This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft File: OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json) Hash identifier: HxaqyRTNt96qmK1hDFttMaFLk2vPe3ggY7eZPUBzrUk= Subject key identifier: 92:F0:29:9D:0E:D3:43:93:9B:D1:86:3D:81:AD:30:E7:9A:A3:2E:E1 Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90 Certificate issuer: /CN=3948e4a5b2bae6235499913dcbec04dfca531e90 Certificate serial: 019AF1D1F8005E3FC7182D063ACC055E0E3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft Manifest number: 1633 Signing time: Sat 06 Dec 2025 04:01:00 +0000 Manifest this update: Sat 06 Dec 2025 04:01:00 +0000 Manifest next update: Sun 07 Dec 2025 04:01:00 +0000 Files and hashes: 1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: 8SdDx/GeY1iLp0IqA2Smvh1vXLnsUZJQ/XcbaG75Dms=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:f8:00:5e:3f:c7:18:2d:06:3a:cc:05:5e:0e:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90 Validity Not Before: Dec 6 04:01:00 2025 GMT Not After : Dec 7 04:01:00 2025 GMT Subject: CN=92f0299d0ed343939bd1863d81ad30e79aa32ee1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:4d:55:33:25:f3:9e:65:68:04:82:ee:3b:58: 70:a8:57:da:1b:69:32:e7:7a:7b:02:0d:38:d5:81: fd:7b:63:3b:20:ab:f4:80:da:2e:58:62:b2:13:9b: bf:93:8b:e4:40:0f:f8:aa:a1:10:82:86:89:8f:49: 98:a3:cf:73:f8:b0:06:35:02:fe:57:4b:96:51:e4: 1c:0a:68:1c:fa:3f:bf:db:58:d1:d7:fe:bd:bf:c2: 2f:d0:1f:09:37:fe:98:fc:4c:de:32:87:b8:4a:3f: 9f:d0:25:2f:eb:4d:40:a3:df:c4:87:e5:d2:18:e2: 90:78:ad:61:eb:cb:50:c7:84:8b:7a:b9:c9:f2:78: d2:34:28:d4:06:9b:d8:0d:64:cd:0f:dc:57:e4:4f: f3:b5:93:6e:a6:b3:70:1d:dc:5f:b9:f9:a7:b2:d6: 9e:c8:84:a7:d0:7c:b6:1f:93:84:a7:07:6f:f7:38: f2:04:fd:9d:ec:cd:6d:af:89:2c:c2:79:26:80:81: 09:7d:68:28:6a:c9:b7:6b:16:4c:db:8c:bc:49:97: ea:81:2c:b6:28:8d:88:b1:e3:d3:35:37:bc:5a:77: d0:b2:14:16:36:a3:54:1b:21:84:3f:4b:42:bb:ac: 80:6a:eb:88:44:27:b7:6f:9f:ee:2a:ea:74:3e:8f: a8:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:F0:29:9D:0E:D3:43:93:9B:D1:86:3D:81:AD:30:E7:9A:A3:2E:E1 X509v3 Authority Key Identifier: keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:03:23:3e:f4:a3:e1:72:e8:91:f1:65:65:56:fe:99:d8:0a: 7c:ea:7d:c5:b2:c7:0b:61:9f:b1:fb:56:56:91:55:38:2c:75: 56:b6:2f:59:fa:38:c0:1d:eb:35:23:de:1d:2a:6d:73:b5:e8: 02:2f:a5:14:b3:92:23:30:9b:6e:74:b2:87:c4:0b:2f:c5:5b: 97:e4:11:da:ca:71:2d:fd:19:49:0f:6e:f7:9c:9a:48:4f:b2: cd:04:ae:fb:cf:45:21:55:59:56:0b:d0:07:48:d7:5b:87:40: e7:96:1c:99:de:93:be:3e:53:de:5b:ce:f2:e0:85:f1:33:47: c9:21:60:fc:1f:03:99:9b:74:7e:d6:c0:7c:4b:c0:45:3f:54: 18:2d:bd:4c:82:8f:e7:4e:f7:03:90:21:b2:e1:58:53:76:2c: 1e:d6:6d:32:f2:da:20:93:9b:b4:15:e9:21:56:a8:dc:08:83: 54:65:45:ae:98:9a:92:1d:f0:8a:3f:4d:32:9c:38:4d:b1:cd: 5c:49:99:d2:33:61:df:72:a2:f5:f6:1e:d9:ae:2f:04:fd:67: cf:b1:17:40:53:10:47:e5:f8:5f:d5:bc:e6:5f:8a:95:c4:6b: cb:66:22:01:59:52:9c:b4:d7:aa:cc:bf:37:bb:97:86:3c:8e: f1:f7:bc:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0fgAXj/HGC0GOswFXg48MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1 MzFlOTAwHhcNMjUxMjA2MDQwMTAwWhcNMjUxMjA3MDQwMTAwWjAzMTEwLwYDVQQD Eyg5MmYwMjk5ZDBlZDM0MzkzOWJkMTg2M2Q4MWFkMzBlNzlhYTMyZWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw01VMyXznmVoBILuO1hwqFfaG2ky 53p7Ag041YH9e2M7IKv0gNouWGKyE5u/k4vkQA/4qqEQgoaJj0mYo89z+LAGNQL+ V0uWUeQcCmgc+j+/21jR1/69v8Iv0B8JN/6Y/EzeMoe4Sj+f0CUv601Ao9/Eh+XS GOKQeK1h68tQx4SLernJ8njSNCjUBpvYDWTND9xX5E/ztZNuprNwHdxfufmnstae yISn0Hy2H5OEpwdv9zjyBP2d7M1tr4kswnkmgIEJfWgoasm3axZM24y8SZfqgSy2 KI2IsePTNTe8WnfQshQWNqNUGyGEP0tCu6yAauuIRCe3b5/uKup0Po+odQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJLwKZ0O00OTm9GGPYGtMOeaoy7hMB8GA1UdIwQY MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQMjPvSj 4XLokfFlZVb+mdgKfOp9xbLHC2GfsftWVpFVOCx1VrYvWfo4wB3rNSPeHSptc7Xo Ai+lFLOSIzCbbnSyh8QLL8Vbl+QR2spxLf0ZSQ9u95yaSE+yzQSu+89FIVVZVgvQ B0jXW4dA55Ycmd6Tvj5T3lvO8uCF8TNHySFg/B8DmZt0ftbAfEvART9UGC29TIKP 5073A5AhsuFYU3YsHtZtMvLaIJObtBXpIVao3AiDVGVFrpiakh3wij9NMpw4TbHN XEmZ0jNh33Ki9fYe2a4vBP1nz7EXQFMQR+X4X9W85l+KlcRry2YiAVlSnLTXqsy/ N7uXhjyO8fe8fw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:01:25 2025 by rpki-client