This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft File: O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json) Hash identifier: K/pHEugPOdt2CfAA1fkWb3yMHWrkQngUH/++E/46PEk= Subject key identifier: AD:D6:A5:22:90:CE:CC:A6:78:7D:FC:2D:C7:F6:80:74:4C:23:18:9A Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62 Certificate issuer: /CN=3b55e7feb907137299f5792c36395efba9b34b62 Certificate serial: 019AF1D1F89B3D0827F2C6F59F531C419025 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft Manifest number: 1008 Signing time: Sat 06 Dec 2025 04:01:00 +0000 Manifest this update: Sat 06 Dec 2025 04:01:00 +0000 Manifest next update: Sun 07 Dec 2025 04:01:00 +0000 Files and hashes: 1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: FhyVk4iMP66X3oYA4WhpslqKUMZtgWBYqHV88Z8m8sA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:f8:9b:3d:08:27:f2:c6:f5:9f:53:1c:41:90:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62 Validity Not Before: Dec 6 04:01:00 2025 GMT Not After : Dec 7 04:01:00 2025 GMT Subject: CN=add6a52290cecca6787dfc2dc7f680744c23189a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9f:98:ab:27:8c:40:8c:24:12:df:b7:03:53: 4d:ed:48:4d:5e:03:e3:9a:b2:ba:f7:b1:9d:99:fd: 50:d0:d0:cf:b1:7b:5a:c9:42:48:87:83:37:9c:64: f7:59:22:96:3b:97:bc:d7:8b:4c:60:19:13:4e:a7: 3d:2d:b7:67:47:55:27:8d:83:89:dc:43:a3:35:38: 6f:e4:ba:37:49:6a:d4:dc:8d:3c:c1:bf:3b:4e:17: e2:70:46:27:02:99:44:9a:ef:8d:1a:f5:e2:42:22: 35:37:bd:49:45:36:77:5b:de:d4:b7:67:f5:20:bb: bc:c9:53:b9:55:78:e3:5b:14:fe:77:2b:24:5b:57: 5b:bc:b1:df:06:d5:40:05:f4:2c:c1:bf:fe:47:34: 9a:be:34:de:78:67:eb:30:8f:da:c9:aa:30:d3:37: 80:83:62:d3:e1:5d:f8:d8:6b:85:49:69:31:b6:85: fa:f5:07:e6:68:91:23:45:ed:af:fd:9f:4e:f3:5d: cd:c5:57:20:68:8e:fb:4a:78:31:57:13:c2:ef:a6: a9:28:52:cc:28:69:c7:a8:8c:f9:6b:68:29:2f:79: f8:e1:08:2f:9e:44:ff:46:7e:c0:74:ce:6d:a4:ba: 08:05:68:0c:c2:34:83:11:9c:27:56:81:1c:83:0b: eb:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D6:A5:22:90:CE:CC:A6:78:7D:FC:2D:C7:F6:80:74:4C:23:18:9A X509v3 Authority Key Identifier: keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:31:3c:67:62:a9:e4:a1:f4:87:fb:81:05:29:d1:bb:47:e0: 2e:0d:2a:bb:70:9f:f8:09:88:63:71:54:d3:3d:52:64:e6:91: 37:4e:be:c9:aa:10:f7:53:79:42:b3:02:fe:b8:2c:40:a7:bd: 25:57:9c:5d:ed:83:a4:3c:3c:e0:d8:83:ea:b3:87:a3:36:7c: 9f:54:e4:6a:19:5d:5c:35:6d:48:72:18:82:4c:02:88:7b:2e: 63:2f:b2:f3:ee:24:50:a1:ca:06:1e:e6:ae:74:9c:44:70:37: b6:bc:5e:a9:e2:d5:d2:60:88:45:a2:3b:ae:c5:b0:b3:78:ed: e4:9e:c2:3f:91:c5:f2:ab:62:c0:9e:86:bf:50:12:17:4b:f0: 93:5c:89:50:f7:84:27:b6:96:02:e4:73:14:a4:c7:e9:b8:f6: 8b:86:76:33:2b:73:81:18:07:48:73:41:54:76:fe:a9:e8:e1: b1:e4:dd:62:af:15:80:82:be:44:ed:68:1a:59:23:ba:aa:46: 80:34:db:fd:5e:7a:e8:ac:8c:22:3f:7b:1e:3a:5e:71:66:12: 5b:04:72:76:22:3f:02:ec:b6:a3:5f:0e:27:5b:3e:88:98:f9: 6b:5b:56:1f:9f:53:eb:1a:8f:7c:5f:46:94:c0:e0:d8:4a:e4: 03:bc:21:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0fibPQgn8sb1n1McQZAlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli MzRiNjIwHhcNMjUxMjA2MDQwMTAwWhcNMjUxMjA3MDQwMTAwWjAzMTEwLwYDVQQD EyhhZGQ2YTUyMjkwY2VjY2E2Nzg3ZGZjMmRjN2Y2ODA3NDRjMjMxODlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Z+YqyeMQIwkEt+3A1NN7UhNXgPj mrK697Gdmf1Q0NDPsXtayUJIh4M3nGT3WSKWO5e814tMYBkTTqc9LbdnR1UnjYOJ 3EOjNThv5Lo3SWrU3I08wb87ThficEYnAplEmu+NGvXiQiI1N71JRTZ3W97Ut2f1 ILu8yVO5VXjjWxT+dyskW1dbvLHfBtVABfQswb/+RzSavjTeeGfrMI/ayaow0zeA g2LT4V342GuFSWkxtoX69QfmaJEjRe2v/Z9O813NxVcgaI77SngxVxPC76apKFLM KGnHqIz5a2gpL3n44QgvnkT/Rn7AdM5tpLoIBWgMwjSDEZwnVoEcgwvr2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK3WpSKQzsymeH38Lcf2gHRMIxiaMB8GA1UdIwQY MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2 LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiDE8Z2Kp 5KH0h/uBBSnRu0fgLg0qu3Cf+AmIY3FU0z1SZOaRN06+yaoQ91N5QrMC/rgsQKe9 JVecXe2DpDw84NiD6rOHozZ8n1TkahldXDVtSHIYgkwCiHsuYy+y8+4kUKHKBh7m rnScRHA3trxeqeLV0mCIRaI7rsWws3jt5J7CP5HF8qtiwJ6Gv1ASF0vwk1yJUPeE J7aWAuRzFKTH6bj2i4Z2MytzgRgHSHNBVHb+qejhseTdYq8VgIK+RO1oGlkjuqpG gDTb/V566KyMIj97HjpecWYSWwRydiI/Auy2o18OJ1s+iJj5a1tWH59T6xqPfF9G lMDg2ErkA7wh+A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:10 2025 by rpki-client