This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft File: oOWh7YHyM49feJpE6u2w7uP3EJ4.mft (raw, json) Hash identifier: Ije8JFduV5rhUjdy+aL4zxLCwjQSgJluo8LjJTn9V2I= Subject key identifier: AF:91:5C:EB:35:C3:53:E2:CA:85:70:95:F2:01:A6:22:F5:4C:A2:00 Authority key identifier: A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E Certificate issuer: /CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e Certificate serial: 019AF23F9A1B2E63A48768DBF49F1B72C728 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft Manifest number: 45 Signing time: Sat 06 Dec 2025 06:00:45 +0000 Manifest this update: Sat 06 Dec 2025 06:00:45 +0000 Manifest next update: Sun 07 Dec 2025 06:00:45 +0000 Files and hashes: 1: oOWh7YHyM49feJpE6u2w7uP3EJ4.crl (hash: 5SA6YCd6M18POs5cXl4fiwRyX1B+5kMjkZROeKZjtjA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:9a:1b:2e:63:a4:87:68:db:f4:9f:1b:72:c7:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e Validity Not Before: Dec 6 06:00:45 2025 GMT Not After : Dec 7 06:00:45 2025 GMT Subject: CN=af915ceb35c353e2ca857095f201a622f54ca200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f8:fc:7d:79:d4:99:77:5e:ea:7d:c6:e3:29: 0c:09:85:3f:d8:44:cb:48:7b:ad:f6:6b:dd:e4:c2: 54:a4:40:c9:1e:f8:40:79:ad:d7:20:0f:51:4e:97: f2:da:e4:4c:c4:ce:38:a0:77:5a:2b:61:c8:ee:b3: 7f:57:e2:5a:10:16:bf:78:5d:14:2b:10:99:ef:55: f6:41:18:0d:ab:82:f4:f3:ed:4a:8d:6b:db:1b:61: 09:67:73:40:2c:0f:69:bd:88:7f:74:3b:4a:1f:b0: b1:84:0a:6a:df:09:07:bb:86:87:98:61:80:1c:bb: de:28:9d:0c:87:60:23:71:61:34:08:dd:bf:c2:a1: e0:5d:86:0e:b6:f2:58:ae:e3:a2:5c:47:cb:52:2f: 55:e5:a7:6d:82:23:e5:70:c0:2d:94:eb:e2:ee:5c: c7:73:f9:43:14:77:8d:78:5e:17:b8:8b:95:f2:00: 10:65:7f:5c:1f:5b:6d:d7:67:c1:66:a5:2e:bc:eb: b1:0e:5e:69:5a:87:4d:71:74:22:e4:08:7c:64:1c: f7:1c:a6:39:2e:76:6a:44:80:e2:d8:0d:74:2e:b3: f1:0a:03:f5:ab:a3:36:c2:6c:76:00:24:c2:9a:30: 00:a8:55:a3:ad:d9:09:3c:51:09:5b:f0:2e:11:a0: bd:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:91:5C:EB:35:C3:53:E2:CA:85:70:95:F2:01:A6:22:F5:4C:A2:00 X509v3 Authority Key Identifier: keyid:A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:30:0e:15:63:ee:a3:ce:59:be:65:05:61:d5:9e:75:51:8f: 82:3c:8b:11:1d:83:e7:7e:28:59:60:cf:d2:1a:4e:6a:59:58: ad:ab:64:5c:33:a6:62:9b:34:7d:05:f4:62:97:f2:97:ab:1d: 0b:d7:19:3c:d1:ce:df:fd:5c:c2:3e:f4:d9:ba:59:71:a5:e6: 73:50:8e:0a:f8:e6:07:63:fa:7c:50:ce:bb:39:a1:76:b3:d1: c8:31:d5:53:8b:fe:e0:9b:01:68:3c:b0:b3:a5:49:f5:cf:05: 74:ff:88:f1:c9:da:13:8e:85:ac:bb:54:dd:60:b8:c5:75:d8: c0:59:92:16:b2:4e:ef:69:be:0e:b0:8b:c0:5a:44:c3:1c:92: 0d:a7:89:0a:c6:d6:3a:8f:bf:6c:af:e5:cd:53:90:cb:29:93: 41:e8:c5:75:5b:41:ac:10:84:43:dc:2b:d3:47:db:8b:ed:bc: 61:c3:e5:38:eb:3e:18:e3:6b:88:59:43:92:82:0b:5f:3f:e2: 7c:3c:05:24:aa:0a:f9:d1:46:36:b4:48:87:47:64:41:ee:5c: d1:3c:2e:d7:7e:37:24:12:50:e1:03:e7:da:7b:63:42:bd:f5: 03:0e:d3:08:f5:8d:da:76:e4:38:d9:18:d0:22:af:45:b0:2d: dd:ce:60:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP5obLmOkh2jb9J8bcscoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZTVhMWVkODFmMjMzOGY1Zjc4OWE0NGVhZWRiMGVlZTNm NzEwOWUwHhcNMjUxMjA2MDYwMDQ1WhcNMjUxMjA3MDYwMDQ1WjAzMTEwLwYDVQQD EyhhZjkxNWNlYjM1YzM1M2UyY2E4NTcwOTVmMjAxYTYyMmY1NGNhMjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fj8fXnUmXde6n3G4ykMCYU/2ETL SHut9mvd5MJUpEDJHvhAea3XIA9RTpfy2uRMxM44oHdaK2HI7rN/V+JaEBa/eF0U KxCZ71X2QRgNq4L08+1KjWvbG2EJZ3NALA9pvYh/dDtKH7CxhApq3wkHu4aHmGGA HLveKJ0Mh2AjcWE0CN2/wqHgXYYOtvJYruOiXEfLUi9V5adtgiPlcMAtlOvi7lzH c/lDFHeNeF4XuIuV8gAQZX9cH1tt12fBZqUuvOuxDl5pWodNcXQi5Ah8ZBz3HKY5 LnZqRIDi2A10LrPxCgP1q6M2wmx2ACTCmjAAqFWjrdkJPFEJW/AuEaC9UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+RXOs1w1PiyoVwlfIBpiL1TKIAMB8GA1UdIwQY MBaAFKDloe2B8jOPX3iaROrtsO7j9xCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2Et MGQ1M2ZjMTBhOGU5LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2EtMGQ1M2ZjMTBhOGU5 LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEDAOFWPu o85ZvmUFYdWedVGPgjyLER2D534oWWDP0hpOallYratkXDOmYps0fQX0Ypfyl6sd C9cZPNHO3/1cwj702bpZcaXmc1COCvjmB2P6fFDOuzmhdrPRyDHVU4v+4JsBaDyw s6VJ9c8FdP+I8cnaE46FrLtU3WC4xXXYwFmSFrJO72m+DrCLwFpEwxySDaeJCsbW Oo+/bK/lzVOQyymTQejFdVtBrBCEQ9wr00fbi+28YcPlOOs+GONriFlDkoILXz/i fDwFJKoK+dFGNrRIh0dkQe5c0Twu1343JBJQ4QPn2ntjQr31Aw7TCPWN2nbkONkY 0CKvRbAt3c5gwg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:42:04 2025 by rpki-client