This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft File: osiREA5QD7XGTzDxYD_lRdq0kBY.mft (raw, json) Hash identifier: YaES49IycHZO7+N/dbFy4VSh0IjIM2RozuZhQxLKMOw= Subject key identifier: D4:D4:9F:7A:3A:BF:07:E8:92:0A:BA:48:A1:75:39:05:56:A4:28:D5 Authority key identifier: A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16 Certificate issuer: /CN=a2c891100e500fb5c64f30f1603fe545dab49016 Certificate serial: 019B3C7EE7E205C488F5EDA18A77FE86556A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft Manifest number: 0B7A Signing time: Sat 20 Dec 2025 16:01:48 +0000 Manifest this update: Sat 20 Dec 2025 16:01:48 +0000 Manifest next update: Sun 21 Dec 2025 16:01:48 +0000 Files and hashes: 1: 2r58NpxvTCdcnNGrjt0v-zkeUtY.roa (hash: TkXA680kjgu+5bXWMHrgD9kPPHcPEiisIsJWWTeRFzw=) 2: osiREA5QD7XGTzDxYD_lRdq0kBY.crl (hash: +6/N9SGRP2A6o+79XYhwz0jsBbVz7QQOl4KrjHpTyz4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.crl rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:e7:e2:05:c4:88:f5:ed:a1:8a:77:fe:86:55:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2c891100e500fb5c64f30f1603fe545dab49016 Validity Not Before: Dec 20 16:01:48 2025 GMT Not After : Dec 21 16:01:48 2025 GMT Subject: CN=d4d49f7a3abf07e8920aba48a175390556a428d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:be:86:21:28:33:bb:32:b1:2f:99:73:38:07: 86:20:2e:95:ab:93:39:f4:66:9c:d4:9b:01:ef:ae: ef:f9:af:c0:ef:4d:0b:24:a4:13:fa:04:e9:1b:7d: cf:bd:44:2d:04:ef:47:a2:0c:48:5f:f2:c4:6e:3f: 7d:38:d7:6c:80:01:6b:df:97:90:0f:4a:bd:72:e9: 07:c9:8d:73:0c:9d:14:a3:a8:5b:22:c9:78:32:d0: ec:5d:83:d0:87:22:04:14:8a:8c:1b:a8:36:6b:37: 96:cc:79:5c:d3:93:21:23:2a:e2:1f:27:04:0b:a5: f8:c2:d4:b7:dd:b6:60:a8:17:a9:b6:a5:1d:5f:89: 37:78:02:3b:5b:10:28:18:f9:87:0d:fe:ce:76:14: 8e:88:78:e6:19:50:89:ea:2a:1a:a0:a4:af:fc:88: eb:14:c1:9a:25:25:e6:1b:20:0a:62:09:bc:7e:92: c8:1e:16:8d:fc:64:59:7f:52:70:c8:e2:1a:c6:3b: 3e:65:4c:bd:df:9a:0a:3d:86:96:cb:4f:fa:3c:02: ad:c2:2d:4d:78:07:e2:6f:b5:75:fa:49:18:3f:36: fc:d4:82:b0:41:07:8b:5f:0e:89:1d:3f:13:36:55: ee:f6:d0:17:94:6a:70:de:02:40:d3:15:6d:ef:1b: 6b:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:D4:9F:7A:3A:BF:07:E8:92:0A:BA:48:A1:75:39:05:56:A4:28:D5 X509v3 Authority Key Identifier: keyid:A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:17:d2:50:9b:7f:82:e9:6e:6a:28:f7:49:42:f5:0c:a0:a9: 99:d3:92:5c:79:00:6a:0c:66:bb:0b:ba:16:85:ba:b2:24:ed: 7a:75:87:f7:68:46:41:84:0c:d6:76:95:db:23:b9:0b:34:17: fe:d6:b2:76:c1:62:40:90:80:fb:06:dd:d5:66:68:10:bf:3e: c0:60:e7:d5:64:cc:8d:e4:08:23:28:4b:c4:23:76:76:d5:80: 3d:f0:af:c9:b7:d9:6d:d1:2f:f2:de:09:ad:62:18:00:fa:af: 6a:1c:b4:9d:80:ba:47:b9:5f:e4:db:0a:77:f1:2f:a9:7b:19: 5e:bf:fc:c5:0e:df:9a:e7:76:a3:de:e3:ce:0a:6c:65:e8:82: 1f:dc:5b:00:70:f4:da:e4:ea:34:e4:df:e5:a5:b2:bb:29:3e: 62:06:91:1f:07:9d:66:cd:2c:10:b8:1f:1c:b5:eb:50:02:30: da:4b:1c:d7:16:fd:80:99:6f:af:32:ea:e4:3d:67:49:7e:54: 78:ff:97:9c:62:05:a5:a6:cb:01:5b:56:a6:10:90:7f:f2:b6: a6:3d:ed:76:ff:fe:7b:7e:37:a9:56:27:0c:f2:b6:e0:17:9d: a6:0c:92:80:56:bc:6a:b8:e1:76:d7:dd:7e:0f:55:de:7f:a2: f3:ff:7e:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fufiBcSI9e2hinf+hlVqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYzg5MTEwMGU1MDBmYjVjNjRmMzBmMTYwM2ZlNTQ1ZGFi NDkwMTYwHhcNMjUxMjIwMTYwMTQ4WhcNMjUxMjIxMTYwMTQ4WjAzMTEwLwYDVQQD EyhkNGQ0OWY3YTNhYmYwN2U4OTIwYWJhNDhhMTc1MzkwNTU2YTQyOGQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL6GISgzuzKxL5lzOAeGIC6Vq5M5 9Gac1JsB767v+a/A700LJKQT+gTpG33PvUQtBO9HogxIX/LEbj99ONdsgAFr35eQ D0q9cukHyY1zDJ0Uo6hbIsl4MtDsXYPQhyIEFIqMG6g2azeWzHlc05MhIyriHycE C6X4wtS33bZgqBeptqUdX4k3eAI7WxAoGPmHDf7OdhSOiHjmGVCJ6ioaoKSv/Ijr FMGaJSXmGyAKYgm8fpLIHhaN/GRZf1JwyOIaxjs+ZUy935oKPYaWy0/6PAKtwi1N eAfib7V1+kkYPzb81IKwQQeLXw6JHT8TNlXu9tAXlGpw3gJA0xVt7xtrewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNTUn3o6vwfokgq6SKF1OQVWpCjVMB8GA1UdIwQY MBaAFKLIkRAOUA+1xk8w8WA/5UXatJAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTIt OGNhMGM5MGY1NzdlLzEvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTItOGNhMGM5MGY1Nzdl LzEvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxfSUJt/ guluaij3SUL1DKCpmdOSXHkAagxmuwu6FoW6siTtenWH92hGQYQM1naV2yO5CzQX /taydsFiQJCA+wbd1WZoEL8+wGDn1WTMjeQIIyhLxCN2dtWAPfCvybfZbdEv8t4J rWIYAPqvahy0nYC6R7lf5NsKd/EvqXsZXr/8xQ7fmud2o97jzgpsZeiCH9xbAHD0 2uTqNOTf5aWyuyk+YgaRHwedZs0sELgfHLXrUAIw2ksc1xb9gJlvrzLq5D1nSX5U eP+XnGIFpabLAVtWphCQf/K2pj3tdv/+e343qVYnDPK24BedpgySgFa8arjhdtfd fg9V3n+i8/9+Mg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:14:52 2025 by rpki-client