This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft File: osiREA5QD7XGTzDxYD_lRdq0kBY.mft (raw, json) Hash identifier: k758CEn/y8rKrtoX/TB7DkHleq2StgIv37O6a9c8hRY= Subject key identifier: 39:29:3B:7E:B5:97:4A:AA:58:CA:59:5D:89:7C:BA:94:74:E5:FF:29 Authority key identifier: A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16 Certificate issuer: /CN=a2c891100e500fb5c64f30f1603fe545dab49016 Certificate serial: 019AF12DF4E321E91F6F46967CBD2D4ED834 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft Manifest number: 0B53 Signing time: Sat 06 Dec 2025 01:01:52 +0000 Manifest this update: Sat 06 Dec 2025 01:01:52 +0000 Manifest next update: Sun 07 Dec 2025 01:01:52 +0000 Files and hashes: 1: 2r58NpxvTCdcnNGrjt0v-zkeUtY.roa (hash: TkXA680kjgu+5bXWMHrgD9kPPHcPEiisIsJWWTeRFzw=) 2: osiREA5QD7XGTzDxYD_lRdq0kBY.crl (hash: c0psuyR7OmEGFvD0S/4KbGejMb0JqUM0TaGavUe9fec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.crl rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f4:e3:21:e9:1f:6f:46:96:7c:bd:2d:4e:d8:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2c891100e500fb5c64f30f1603fe545dab49016 Validity Not Before: Dec 6 01:01:52 2025 GMT Not After : Dec 7 01:01:52 2025 GMT Subject: CN=39293b7eb5974aaa58ca595d897cba9474e5ff29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:cc:ea:1d:01:dd:bc:86:4a:26:52:2d:54:08: 4a:ff:41:f9:a0:27:b8:9e:a1:58:aa:a4:86:7a:ea: 72:3b:a1:8b:6d:0e:bc:0b:7b:0a:a0:0b:8e:76:7c: 01:30:f4:b9:a9:3f:48:17:b8:1c:95:4c:69:cc:e5: 17:97:45:d7:f9:5f:60:e1:63:f8:ea:c1:07:c2:46: c6:f1:78:f9:76:24:c4:9d:a0:25:aa:a4:92:6e:29: 71:18:84:92:62:ba:5a:38:a4:65:55:94:63:92:dd: cf:8e:47:d4:b2:10:03:f8:e3:e0:21:2a:56:7d:bd: b7:37:5d:34:9a:da:e4:db:c7:4c:b8:67:6c:3c:b8: 90:a6:43:18:c3:84:f7:ee:ff:af:41:23:e6:88:36: 96:77:b5:97:79:f7:36:0e:6e:ec:ad:95:d6:0b:a2: 5f:e8:ce:a1:e1:0a:08:e8:84:ef:08:d6:30:d7:a7: 10:e3:71:d1:44:f4:aa:a6:fb:f3:92:ab:95:6e:64: a9:92:91:c8:63:b5:75:8c:58:f2:30:63:47:f7:27: 62:a6:03:4a:fb:97:09:f0:e4:06:01:a9:99:a5:36: 03:53:9f:7c:ef:9a:48:47:2c:1b:2d:52:4e:e1:ed: 25:19:a3:af:92:cd:70:4b:5d:ed:d3:07:bf:55:2c: 9d:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:29:3B:7E:B5:97:4A:AA:58:CA:59:5D:89:7C:BA:94:74:E5:FF:29 X509v3 Authority Key Identifier: