This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft File: oLwgSfIYtv2rytdZTCUjso2kd8E.mft (raw, json) Hash identifier: yxmlt5o1YabBpraIiF50+hWj9OXmXT8FuejTVGD+638= Subject key identifier: AF:8E:2B:81:03:30:71:90:9D:7B:D8:E5:16:1A:AA:45:D7:C5:EE:13 Authority key identifier: A0:BC:20:49:F2:18:B6:FD:AB:CA:D7:59:4C:25:23:B2:8D:A4:77:C1 Certificate issuer: /CN=a0bc2049f218b6fdabcad7594c2523b28da477c1 Certificate serial: 019AF2ADFA0BD056115C990C423C09588C4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft Manifest number: 16F6 Signing time: Sat 06 Dec 2025 08:01:19 +0000 Manifest this update: Sat 06 Dec 2025 08:01:19 +0000 Manifest next update: Sun 07 Dec 2025 08:01:19 +0000 Files and hashes: 1: APsUsrAn96ow-lwQ45SmC1gQegc.roa (hash: t3tVyfgAERiYm7/hAZrrvXacDVWFUchPqKdL2GXQLe4=) 2: oLwgSfIYtv2rytdZTCUjso2kd8E.crl (hash: ucXj82vNEIkMMzUDySa0Trn/5oCCg0kBRmqyvQQndcI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:fa:0b:d0:56:11:5c:99:0c:42:3c:09:58:8c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0bc2049f218b6fdabcad7594c2523b28da477c1 Validity Not Before: Dec 6 08:01:19 2025 GMT Not After : Dec 7 08:01:19 2025 GMT Subject: CN=af8e2b81033071909d7bd8e5161aaa45d7c5ee13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e3:b3:4f:f7:49:97:c0:5f:e1:79:97:dc:d1: bb:75:a9:b5:fd:2c:2b:5d:0f:0a:f8:97:d2:ec:8b: 51:db:df:43:13:f6:93:d8:79:4e:b8:fc:42:87:f3: 98:98:3b:f5:a0:50:72:31:29:d5:90:4f:34:64:1d: 90:1c:cf:ab:73:2a:61:cb:47:85:6b:1e:06:a1:a7: 9b:8c:07:6c:aa:88:fb:0a:9a:99:ff:9d:53:ae:34: f2:4a:8b:05:b8:cc:aa:97:8c:07:f8:09:7e:c3:78: 30:d0:ee:aa:60:eb:c9:c5:e9:b1:63:39:3d:cc:50: 44:c3:5d:d8:2b:f9:60:47:89:33:1e:e4:fa:a9:4f: 90:72:77:99:6f:2b:7a:a6:bc:23:20:f8:09:64:28: 9d:2d:bc:ba:e5:74:c7:01:d0:2e:61:df:22:a5:c0: 6a:80:dd:84:6c:ea:52:1d:ca:4f:4b:7d:5e:3f:e1: 05:f5:21:93:87:df:81:cd:c2:44:b2:91:14:67:9d: d3:6a:8a:5f:07:a0:92:93:92:85:3f:c6:c4:e6:69: ae:d1:c7:47:7f:03:6a:03:3f:43:36:38:36:57:67: d7:da:ca:85:04:56:53:c9:f8:05:8b:06:92:98:76: 03:95:90:54:ca:a3:ff:65:8e:9b:ae:85:ff:b5:ae: 21:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:8E:2B:81:03:30:71:90:9D:7B:D8:E5:16:1A:AA:45:D7:C5:EE:13 X509v3 Authority Key Identifier: keyid:A0:BC:20:49:F2:18:B6:FD:AB:CA:D7:59:4C:25:23:B2:8D:A4:77:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLwgSfIYtv2rytdZTCUjso2kd8E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/15b403-2219-4786-ab02-19912a0e4918/1/oLwgSfIYtv2rytdZTCUjso2kd8E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:92:a7:83:9b:81:b0:35:88:a0:0f:d4:b6:01:46:8c:d8:c0: 