This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.mft File: oOMSj9CdwY5m7kISp-ZPPk50qBQ.mft (raw, json) Hash identifier: qY/nhOWhMzNsEaa8pDnlnhc8O4FKQj9MxLNajb+IkP4= Subject key identifier: B6:03:16:2E:EC:A8:A5:50:21:C1:E4:AC:7E:D9:99:E0:86:42:F3:FA Authority key identifier: A0:E3:12:8F:D0:9D:C1:8E:66:EE:42:12:A7:E6:4F:3E:4E:74:A8:14 Certificate issuer: /CN=a0e3128fd09dc18e66ee4212a7e64f3e4e74a814 Certificate serial: 019AF23F68813809B32E12EEBC13A41B30E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOMSj9CdwY5m7kISp-ZPPk50qBQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.mft Manifest number: 08D4 Signing time: Sat 06 Dec 2025 06:00:32 +0000 Manifest this update: Sat 06 Dec 2025 06:00:32 +0000 Manifest next update: Sun 07 Dec 2025 06:00:32 +0000 Files and hashes: 1: RgkGs56a3wBSH0Yhny04eNJEX3I.roa (hash: 1WUdRWIGnTtyys0okmGp0iV2hIZohfzABaDiV/G7uDo=) 2: oOMSj9CdwY5m7kISp-ZPPk50qBQ.crl (hash: 3tvfdg6QUJSA5Z94O9el1/feBKWXtMM6qHHkYv/rXYo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.crl rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.mft rsync://rpki.ripe.net/repository/DEFAULT/oOMSj9CdwY5m7kISp-ZPPk50qBQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:68:81:38:09:b3:2e:12:ee:bc:13:a4:1b:30:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0e3128fd09dc18e66ee4212a7e64f3e4e74a814 Validity Not Before: Dec 6 06:00:32 2025 GMT Not After : Dec 7 06:00:32 2025 GMT Subject: CN=b603162eeca8a55021c1e4ac7ed999e08642f3fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:4b:12:36:7b:d5:7b:7d:ce:38:f2:4d:e3:ce: 55:f0:4c:cb:f0:07:61:4d:f2:71:b5:c3:ee:01:40: 60:6a:be:8c:56:9a:2a:d6:ba:6b:78:0a:cc:bd:54: 7d:d6:f8:66:2d:a3:ef:20:ea:d7:61:81:a2:1d:85: 66:cf:07:00:87:fa:c4:91:8f:db:8a:fe:5c:92:ca: a2:fe:b0:57:77:39:74:fc:38:42:2d:7f:d3:7d:74: 7c:86:ad:b6:8c:b1:8e:42:2f:ad:c6:92:d0:04:87: 51:b2:d5:3d:73:6a:3e:ec:f3:da:1a:67:bc:46:65: e4:2e:7a:5c:05:29:b8:3c:96:48:4f:42:e7:8d:ed: 6f:0e:49:17:7f:9f:83:39:6c:d4:7f:06:e6:90:28: 9d:db:64:e0:b3:0e:28:c3:43:f7:62:4d:70:5a:c3: 36:c7:bf:5b:4a:91:b8:c3:57:0f:3a:ec:ff:d3:58: 20:af:03:50:44:40:89:02:0f:09:98:5a:62:8f:90: dd:16:e2:6c:b2:c3:6a:28:c3:49:fb:77:97:7f:e5: 92:31:38:fa:e2:e5:3a:5d:2e:b6:58:ab:45:3c:c3: a6:c0:e0:08:9b:49:fc:71:30:bc:0b:62:f4:f8:41: e6:d8:fc:93:e1:3c:69:68:91:b5:3a:c4:f3:44:a0: 68:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:03:16:2E:EC:A8:A5:50:21:C1:E4:AC:7E:D9:99:E0:86:42:F3:FA X509v3 Authority Key Identifier: