This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft (raw, json) Hash identifier: Vm8ZQUNpKyuk+IcDCo/5bdWoynjCfAtJAAMoAL9rW7c= Subject key identifier: 1C:B6:CE:C0:B7:B5:00:34:60:0D:26:13:C9:81:7A:1D:1D:45:9B:62 Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00 Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400 Certificate serial: 019AF2ADB9BD4BABBBC9ABA66D7A2246FFC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft Manifest number: 02DD Signing time: Sat 06 Dec 2025 08:01:02 +0000 Manifest this update: Sat 06 Dec 2025 08:01:02 +0000 Manifest next update: Sun 07 Dec 2025 08:01:02 +0000 Files and hashes: 1: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (hash: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=) 2: OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl (hash: yMNdZVgWa7x9R3Ecz89ks/quBL8gV8iB9r78WLfsk/I=) 3: dsqp4bxyFCCs7RL2PZGSdi7KthE.roa (hash: LpothYWyfl3DUg9u8R+0xehBO2vE3vsq9xV0G0H4C0U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b9:bd:4b:ab:bb:c9:ab:a6:6d:7a:22:46:ff:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400 Validity Not Before: Dec 6 08:01:02 2025 GMT Not After : Dec 7 08:01:02 2025 GMT Subject: CN=1cb6cec0b7b50034600d2613c9817a1d1d459b62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:18:c9:30:cc:01:4b:ae:b1:48:8b:4b:90:89: 2a:52:36:42:21:1d:26:2c:4c:8c:09:2f:ea:90:08: 82:a0:79:ac:a8:78:0f:a8:50:c6:de:5f:dc:ac:ae: 42:c0:55:be:59:e6:69:f3:e6:e3:c5:2d:45:bd:53: d6:fa:44:c8:87:e7:57:67:6d:bd:66:19:fb:ba:e5: ae:bd:68:bc:11:cc:8d:6d:a3:9f:60:ea:97:fd:88: fd:e3:60:62:37:5a:bf:4a:ed:cc:de:0f:12:07:b8: b3:22:59:3e:bb:ec:f7:35:bd:65:6d:81:08:8f:4d: e1:f6:d9:1a:c5:d5:ef:ef:cb:81:4c:4e:3f:37:be: bf:25:4c:70:cc:f5:f2:47:8b:d6:0a:b9:0e:45:1b: 4d:fa:a9:08:41:41:db:00:f8:40:6c:8d:6a:ab:fb: 94:0f:45:b7:f7:71:ce:fb:1e:63:a5:75:bb:8e:12: 3b:dd:fe:ae:84:47:08:67:bb:63:9b:94:0f:76:13: a2:1a:20:f9:c1:90:34:f8:59:80:af:5d:b6:6c:5f: a3:8c:0d:ee:c7:1a:a5:51:7d:ca:d5:f5:81:18:3e: ea:c8:63:1e:d0:02:69:eb:b1:53:3b:1c:db:40:1e: 90:a9:1e:99:48:34:2a:dd:8e:91:db:4c:05:b1:18: 23:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:B6:CE:C0:B7:B5:00:34:60:0D:26:13:C9:81:7A:1D:1D:45:9B:62 X509v3 Authority Key Identifier: keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:c8:a9:9b:eb:99:89:3c:87:c3:2d:6a:6b:65:4b:56:62:c3: cc:bf:fd:a1:ef:cf:27:14:44:69:63:58:af:bf:74:68:89:f7: 9e:f9:e6:8a:9f:06:0f:a0:6a:d8:93:47:f7:03:4b:37:07:b1: 76:07:52:31:c8:f5:5e:28:57:e4:1c:42:0b:ff:20:dd:f1:83: ed:04:10:68:0b:c5:63:32:49:ca:44:26:18:16:7e:b1:0c:de: e2:63:0b:14:39:7f:b9:89:f9:3d:01:26:79:92:99:9f:dd:fb: 43:11:20:62:57:a6:58:83:a4:bd:4b:b0:a7:08:4d:63:51:f6: 30:ec:3e:91:ca:0a:71:42:6c:d8:97:18:9f:3c:08:80:47:0f: af:f2:31:a6:31:9b:c9:ef:f5:73:4a:2f:78:1e:50:78:35:32: 4c:ad:e7:2c:ad:77:63:c1:40:29:c7:99:a9:99:ea:03:8a:8f: eb:f0:87:8e:ab:aa:ad:69:00:ab:99:21:c4:2a:37:d4:8e:f1: 2d:09:7a:a5:b7:10:ae:5e:50:fc:41:2d:62:fe:3f:96:b6:7c: 56:be:c1:60:b2:38:50:be:06:b6:0f:b0:9a:bc:fd:28:c3:68: 72:77:83:45:31:45:7d:1c:7c:0b:e4:77:f1:b5:77:43:e3:ff: bc:f3:b8:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbm9S6u7yaumbXoiRv/GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh YzM0MDAwHhcNMjUxMjA2MDgwMTAyWhcNMjUxMjA3MDgwMTAyWjAzMTEwLwYDVQQD EygxY2I2Y2VjMGI3YjUwMDM0NjAwZDI2MTNjOTgxN2ExZDFkNDU5YjYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxjJMMwBS66xSItLkIkqUjZCIR0m LEyMCS/qkAiCoHmsqHgPqFDG3l/crK5CwFW+WeZp8+bjxS1FvVPW+kTIh+dXZ229 Zhn7uuWuvWi8EcyNbaOfYOqX/Yj942BiN1q/Su3M3g8SB7izIlk+u+z3Nb1lbYEI j03h9tkaxdXv78uBTE4/N76/JUxwzPXyR4vWCrkORRtN+qkIQUHbAPhAbI1qq/uU D0W393HO+x5jpXW7jhI73f6uhEcIZ7tjm5QPdhOiGiD5wZA0+FmAr122bF+jjA3u xxqlUX3K1fWBGD7qyGMe0AJp67FTOxzbQB6QqR6ZSDQq3Y6R20wFsRgj8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBy2zsC3tQA0YA0mE8mBeh0dRZtiMB8GA1UdIwQY MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt NGU2NTViNWI2NDI3LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3 LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8ipm+uZ iTyHwy1qa2VLVmLDzL/9oe/PJxREaWNYr790aIn3nvnmip8GD6Bq2JNH9wNLNwex dgdSMcj1XihX5BxCC/8g3fGD7QQQaAvFYzJJykQmGBZ+sQze4mMLFDl/uYn5PQEm eZKZn937QxEgYlemWIOkvUuwpwhNY1H2MOw+kcoKcUJs2JcYnzwIgEcPr/IxpjGb ye/1c0oveB5QeDUyTK3nLK13Y8FAKceZqZnqA4qP6/CHjquqrWkAq5khxCo31I7x LQl6pbcQrl5Q/EEtYv4/lrZ8Vr7BYLI4UL4Gtg+wmrz9KMNocneDRTFFfRx8C+R3 8bV3Q+P/vPO4mw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:00:52 2025 by rpki-client