This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft File: OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json) Hash identifier: K/tba/IO+i+MieZzpH4z4BBMybBC2g5pvAOux+dtprs= Subject key identifier: E8:B5:54:11:45:38:88:2D:C0:2F:EE:DF:BE:D0:69:76:F0:E7:61:40 Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0 Certificate issuer: /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0 Certificate serial: 019AF3BFF7D60C6F9B2C9AF4749EC20E63BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft Manifest number: 1293 Signing time: Sat 06 Dec 2025 13:00:35 +0000 Manifest this update: Sat 06 Dec 2025 13:00:35 +0000 Manifest next update: Sun 07 Dec 2025 13:00:35 +0000 Files and hashes: 1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: ILEGmv4/2W53fhgcqAIy0sAXF/Qaso/WzWRDDp/nU5A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:bf:f7:d6:0c:6f:9b:2c:9a:f4:74:9e:c2:0e:63:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0 Validity Not Before: Dec 6 13:00:35 2025 GMT Not After : Dec 7 13:00:35 2025 GMT Subject: CN=e8b554114538882dc02feedfbed06976f0e76140 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a9:db:1a:74:67:8b:21:cc:87:5d:22:fc:01: 9b:31:c6:e1:37:6f:6d:0d:68:00:dd:af:9e:f3:75: 01:01:cc:be:77:c2:f2:f0:17:5f:a6:2e:a1:3e:c5: 35:d7:94:ae:fc:b4:6c:dc:46:fa:ba:62:a3:c2:7e: 8c:ac:4f:8f:fa:f2:92:f3:ff:e5:93:b8:e6:25:37: 99:6c:1c:aa:0e:bd:96:fa:ee:36:f6:ab:d2:d7:1d: 68:ab:b4:28:db:4a:69:fa:77:b0:d6:ac:82:5c:ae: 5c:63:aa:de:50:7d:2b:71:08:61:dd:2d:67:3b:12: 00:2f:68:bd:c8:6f:4c:36:2a:40:ca:19:72:83:bd: a6:10:1b:e6:01:9c:9d:c5:96:c4:14:41:62:68:ef: 0b:0e:b3:f8:81:3b:f9:24:a0:9c:7c:63:c8:19:82: 25:41:82:ac:ec:de:38:1c:cc:8f:35:b8:b8:41:d5: 2c:e3:b9:25:e8:5f:e3:56:c5:6a:bc:c4:65:aa:3e: df:38:de:06:d0:ee:9b:fc:39:df:39:6b:ed:f3:43: 2f:08:b0:f8:c6:b5:b5:21:a6:f6:4e:43:8a:b5:97: b5:db:75:ee:28:72:a6:67:8b:86:f0:ef:39:7e:2d: 2c:22:e9:59:01:b1:fe:8f:fd:73:dd:67:e0:30:be: a7:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:B5:54:11:45:38:88:2D:C0:2F:EE:DF:BE:D0:69:76:F0:E7:61:40 X509v3 Authority Key Identifier: keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:98:4a:ac:04:e8:23:cd:f1:07:10:1e:40:45:e2:ba:5e:23: 4c:aa:02:07:9b:a3:c7:f8:67:cf:a0:81:9a:d5:f3:e6:33:d4: 81:72:e0:a6:57:a7:a1:a0:e5:24:f8:ea:7f:e4:fe:e4:f0:33: df:b2:e6:8d:b7:c1:3f:9c:7b:ab:29:aa:48:82:9d:34:97:a8: bf:15:af:9c:88:82:76:12:d1:8e:4a:49:2b:a2:2d:1f:6d:ae: 52:df:5d:47:19:b0:b6:b3:2b:eb:bf:e6:eb:d0:fa:d7:84:0f: a5:aa:3b:77:83:37:06:06:d1:ea:c2:82:2a:29:77:83:e1:8d: 6b:33:18:d0:38:fd:40:93:14:bc:6c:28:ef:32:3e:50:e1:f8: e2:cb:88:f9:f2:a1:0c:13:33:b3:f3:a1:1d:6d:4d:34:75:7c: e9:38:35:07:7f:d8:8d:13:48:89:0e:dd:4f:30:44:7f:bd:29: 42:f1:14:4f:ea:8c:b1:8d:bb:6c:2c:97:69:f8:5d:87:44:cb: a6:6b:af:12:ae:b2:ec:38:08:c2:e0:fb:4d:b3:cb:67:34:8d: 68:87:db:ee:87:5b:e0:1c:70:11:95:1a:28:8e:91:81:27:5d: 2e:03:09:84:f8:8d:99:34:9c:2e:3a:40:50:8f:31:dc:4e:60: 45:8f:33:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzv/fWDG+bLJr0dJ7CDmO7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3 Y2E3YTAwHhcNMjUxMjA2MTMwMDM1WhcNMjUxMjA3MTMwMDM1WjAzMTEwLwYDVQQD EyhlOGI1NTQxMTQ1Mzg4ODJkYzAyZmVlZGZiZWQwNjk3NmYwZTc2MTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6nbGnRniyHMh10i/AGbMcbhN29t DWgA3a+e83UBAcy+d8Ly8Bdfpi6hPsU115Su/LRs3Eb6umKjwn6MrE+P+vKS8//l k7jmJTeZbByqDr2W+u429qvS1x1oq7Qo20pp+new1qyCXK5cY6reUH0rcQhh3S1n OxIAL2i9yG9MNipAyhlyg72mEBvmAZydxZbEFEFiaO8LDrP4gTv5JKCcfGPIGYIl QYKs7N44HMyPNbi4QdUs47kl6F/jVsVqvMRlqj7fON4G0O6b/DnfOWvt80MvCLD4 xrW1Iab2TkOKtZe123XuKHKmZ4uG8O85fi0sIulZAbH+j/1z3WfgML6npQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOi1VBFFOIgtwC/u377QaXbw52FAMB8GA1UdIwQY MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZhKrATo I83xBxAeQEXiul4jTKoCB5ujx/hnz6CBmtXz5jPUgXLgplenoaDlJPjqf+T+5PAz 37LmjbfBP5x7qymqSIKdNJeovxWvnIiCdhLRjkpJK6ItH22uUt9dRxmwtrMr67/m 69D614QPpao7d4M3BgbR6sKCKil3g+GNazMY0Dj9QJMUvGwo7zI+UOH44suI+fKh DBMzs/OhHW1NNHV86Tg1B3/YjRNIiQ7dTzBEf70pQvEUT+qMsY27bCyXafhdh0TL pmuvEq6y7DgIwuD7TbPLZzSNaIfb7odb4BxwEZUaKI6RgSddLgMJhPiNmTScLjpA UI8x3E5gRY8zrQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:36:20 2025 by rpki-client