:09:4f:69:26:73:d5:66:a0:0d:e1: e3:f4:12:3f:73:cb:db:f5:c9:81:55:bc:24:0c:5e:c0:78:4b: ef:e6:48:24:83:8a:73:2e:b0:be:32:5d:9f:6a:9c:60:71:22: ff:f7:cb:48:8e:e0:71:4a:2a:f1:b6:2d:a3:18:87:3f:a1:91: 34:ca:1e:5c:3f:1a:16:18:c8:fd:25:3d:fe:20:80:ad:e8:8f: 83:1e:37:55:ff:9f:d6:c7:4a:e0:53:24:14:ad:80:4c:aa:a7: 8a:b1:a0:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGk6LW5Zs46UWyl6oypwqnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz ZDYzNmUwHhcNMjUxMjIyMTUwMDM5WhcNMjUxMjIzMTUwMDM5WjAzMTEwLwYDVQQD EyhhYzE1YjdkNTgyNWYwY2Y4MzgzYTM5MjI4YTY3NTBiNTJkMjA3YjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Of8cuSjcZoKg+yslnqNtRO45qrK Jduxff3Wz0RmbG+zZWcAeCBRX7/rLxygPJhJLkSnMqzeJ5P/3sHS5LkXnPgknBCz Eu6fecMa5h/uTQYlRLarBDkgBg4YCVhHwv5gQIyyKfubITqx4PSKbA94cKgVyQQF x96b++iZFNCHSjlkpW5rZwenfAx6rC7LR9nOxl6wPd8s77akRwSLAkozczmsBGZH wGiqsd9x3oGguljN99mbLnegxEVCReFni4DqeQ8s7C5RcgZAKrKCujLLn+5YqlMn p93gkN47dmgPt+CveD5T4xOsV3ErWeMGw+H5UyJq95AnszIltkmEqrYGdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwVt9WCXwz4ODo5IopnULUtIHtPMB8GA1UdIwQY MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0 LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPbCFVI0 yolkXNqEo8Q6lAC5NPfHbsC5/YVQjTQS+8dfl6i8TKkkaAfHQ9zvzElcN481kGJL h6US20jmXB2xD1vQia6lrS3MnPnBgQly38HISC9VsytZmR60OSXmS1yW/EOgUB/U z2hd1cbUMcwVxkhtihf9JZ5kuYL4c5PASi3LKR8FcPy64YdJKp1U8LsaccrsTzm/ bo4JT2kmc9VmoA3h4/QSP3PL2/XJgVW8JAxewHhL7+ZIJIOKcy6wvjJdn2qcYHEi //fLSI7gcUoq8bYtoxiHP6GRNMoeXD8aFhjI/SU9/iCAreiPgx43Vf+f1sdK4FMk FK2ATKqnirGgew== -----END CERTIFICATE-----Generated at Mon Dec 22 22:57:01 2025 by rpki-client