5f:50:96:de:7b:de:b8:65:a4:ec:d3:ac:1f:ca:18:fb:44:03: 88:e3:e5:49:92:e0:9e:9c:2d:82:02:ea:4b:37:f5:02:95:9c: 76:2e:2a:39:54:d7:29:1a:ae:a4:90:ad:ab:e3:07:cb:45:02: 6e:82:bf:d3:ba:de:0a:72:2f:55:de:5d:a0:f7:da:16:79:66: 16:7a:55:48:71:06:48:87:be:42:3e:ce:89:67:4f:90:70:4b: 60:d2:e9:b3:9c:1e:40:e3:8b:2b:82:9a:39:3e:53:e3:16:6d: e7:9c:41:13:0a:b6:d9:18:88:3a:66:b3:20:b3:63:28:fa:ef: 41:ca:f6:c4:a9:4b:d1:59:5e:6f:d6:ea:24:1f:c9:3c:da:ea: 29:4c:18:02:c9:c2:b6:21:2c:5c:b4:65:40:a9:27:9a:fb:59: 4d:35:76:75:1c:23:d1:0f:86:49:39:9c:be:f5:b6:49:4f:e9: 05:4d:03:9b:72:d0:b7:2a:c9:30:81:c2:41:23:02:0e:5f:7a: af:18:34:28:cb:8e:70:26:5e:dc:2b:7e:0d:cf:18:7d:4b:0f: 03:b2:3e:a0:c3:46:05:7a:43:51:22:4c:6c:0b:83:70:34:40: 7b:d4:bf:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrfoL0FYRXJkMQjwJWIxOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYmMyMDQ5ZjIxOGI2ZmRhYmNhZDc1OTRjMjUyM2IyOGRh NDc3YzEwHhcNMjUxMjA2MDgwMTE5WhcNMjUxMjA3MDgwMTE5WjAzMTEwLwYDVQQD EyhhZjhlMmI4MTAzMzA3MTkwOWQ3YmQ4ZTUxNjFhYWE0NWQ3YzVlZTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOOzT/dJl8Bf4XmX3NG7dam1/Swr XQ8K+JfS7ItR299DE/aT2HlOuPxCh/OYmDv1oFByMSnVkE80ZB2QHM+rcyphy0eF ax4GoaebjAdsqoj7CpqZ/51TrjTySosFuMyql4wH+Al+w3gw0O6qYOvJxemxYzk9 zFBEw13YK/lgR4kzHuT6qU+QcneZbyt6prwjIPgJZCidLby65XTHAdAuYd8ipcBq gN2EbOpSHcpPS31eP+EF9SGTh9+BzcJEspEUZ53TaopfB6CSk5KFP8bE5mmu0cdH fwNqAz9DNjg2V2fX2sqFBFZTyfgFiwaSmHYDlZBUyqP/ZY6broX/ta4hpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+OK4EDMHGQnXvY5RYaqkXXxe4TMB8GA1UdIwQY MBaAFKC8IEnyGLb9q8rXWUwlI7KNpHfBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNWI0MDMtMjIxOS00Nzg2LWFiMDIt MTk5MTJhMGU0OTE4LzEvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8xNWI0MDMtMjIxOS00Nzg2LWFiMDItMTk5MTJhMGU0OTE4 LzEvb0x3Z1NmSVl0djJyeXRkWlRDVWpzbzJrZDhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpKng5uB sDWIoA/UtgFGjNjAX1CW3nveuGWk7NOsH8oY+0QDiOPlSZLgnpwtggLqSzf1ApWc di4qOVTXKRqupJCtq+MHy0UCboK/07reCnIvVd5doPfaFnlmFnpVSHEGSIe+Qj7O iWdPkHBLYNLps5weQOOLK4KaOT5T4xZt55xBEwq22RiIOmazILNjKPrvQcr2xKlL 0Vleb9bqJB/JPNrqKUwYAsnCtiEsXLRlQKknmvtZTTV2dRwj0Q+GSTmcvvW2SU/p BU0Dm3LQtyrJMIHCQSMCDl96rxg0KMuOcCZe3Ct+Dc8YfUsPA7I+oMNGBXpDUSJM bAuDcDRAe9S/YA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:37:32 2025 by rpki-client