keyid:A2:C8:91:10:0E:50:0F:B5:C6:4F:30:F1:60:3F:E5:45:DA:B4:90:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/osiREA5QD7XGTzDxYD_lRdq0kBY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/28b56c-6aac-48d7-aba2-8ca0c90f577e/1/osiREA5QD7XGTzDxYD_lRdq0kBY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:ea:f3:92:ee:47:dc:b0:88:4f:e4:11:5f:0a:88:3d:34:53: 32:83:a6:37:ab:ba:ac:47:bc:82:75:73:16:7c:f0:ea:e9:d6: 71:ae:42:86:ce:b8:78:2f:be:b2:91:22:5a:8b:d1:c0:0c:56: 12:6b:e7:f9:a6:e5:c9:7f:4c:3b:4d:d3:e9:96:42:af:0d:c9: 54:48:74:8f:39:2a:ef:31:f6:bf:db:ca:7b:b2:c1:8a:fd:a0: 52:03:e9:a7:0a:ab:2e:f2:66:78:ea:74:92:6d:32:26:67:1d: 98:19:ee:dd:30:00:96:b7:ad:c0:a1:64:28:f7:75:04:98:fd: 03:fe:8c:71:6b:92:bf:32:62:e1:13:99:88:4a:e6:06:4a:ce: 4a:8e:45:d9:c0:94:48:06:a1:e2:8a:97:12:f0:77:30:b6:1f: ab:40:ac:02:23:bd:7d:bb:a0:c3:3b:3a:0e:3c:2a:e6:1d:fc: 8f:a2:ec:f1:dc:e9:f1:b7:2d:6f:ba:8c:5e:29:5f:42:f0:a2: 58:14:1c:dd:93:45:ce:a8:ee:28:44:ff:fa:5a:0c:b4:ee:2b: c7:9f:bd:8f:60:81:73:ba:47:f5:71:ef:71:a7:d3:74:bf:9e: 0f:5d:aa:db:74:23:a6:59:9e:1a:09:1c:46:fa:f2:ba:50:83: 2b:e4:f0:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfTjIekfb0aWfL0tTtg0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYzg5MTEwMGU1MDBmYjVjNjRmMzBmMTYwM2ZlNTQ1ZGFi NDkwMTYwHhcNMjUxMjA2MDEwMTUyWhcNMjUxMjA3MDEwMTUyWjAzMTEwLwYDVQQD EygzOTI5M2I3ZWI1OTc0YWFhNThjYTU5NWQ4OTdjYmE5NDc0ZTVmZjI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1szqHQHdvIZKJlItVAhK/0H5oCe4 nqFYqqSGeupyO6GLbQ68C3sKoAuOdnwBMPS5qT9IF7gclUxpzOUXl0XX+V9g4WP4 6sEHwkbG8Xj5diTEnaAlqqSSbilxGISSYrpaOKRlVZRjkt3PjkfUshAD+OPgISpW fb23N100mtrk28dMuGdsPLiQpkMYw4T37v+vQSPmiDaWd7WXefc2Dm7srZXWC6Jf 6M6h4QoI6ITvCNYw16cQ43HRRPSqpvvzkquVbmSpkpHIY7V1jFjyMGNH9ydipgNK +5cJ8OQGAamZpTYDU59875pIRywbLVJO4e0lGaOvks1wS13t0we/VSydRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDkpO361l0qqWMpZXYl8upR05f8pMB8GA1UdIwQY MBaAFKLIkRAOUA+1xk8w8WA/5UXatJAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTIt OGNhMGM5MGY1NzdlLzEvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8yOGI1NmMtNmFhYy00OGQ3LWFiYTItOGNhMGM5MGY1Nzdl LzEvb3NpUkVBNVFEN1hHVHpEeFlEX2xSZHEwa0JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqerzku5H 3LCIT+QRXwqIPTRTMoOmN6u6rEe8gnVzFnzw6unWca5Chs64eC++spEiWovRwAxW Emvn+ablyX9MO03T6ZZCrw3JVEh0jzkq7zH2v9vKe7LBiv2gUgPppwqrLvJmeOp0 km0yJmcdmBnu3TAAlretwKFkKPd1BJj9A/6McWuSvzJi4ROZiErmBkrOSo5F2cCU SAah4oqXEvB3MLYfq0CsAiO9fbugwzs6Djwq5h38j6Ls8dzp8bctb7qMXilfQvCi WBQc3ZNFzqjuKET/+loMtO4rx5+9j2CBc7pH9XHvcafTdL+eD12q23QjplmeGgkc RvryulCDK+TwUw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:22 2025 by rpki-client