This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json) Hash identifier: 8yHrJGhz6X+FP/BwQ2HSDiTdqTnxpzVIiE0jKr9jk5o= Subject key identifier: C0:8E:9F:8A:BE:4A:72:81:A4:29:98:80:DD:59:64:D3:1A:D2:2C:12 Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0 Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0 Certificate serial: 019AF3F73BEF7D8F2942D39FD632154E4F21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft Manifest number: 1766 Signing time: Sat 06 Dec 2025 14:00:57 +0000 Manifest this update: Sat 06 Dec 2025 14:00:57 +0000 Manifest next update: Sun 07 Dec 2025 14:00:57 +0000 Files and hashes: 1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=) 2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: betmThLyYMeBosxNjNKzVnxLAh2MO49plLJi2C5ebyU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:3b:ef:7d:8f:29:42:d3:9f:d6:32:15:4e:4f:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0 Validity Not Before: Dec 6 14:00:57 2025 GMT Not After : Dec 7 14:00:57 2025 GMT Subject: CN=c08e9f8abe4a7281a4299880dd5964d31ad22c12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:52:cb:d4:3d:29:8e:a6:65:ea:32:8c:5a:7f: a9:af:18:b7:cb:45:4f:c3:9d:2f:57:9c:b1:44:2c: 35:7c:35:e6:b3:03:b3:21:7e:66:9c:b8:01:8c:80: db:94:ba:70:cb:91:1d:22:73:b4:0c:01:d8:a3:df: f4:b0:f9:a4:6f:7a:d9:0b:5d:9a:25:57:8f:a6:10: 17:9d:9e:11:40:ee:aa:4e:68:fc:85:f1:ef:16:5e: b8:26:10:e7:da:5b:55:c6:df:bf:57:4f:db:03:35: 66:48:73:40:29:67:a8:70:de:7f:81:c3:4f:29:c3: 8e:89:05:f5:56:6d:e7:b2:b0:0c:71:28:17:09:cc: 69:40:9a:ed:12:e3:4a:c1:bf:0e:bd:44:db:8f:f6: 0a:be:a6:17:11:b1:65:6b:fb:48:93:7e:18:e7:cb: ea:bb:90:65:66:15:77:e9:90:88:23:77:da:33:91: 2e:e0:06:3c:10:89:2d:83:88:1b:a7:7a:1c:18:a0: 97:9c:4f:ba:63:76:8f:71:94:f4:d0:7b:3e:6f:50: f3:bf:96:e5:50:52:a6:66:87:ef:49:97:10:5d:39: c1:c9:f3:ad:6f:e6:f1:fa:8a:40:fd:3e:31:32:96: 16:1c:77:79:5d:f0:54:4e:db:98:c3:93:d3:8c:a6: 85:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:8E:9F:8A:BE:4A:72:81:A4:29:98:80:DD:59:64:D3:1A:D2:2C:12 X509v3 Authority Key Identifier: keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:f6:50:98:ce:a5:ee:78:28:fa:4e:5a:8e:63:1d:ad:d4:d9: db:ec:30:e0:8c:9d:1c:81:56:8d:af:5b:d5:f3:2a:4a:45:eb: 7d:8c:2d:06:29:bb:d0:dd:de:32:d4:f5:23:57:f7:9a:b3:fa: 4e:85:80:6f:89:eb:8a:fb:58:db:3b:15:7e:16:be:4f:36:08: f5:a8:76:06:3f:15:ff:bd:33:c8:b9:c0:e4:f9:4b:f1:0f:88: 24:63:e4:33:45:4c:00:d1:1d:f2:97:2d:56:a2:d2:60:68:25: f5:b1:6c:de:16:c3:64:67:04:0e:3a:14:1f:1a:e9:e0:31:26: cd:0e:e7:8e:d1:ee:81:0f:38:9e:0b:1b:42:b2:52:8b:d5:7e: 0a:5d:b6:a0:9d:53:84:61:13:ac:98:5f:43:8e:b3:3d:ec:d2: a8:c4:a1:94:bb:5a:46:8a:f5:16:98:b5:9f:25:f4:95:a7:b4: c0:5c:f2:e1:64:16:b0:fd:1f:24:8b:93:db:08:99:7f:fb:1e: 5d:fb:35:ca:5f:c5:bf:fc:a4:5f:7b:c3:84:74:ac:a3:ca:19: 21:d0:fb:fc:1f:1e:ba:92:39:77:46:e8:46:fc:67:c4:d8:3d: 89:7c:84:e8:33:6e:06:a5:1a:cf:8a:c1:24:61:7d:49:f7:40: a3:5a:d7:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9zvvfY8pQtOf1jIVTk8hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2 ZjFjYzAwHhcNMjUxMjA2MTQwMDU3WhcNMjUxMjA3MTQwMDU3WjAzMTEwLwYDVQQD EyhjMDhlOWY4YWJlNGE3MjgxYTQyOTk4ODBkZDU5NjRkMzFhZDIyYzEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11LL1D0pjqZl6jKMWn+prxi3y0VP w50vV5yxRCw1fDXmswOzIX5mnLgBjIDblLpwy5EdInO0DAHYo9/0sPmkb3rZC12a JVePphAXnZ4RQO6qTmj8hfHvFl64JhDn2ltVxt+/V0/bAzVmSHNAKWeocN5/gcNP KcOOiQX1Vm3nsrAMcSgXCcxpQJrtEuNKwb8OvUTbj/YKvqYXEbFla/tIk34Y58vq u5BlZhV36ZCII3faM5Eu4AY8EIktg4gbp3ocGKCXnE+6Y3aPcZT00Hs+b1Dzv5bl UFKmZofvSZcQXTnByfOtb+bx+opA/T4xMpYWHHd5XfBUTtuYw5PTjKaFBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMCOn4q+SnKBpCmYgN1ZZNMa0iwSMB8GA1UdIwQY MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5 LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUfZQmM6l 7ngo+k5ajmMdrdTZ2+ww4IydHIFWja9b1fMqSkXrfYwtBim70N3eMtT1I1f3mrP6 ToWAb4nrivtY2zsVfha+TzYI9ah2Bj8V/70zyLnA5PlL8Q+IJGPkM0VMANEd8pct VqLSYGgl9bFs3hbDZGcEDjoUHxrp4DEmzQ7njtHugQ84ngsbQrJSi9V+Cl22oJ1T hGETrJhfQ46zPezSqMShlLtaRor1Fpi1nyX0lae0wFzy4WQWsP0fJIuT2wiZf/se Xfs1yl/Fv/ykX3vDhHSso8oZIdD7/B8eupI5d0boRvxnxNg9iXyE6DNuBqUaz4rB JGF9SfdAo1rX1g== -----END CERTIFICATE-----Generated at Sat Dec 6 23:02:38 2025 by rpki-client