This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft File: oHFXHI4QtBnXo7824Qhf_VzXipg.mft (raw, json) Hash identifier: +j5Kerlu86ksDEUzXZvMRyuhr1whiLyuwBhLw3Sl+v8= Subject key identifier: BF:9D:55:0D:04:C0:22:25:12:32:C1:FA:43:04:53:52:9B:15:86:97 Authority key identifier: A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98 Certificate issuer: /CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98 Certificate serial: 019AF23F65B8291A2E44CDBAE385210872D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft Manifest number: 1129 Signing time: Sat 06 Dec 2025 06:00:32 +0000 Manifest this update: Sat 06 Dec 2025 06:00:32 +0000 Manifest next update: Sun 07 Dec 2025 06:00:32 +0000 Files and hashes: 1: _RMv1Q7O2CnoWhcrAcn90ZX5USk.roa (hash: I2FYErDanPUJADaKO92Q6jyRK2EK15cN4Qdxt/bs9vQ=) 2: oHFXHI4QtBnXo7824Qhf_VzXipg.crl (hash: MLHEtG6TMvDkx/D3y9REEBOoECU4scuN4rwzSwu1n5Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:65:b8:29:1a:2e:44:cd:ba:e3:85:21:08:72:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98 Validity Not Before: Dec 6 06:00:32 2025 GMT Not After : Dec 7 06:00:32 2025 GMT Subject: CN=bf9d550d04c022251232c1fa430453529b158697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:6f:e1:9c:3f:f1:95:c5:a9:b2:ff:84:56:ed: f7:7b:1d:8c:9f:32:79:f6:69:18:45:d3:65:e1:81: 07:cb:1c:c6:04:f5:d2:60:4b:ba:e1:ff:cb:9a:2b: b2:c7:5d:2b:2d:87:05:cc:ad:79:b2:8d:4c:54:e7: 2a:a7:a4:69:e8:aa:b4:8b:a7:5d:26:83:53:25:88: d5:a7:5f:ae:dc:4e:c9:36:88:51:54:19:9e:37:8a: c8:07:58:c2:ae:65:f5:ae:62:cb:0f:08:67:37:9e: 26:b6:2b:e5:cf:d5:7a:20:af:d0:aa:3a:48:9c:c0: 87:4a:44:48:be:9d:f9:47:2d:4f:8b:f7:6b:0e:0a: 7d:a6:9b:9a:b5:16:4f:ff:ca:b7:5e:66:94:fc:19: 81:e8:22:83:0e:9f:b9:dd:74:6e:8d:19:45:c5:28: 5a:fb:f3:0c:c8:11:8e:45:4d:cc:07:14:b5:41:a4: 6a:a9:c2:a6:74:4f:b7:aa:ba:30:be:be:49:ee:10: 8d:0e:9a:91:c1:05:94:d6:08:d6:a3:d4:29:b7:22: 26:2b:0b:fd:49:a8:e3:6f:d9:e8:d5:4a:e3:5e:3b: b2:f9:23:0e:50:9a:47:6d:a3:b7:cd:90:56:8e:15: b7:72:f5:d6:6d:06:8b:4c:dc:81:3c:af:c0:a7:bd: e2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:9D:55:0D:04:C0:22:25:12:32:C1:FA:43:04:53:52:9B:15:86:97 X509v3 Authority Key Identifier: keyid:A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:03:5f:f1:c0:a9:ac:a3:b3:ea:23:28:cd:6d:e7:48:7d:9d: bb:0d:a7:bb:93:c9:98:37:aa:cd:b5:77:e4:18:b3:8f:38:1b: cc:79:61:8d:70:79:46:2e:50:a5:6c:91:c7:9c:f5:60:e5:66: 70:b7:8f:8a:1c:99:89:68:13:9b:7a:f9:c8:c0:ea:2f:e3:80: c6:4f:34:98:5b:18:55:24:4f:51:b9:17:84:58:0a:13:13:82: 03:65:0b:65:71:ce:72:9a:eb:94:d6:89:89:36:39:23:8a:b0: 05:7a:d3:97:16:ac:45:fb:a4:ca:2b:e6:d2:43:ad:e5:f5:28: 2c:e1:ef:f6:ad:a5:0e:2a:e5:dc:0f:3a:88:8d:7c:a0:53:6e: 82:a3:2f:b5:31:ec:4f:9d:5d:5c:c9:e0:44:03:a6:5b:ee:3c: c4:d8:99:10:12:bc:f8:e2:04:78:16:4d:de:35:b5:a3:0d:92: f7:07:03:f6:ea:bd:73:d6:5b:b4:11:4c:75:de:31:f7:1e:77: 90:95:23:a2:4b:f6:34:9e:52:e2:79:e5:6d:b2:d7:25:d9:ec: 5f:b6:e0:1f:0d:0d:15:23:5d:0b:de:95:f6:df:ae:a1:64:85: 2a:6e:a0:28:8f:4c:8a:48:97:60:c4:07:0d:b2:ef:d0:e7:85: d7:da:d6:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2W4KRouRM2644UhCHLRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwNzE1NzFjOGUxMGI0MTlkN2EzYmYzNmUxMDg1ZmZkNWNk NzhhOTgwHhcNMjUxMjA2MDYwMDMyWhcNMjUxMjA3MDYwMDMyWjAzMTEwLwYDVQQD EyhiZjlkNTUwZDA0YzAyMjI1MTIzMmMxZmE0MzA0NTM1MjliMTU4Njk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm/hnD/xlcWpsv+EVu33ex2MnzJ5 9mkYRdNl4YEHyxzGBPXSYEu64f/Lmiuyx10rLYcFzK15so1MVOcqp6Rp6Kq0i6dd JoNTJYjVp1+u3E7JNohRVBmeN4rIB1jCrmX1rmLLDwhnN54mtivlz9V6IK/QqjpI nMCHSkRIvp35Ry1Pi/drDgp9ppuatRZP/8q3XmaU/BmB6CKDDp+53XRujRlFxSha +/MMyBGORU3MBxS1QaRqqcKmdE+3qrowvr5J7hCNDpqRwQWU1gjWo9QptyImKwv9 Sajjb9no1UrjXjuy+SMOUJpHbaO3zZBWjhW3cvXWbQaLTNyBPK/Ap73ifQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL+dVQ0EwCIlEjLB+kMEU1KbFYaXMB8GA1UdIwQY MBaAFKBxVxyOELQZ16O/NuEIX/1c14qYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2Yt MGMxZjY5YjdhZWU3LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9jMjgyOWYtYjNlZC00NGQzLWE1Y2YtMGMxZjY5YjdhZWU3 LzEvb0hGWEhJNFF0Qm5Ybzc4MjRRaGZfVnpYaXBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQNf8cCp rKOz6iMozW3nSH2duw2nu5PJmDeqzbV35BizjzgbzHlhjXB5Ri5QpWyRx5z1YOVm cLePihyZiWgTm3r5yMDqL+OAxk80mFsYVSRPUbkXhFgKExOCA2ULZXHOcprrlNaJ iTY5I4qwBXrTlxasRfukyivm0kOt5fUoLOHv9q2lDirl3A86iI18oFNugqMvtTHs T51dXMngRAOmW+48xNiZEBK8+OIEeBZN3jW1ow2S9wcD9uq9c9ZbtBFMdd4x9x53 kJUjokv2NJ5S4nnlbbLXJdnsX7bgHw0NFSNdC96V9t+uoWSFKm6gKI9MikiXYMQH DbLv0OeF19rWTA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:55:55 2025 by rpki-client