This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json) Hash identifier: X5k3d6iEMnSmkyNDzioFqUM1E/KI51QQysv0Sz/Hd3Y= Subject key identifier: 20:D3:0F:93:CE:D2:33:18:79:A6:25:AA:72:54:9C:D2:15:7F:3A:51 Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Certificate serial: 019AF2AD8560736D9CF913399A6EC84F1030 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft Manifest number: 08A8 Signing time: Sat 06 Dec 2025 08:00:49 +0000 Manifest this update: Sat 06 Dec 2025 08:00:49 +0000 Manifest next update: Sun 07 Dec 2025 08:00:49 +0000 Files and hashes: 1: M82sfYNUsyqK13nZZfstvwDd7Fs.roa (hash: Pwd9phO+f2VaYBcGPbgT8icjGcqdGdD4Q6fe+fixav0=) 2: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: U/XsDGf09X59gZcrxGkvdWeXdqdnPQgvBfW471aA85o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:85:60:73:6d:9c:f9:13:39:9a:6e:c8:4f:10:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Validity Not Before: Dec 6 08:00:49 2025 GMT Not After : Dec 7 08:00:49 2025 GMT Subject: CN=20d30f93ced2331879a625aa72549cd2157f3a51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6f:82:d7:d5:9e:f8:70:cd:d3:1c:09:c6:c4: 7c:4a:88:7a:00:e8:54:2a:7f:44:3d:c7:66:c2:fa: 48:ed:b8:d6:0a:4e:85:ca:c4:b1:ca:c1:e4:c9:b2: ce:c0:f0:4a:6e:cf:50:65:e4:09:49:f6:c8:7e:c0: 99:41:0d:74:79:c5:fc:2b:9f:36:1e:d1:17:be:df: 06:47:05:4a:3e:fd:d9:ba:6e:c4:e0:72:72:b6:5a: 47:8d:bd:99:58:11:13:46:22:6f:ff:8c:87:2c:1a: 20:0a:5d:25:62:8a:94:50:91:e4:61:5f:fb:e2:24: 40:73:fd:8b:0e:78:05:08:43:68:2d:b4:63:25:7e: 2a:be:d3:d4:0a:7d:bf:d7:dd:33:bb:65:56:be:b6: 49:e1:3e:36:e6:fe:20:ae:73:a0:f8:7e:fe:7c:6c: ed:31:da:42:25:c1:15:92:c4:b2:15:e4:93:1e:23: d3:7f:80:a4:7e:19:8d:8b:15:41:9e:82:61:01:a8: 77:a4:e9:c7:ac:c1:54:34:ee:f0:46:57:56:09:cc: 78:0c:33:69:72:ed:47:fd:56:ec:fe:46:aa:51:f7: 78:e2:0a:07:d3:ee:d7:7a:6e:35:39:0c:f9:f5:92: d5:65:5c:9b:87:d7:c8:ef:f2:d9:74:b6:33:57:4b: 10:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D3:0F:93:CE:D2:33:18:79:A6:25:AA:72:54:9C:D2:15:7F:3A:51 X509v3 Authority Key Identifier: keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:8a:cd:59:f2:d2:63:4b:79:6d:ba:1a:4b:4d:15:66:64:d7: 01:cf:d7:85:0c:62:d1:a4:5c:02:af:7f:08:67:c0:e9:df:8e: 61:84:46:8a:a0:d8:9b:5f:e9:d6:d9:c2:db:30:c5:11:7e:f7: 5d:0f:c3:c3:e5:ef:49:83:78:bb:90:cf:8d:33:72:62:8c:66: 14:43:06:c5:60:37:32:0b:e5:46:93:56:36:09:db:36:71:7b: c9:9e:21:67:34:05:c1:a8:2b:e7:e5:35:c4:d5:4c:66:b4:ef: f5:7a:00:af:ec:16:b8:cf:44:73:f0:5e:ef:68:8b:ad:f2:27: 1e:e4:44:2b:1c:46:3e:03:c3:9a:a9:80:f0:46:1b:8e:c7:1e: 81:bc:d3:78:1d:22:d8:a9:98:82:e0:74:2d:ef:68:ab:97:a2: 50:97:02:1b:26:5f:d6:54:6b:1f:ca:4a:d1:9c:66:de:b6:11: ba:b5:13:07:51:d5:e4:95:14:dc:c4:15:93:42:cb:9e:31:62: dc:68:50:fb:61:31:5e:88:60:22:29:04:c9:78:cb:23:5b:b9: 6f:12:65:cb:2e:f9:7a:00:07:c4:c5:d7:41:ea:2f:e5:c5:f1: 76:02:19:2d:e4:1d:bb:2b:e9:26:bc:7f:9c:0f:87:19:4c:7b: 62:aa:fc:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrYVgc22c+RM5mm7ITxAwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj NGRhMjAwHhcNMjUxMjA2MDgwMDQ5WhcNMjUxMjA3MDgwMDQ5WjAzMTEwLwYDVQQD EygyMGQzMGY5M2NlZDIzMzE4NzlhNjI1YWE3MjU0OWNkMjE1N2YzYTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG+C19We+HDN0xwJxsR8Soh6AOhU Kn9EPcdmwvpI7bjWCk6FysSxysHkybLOwPBKbs9QZeQJSfbIfsCZQQ10ecX8K582 HtEXvt8GRwVKPv3Zum7E4HJytlpHjb2ZWBETRiJv/4yHLBogCl0lYoqUUJHkYV/7 4iRAc/2LDngFCENoLbRjJX4qvtPUCn2/190zu2VWvrZJ4T425v4grnOg+H7+fGzt MdpCJcEVksSyFeSTHiPTf4CkfhmNixVBnoJhAah3pOnHrMFUNO7wRldWCcx4DDNp cu1H/Vbs/kaqUfd44goH0+7Xem41OQz59ZLVZVybh9fI7/LZdLYzV0sQ7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCDTD5PO0jMYeaYlqnJUnNIVfzpRMB8GA1UdIwQY MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0 LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiorNWfLS Y0t5bboaS00VZmTXAc/XhQxi0aRcAq9/CGfA6d+OYYRGiqDYm1/p1tnC2zDFEX73 XQ/Dw+XvSYN4u5DPjTNyYoxmFEMGxWA3MgvlRpNWNgnbNnF7yZ4hZzQFwagr5+U1 xNVMZrTv9XoAr+wWuM9Ec/Be72iLrfInHuREKxxGPgPDmqmA8EYbjscegbzTeB0i 2KmYguB0Le9oq5eiUJcCGyZf1lRrH8pK0Zxm3rYRurUTB1HV5JUU3MQVk0LLnjFi 3GhQ+2ExXohgIikEyXjLI1u5bxJlyy75egAHxMXXQeov5cXxdgIZLeQduyvpJrx/ nA+HGUx7Yqr8yQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:07:02 2025 by rpki-client