This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft File: OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json) Hash identifier: 8v4Gi3xILUlfpbHkj9xo1Gw9QqMs3Rga0WqTvyc1nKw= Subject key identifier: D6:78:D3:6E:F3:C9:42:BB:D7:CE:82:E8:68:43:72:E6:7A:43:32:DA Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B Certificate issuer: /CN=381b2c59729a53b84112aaf2ca1228f34247a39b Certificate serial: 019AF12CEE90FC1DA9A8050039DCC6E7A920 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:00:44 +0000 Manifest this update: Sat 06 Dec 2025 01:00:44 +0000 Manifest next update: Sun 07 Dec 2025 01:00:44 +0000 Files and hashes: 1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: L93Vl3mnKQTx+E+2zofV369ScGkmI8feuFkYoezMFN0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:ee:90:fc:1d:a9:a8:05:00:39:dc:c6:e7:a9:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b Validity Not Before: Dec 6 01:00:44 2025 GMT Not After : Dec 7 01:00:44 2025 GMT Subject: CN=d678d36ef3c942bbd7ce82e8684372e67a4332da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:02:2f:66:0d:43:e2:9c:d2:60:5e:2a:b6:52: 43:c9:31:eb:81:d6:d2:af:50:5d:0c:90:23:7d:d8: f0:3b:d8:c3:1b:46:2d:f9:50:1b:d6:59:14:af:e3: 78:95:a9:f2:2b:cd:a1:ef:14:7d:e8:28:2d:0f:9d: df:d4:76:09:8f:99:8c:56:d6:0c:50:85:6e:94:90: c3:b4:30:b7:94:26:23:58:5d:e5:d1:58:da:93:79: f6:40:37:35:7b:14:89:f5:6a:0a:6e:77:54:e4:69: e7:73:0b:3e:b5:f9:bc:13:1f:c5:9a:c4:44:3a:fe: 72:77:1c:2c:4a:41:91:e5:04:4a:43:05:d3:3b:fd: 8f:36:82:07:33:2e:47:2d:71:f0:2a:e2:fb:b4:bf: 58:78:9b:c7:99:a5:a7:92:97:43:3d:88:c4:db:c7: 20:07:6a:f2:29:5b:ac:42:45:cb:0f:b7:fd:76:8b: 0a:f4:08:37:dd:b6:59:2d:8d:28:e4:a9:89:7b:f8: 49:64:1a:34:b2:ac:a8:2d:de:ba:a2:74:8c:91:47: 60:36:41:08:ee:26:9c:ce:63:b0:3d:ac:e8:db:9f: 9a:9f:fa:01:13:9a:a3:01:94:f8:70:0c:5a:4b:f9: 37:9e:2a:e8:fe:c8:c9:4b:5c:dc:27:bf:26:1e:75: 7a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:78:D3:6E:F3:C9:42:BB:D7:CE:82:E8:68:43:72:E6:7A:43:32:DA X509v3 Authority Key Identifier: keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e3:d2:24:f6:5a:05:52:3d:1b:cb:c0:6d:98:f2:5a:cd:1b:57: 6a:7a:c8:54:f4:5f:b5:dd:0a:a5:2d:fc:82:36:c2:63:04:70: ef:bc:84:24:84:63:44:1e:43:0f:7a:df:96:aa:ef:aa:2c:bb: dd:12:c9:bf:72:5f:8f:31:cd:2a:6b:01:26:03:8e:43:b1:51: c0:a7:e8:6f:14:8c:0f:ed:e1:04:8c:06:a9:28:70:9a:bb:47: 4d:4b:9e:10:54:ef:13:92:22:d0:e5:c6:ed:17:8d:5a:0b:23: 44:3f:cf:ef:90:40:76:fd:fa:f6:dc:20:4d:4c:6c:c7:b1:e9: 49:95:b8:99:bd:db:2e:ef:77:e8:2c:db:50:83:66:5b:82:c5: cc:7e:be:85:6d:d4:b4:f3:03:c7:f4:1d:b8:80:26:86:43:02: 35:c1:a6:6a:09:c8:96:35:ac:e8:b4:2a:75:38:07:75:58:df: d3:8d:4a:c9:91:05:b3:ee:cd:de:f7:28:32:66:e1:4b:78:4e: 19:82:30:1d:4f:7b:eb:40:95:3c:c1:d3:1d:42:7d:2e:89:5b: 96:f1:b5:a3:ed:cc:a5:0b:c6:d9:13:cb:3d:81:84:c9:eb:92: 98:b5:47:77:9f:80:08:3a:0a:46:12:14:2a:5d:13:f5:d7:0b: 56:1e:f6:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLO6Q/B2pqAUAOdzG56kgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0 N2EzOWIwHhcNMjUxMjA2MDEwMDQ0WhcNMjUxMjA3MDEwMDQ0WjAzMTEwLwYDVQQD EyhkNjc4ZDM2ZWYzYzk0MmJiZDdjZTgyZTg2ODQzNzJlNjdhNDMzMmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wIvZg1D4pzSYF4qtlJDyTHrgdbS r1BdDJAjfdjwO9jDG0Yt+VAb1lkUr+N4lanyK82h7xR96CgtD53f1HYJj5mMVtYM UIVulJDDtDC3lCYjWF3l0Vjak3n2QDc1exSJ9WoKbndU5Gnncws+tfm8Ex/FmsRE Ov5ydxwsSkGR5QRKQwXTO/2PNoIHMy5HLXHwKuL7tL9YeJvHmaWnkpdDPYjE28cg B2ryKVusQkXLD7f9dosK9Ag33bZZLY0o5KmJe/hJZBo0sqyoLd66onSMkUdgNkEI 7iaczmOwPazo25+an/oBE5qjAZT4cAxaS/k3niro/sjJS1zcJ78mHnV6WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNZ4027zyUK7186C6GhDcuZ6QzLaMB8GA1UdIwQY MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA49Ik9loF Uj0by8BtmPJazRtXanrIVPRftd0KpS38gjbCYwRw77yEJIRjRB5DD3rflqrvqiy7 3RLJv3JfjzHNKmsBJgOOQ7FRwKfobxSMD+3hBIwGqShwmrtHTUueEFTvE5Ii0OXG 7ReNWgsjRD/P75BAdv369twgTUxsx7HpSZW4mb3bLu936CzbUINmW4LFzH6+hW3U tPMDx/QduIAmhkMCNcGmagnIljWs6LQqdTgHdVjf041KyZEFs+7N3vcoMmbhS3hO GYIwHU9760CVPMHTHUJ9LolblvG1o+3MpQvG2RPLPYGEyeuSmLVHd5+ACDoKRhIU Kl0T9dcLVh72Ug== -----END CERTIFICATE-----Generated at Sat Dec 6 08:13:02 2025 by rpki-client