This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft File: o-zqyBJVNKV5R5YtsokD-tesOvk.mft (raw, json) Hash identifier: 5WaBC76T45HKG0QoUq/mby3Tu8honk//v4iik4n5oXA= Subject key identifier: E7:63:40:26:66:AD:4E:BA:04:64:6E:B6:B5:FA:B3:C7:5B:D4:DD:67 Authority key identifier: A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 Certificate issuer: /CN=a3eceac8125534a57947962db28903fad7ac3af9 Certificate serial: 019AF38A1D634CC9C7A48282FF014030FD10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft Manifest number: 16E1 Signing time: Sat 06 Dec 2025 12:01:46 +0000 Manifest this update: Sat 06 Dec 2025 12:01:46 +0000 Manifest next update: Sun 07 Dec 2025 12:01:46 +0000 Files and hashes: 1: NZCcmWMu3SL4lvLRXGmLfuZeQm4.roa (hash: EKuPrmDOqjvIb0P5ALzTBFMc5GRcKpakwtWPyDrs5oc=) 2: o-zqyBJVNKV5R5YtsokD-tesOvk.crl (hash: Eoq/utvOn3JE3rHof12kYKiAjW7V2DNVxlOreNYErKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:8a:1d:63:4c:c9:c7:a4:82:82:ff:01:40:30:fd:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3eceac8125534a57947962db28903fad7ac3af9 Validity Not Before: Dec 6 12:01:46 2025 GMT Not After : Dec 7 12:01:46 2025 GMT Subject: CN=e763402666ad4eba04646eb6b5fab3c75bd4dd67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b6:c8:99:4b:06:f1:ca:ca:0b:4a:66:bd:9b: 44:33:d8:bf:c3:f8:de:f4:78:32:9f:65:16:cf:c2: 44:84:2f:77:08:3a:6d:5d:d1:fd:c5:1e:c4:83:c0: e0:50:a1:86:b8:dd:8f:7f:d8:fb:8d:2a:16:75:65: 5d:08:2a:78:dc:e5:4d:35:dd:d0:be:15:f2:c7:f3: c7:a1:8b:42:e8:96:59:73:51:3e:56:01:c7:32:cc: 49:f9:95:6b:ff:6b:fd:50:1c:d7:3e:d4:fc:0f:a2: c1:76:89:e8:30:09:d9:e3:a9:02:dc:81:c5:2f:1a: bd:b9:15:f7:89:b7:e7:99:86:96:4c:5a:e8:69:55: 03:e3:11:3d:e1:d4:43:da:6a:dd:a8:7c:67:c5:4c: 6d:64:57:60:fe:bf:0f:2e:8b:11:d8:1e:61:cb:1d: de:62:bd:d3:30:75:44:aa:87:6b:f4:69:33:29:86: 04:f2:3a:fe:13:0e:03:10:8e:57:85:c1:0a:f6:c9: 00:75:67:16:3d:b0:f7:1a:3a:ca:b0:44:7c:1f:70: dc:18:3b:e8:ef:ed:b0:8f:71:a2:f2:91:f6:90:f2: a6:a8:58:1f:88:a2:d1:a6:14:d2:53:0a:b9:e9:5a: 67:ca:d5:48:f8:0e:3d:19:d1:76:71:03:23:85:e7: bf:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:63:40:26:66:AD:4E:BA:04:64:6E:B6:B5:FA:B3:C7:5B:D4:DD:67 X509v3 Authority Key Identifier: keyid:A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:a8:fd:f4:c0:69:5a:c2:39:3a:33:52:21:e9:e3:d9:ae:fb: 9b:48:9e:c3:2f:51:5d:e3:4a:c6:fb:a3:98:24:04:96:82:10: fc:13:63:97:52:41:7b:67:1d:17:20:97:d7:87:98:d5:38:ac: 6d:b6:be:c8:27:85:fc:69:64:fc:d1:c4:d0:b0:60:12:7a:74: b1:0e:a7:74:13:e1:d1:78:45:d8:26:11:4a:13:e8:83:be:73: a9:dd:6d:15:13:03:88:a1:ec:45:84:9d:a6:a4:d0:f1:cc:4c: 3f:28:a9:5a:cb:b7:39:8d:e0:0e:60:67:19:70:9a:21:f4:9b: c4:8e:23:65:25:f5:06:de:94:a9:85:40:32:8e:c9:46:32:28: bd:cf:cc:f3:08:c9:77:d3:8c:17:98:ae:0c:c6:f2:19:d9:5d: 37:98:c7:7f:ce:11:34:03:af:0a:80:dd:da:ff:3e:46:71:d4: fb:83:3e:0c:68:0c:05:6c:7f:51:6e:00:b6:69:db:95:e3:c2: e7:f4:c9:9c:85:ff:8e:6b:6f:a5:f4:9e:2c:40:a4:75:fc:a6: b9:a5:45:75:35:6e:3a:f3:ea:56:38:37:ef:45:39:6f:96:1f: 68:21:1a:65:95:fc:d3:ca:ca:dc:75:53:98:66:27:ca:d7:cf: 3f:01:b8:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzih1jTMnHpIKC/wFAMP0QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzZWNlYWM4MTI1NTM0YTU3OTQ3OTYyZGIyODkwM2ZhZDdh YzNhZjkwHhcNMjUxMjA2MTIwMTQ2WhcNMjUxMjA3MTIwMTQ2WjAzMTEwLwYDVQQD EyhlNzYzNDAyNjY2YWQ0ZWJhMDQ2NDZlYjZiNWZhYjNjNzViZDRkZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurbImUsG8crKC0pmvZtEM9i/w/je 9Hgyn2UWz8JEhC93CDptXdH9xR7Eg8DgUKGGuN2Pf9j7jSoWdWVdCCp43OVNNd3Q vhXyx/PHoYtC6JZZc1E+VgHHMsxJ+ZVr/2v9UBzXPtT8D6LBdonoMAnZ46kC3IHF Lxq9uRX3ibfnmYaWTFroaVUD4xE94dRD2mrdqHxnxUxtZFdg/r8PLosR2B5hyx3e Yr3TMHVEqodr9GkzKYYE8jr+Ew4DEI5XhcEK9skAdWcWPbD3GjrKsER8H3DcGDvo 7+2wj3Gi8pH2kPKmqFgfiKLRphTSUwq56VpnytVI+A49GdF2cQMjhee/KQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOdjQCZmrU66BGRutrX6s8db1N1nMB8GA1UdIwQY MBaAFKPs6sgSVTSleUeWLbKJA/rXrDr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQt YTliZDVlNDEwYWVkLzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQtYTliZDVlNDEwYWVk LzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIaj99MBp WsI5OjNSIenj2a77m0iewy9RXeNKxvujmCQEloIQ/BNjl1JBe2cdFyCX14eY1Tis bba+yCeF/Glk/NHE0LBgEnp0sQ6ndBPh0XhF2CYRShPog75zqd1tFRMDiKHsRYSd pqTQ8cxMPyipWsu3OY3gDmBnGXCaIfSbxI4jZSX1Bt6UqYVAMo7JRjIovc/M8wjJ d9OMF5iuDMbyGdldN5jHf84RNAOvCoDd2v8+RnHU+4M+DGgMBWx/UW4AtmnblePC 5/TJnIX/jmtvpfSeLECkdfymuaVFdTVuOvPqVjg370U5b5YfaCEaZZX808rK3HVT mGYnytfPPwG40g== -----END CERTIFICATE-----Generated at Sat Dec 6 22:26:23 2025 by rpki-client