keyid:A0:E3:12:8F:D0:9D:C1:8E:66:EE:42:12:A7:E6:4F:3E:4E:74:A8:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOMSj9CdwY5m7kISp-ZPPk50qBQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:d8:b5:fa:83:9d:15:45:45:32:d6:09:05:fe:60:bd:79:75: b7:0a:27:f7:bb:3a:22:ba:bd:b9:2f:ad:b4:e1:9a:54:4f:ef: df:b0:5d:22:b5:95:55:91:19:be:e4:f4:65:e9:2a:5f:8b:a3: 00:a6:d8:a8:23:c4:c2:a2:99:3e:0c:14:25:a8:3b:bf:5f:a4: 82:b8:b3:5c:ac:e9:a3:05:90:3b:0f:d3:82:58:ca:52:26:36: f3:f4:ab:f0:1e:f0:9b:52:31:9d:8c:68:9e:1e:d4:a3:27:5e: 08:1e:c8:40:c9:ad:66:01:eb:57:5f:29:7c:85:bb:b8:88:2b: 21:4c:c8:cd:5c:06:e2:83:48:9c:70:c0:12:ff:2b:97:52:59: 07:16:e5:dd:6c:90:ce:cf:4f:e3:4d:e7:69:08:85:0d:ef:d7: c8:a9:c9:cd:98:94:d9:10:39:a0:36:96:12:a4:51:de:52:9f: 05:37:98:fc:f9:be:b4:ad:02:65:26:c4:11:7a:1b:ad:18:49: 1f:1b:5b:b3:72:14:0c:e7:e7:6d:54:c9:51:7a:05:55:dd:87: 06:16:66:af:91:10:47:a1:0c:c7:8c:33:d1:9b:86:c5:a6:7e: 67:b1:3a:cd:5d:13:a1:f5:7f:a3:1e:94:c1:ba:7f:7f:c9:29: 02:31:81:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2iBOAmzLhLuvBOkGzDpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZTMxMjhmZDA5ZGMxOGU2NmVlNDIxMmE3ZTY0ZjNlNGU3 NGE4MTQwHhcNMjUxMjA2MDYwMDMyWhcNMjUxMjA3MDYwMDMyWjAzMTEwLwYDVQQD EyhiNjAzMTYyZWVjYThhNTUwMjFjMWU0YWM3ZWQ5OTllMDg2NDJmM2ZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUsSNnvVe33OOPJN485V8EzL8Adh TfJxtcPuAUBgar6MVpoq1rpreArMvVR91vhmLaPvIOrXYYGiHYVmzwcAh/rEkY/b iv5cksqi/rBXdzl0/DhCLX/TfXR8hq22jLGOQi+txpLQBIdRstU9c2o+7PPaGme8 RmXkLnpcBSm4PJZIT0Lnje1vDkkXf5+DOWzUfwbmkCid22Tgsw4ow0P3Yk1wWsM2 x79bSpG4w1cPOuz/01ggrwNQRECJAg8JmFpij5DdFuJsssNqKMNJ+3eXf+WSMTj6 4uU6XS62WKtFPMOmwOAIm0n8cTC8C2L0+EHm2PyT4TxpaJG1OsTzRKBoJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYDFi7sqKVQIcHkrH7ZmeCGQvP6MB8GA1UdIwQY MBaAFKDjEo/QncGOZu5CEqfmTz5OdKgUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb09NU2o5Q2R3WTVtN2tJU3AtWlBQazUwcUJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wYjRlNzMtYTE1NC00MDU5LWI2MjIt OGZkNWNhYmE1NGU5LzEvb09NU2o5Q2R3WTVtN2tJU3AtWlBQazUwcUJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wYjRlNzMtYTE1NC00MDU5LWI2MjItOGZkNWNhYmE1NGU5 LzEvb09NU2o5Q2R3WTVtN2tJU3AtWlBQazUwcUJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATdi1+oOd FUVFMtYJBf5gvXl1twon97s6Irq9uS+ttOGaVE/v37BdIrWVVZEZvuT0ZekqX4uj AKbYqCPEwqKZPgwUJag7v1+kgrizXKzpowWQOw/TgljKUiY28/Sr8B7wm1IxnYxo nh7UoydeCB7IQMmtZgHrV18pfIW7uIgrIUzIzVwG4oNInHDAEv8rl1JZBxbl3WyQ zs9P403naQiFDe/XyKnJzZiU2RA5oDaWEqRR3lKfBTeY/Pm+tK0CZSbEEXobrRhJ Hxtbs3IUDOfnbVTJUXoFVd2HBhZmr5EQR6EMx4wz0ZuGxaZ+Z7E6zV0TofV/ox6U wbp/f8kpAjGBYA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:33:14 2025 by rpki-client