This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft File: O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json) Hash identifier: uIDvZoCtDqPRyGVkO0i9v9+qHrqVjRSrV4mZTCn8ko8= Subject key identifier: C5:63:75:63:98:65:0B:49:E4:46:BB:90:DB:DC:4D:EE:E7:D8:42:0B Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 Certificate issuer: /CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Certificate serial: 019AF6F84948C9A05A865E8F0E5B3B824B50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft Manifest number: 08F5 Signing time: Sun 07 Dec 2025 04:00:57 +0000 Manifest this update: Sun 07 Dec 2025 04:00:57 +0000 Manifest next update: Mon 08 Dec 2025 04:00:57 +0000 Files and hashes: 1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: q5CtueI66ajf6aknpmQ3ALUDQHuUdwP/Opi3jLWjrJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:49:48:c9:a0:5a:86:5e:8f:0e:5b:3b:82:4b:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Validity Not Before: Dec 7 04:00:57 2025 GMT Not After : Dec 8 04:00:57 2025 GMT Subject: CN=c563756398650b49e446bb90dbdc4deee7d8420b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:84:9d:47:a6:ff:72:30:9a:39:28:36:8b:f0: 93:8f:f8:fd:1e:6d:02:46:7d:5c:53:95:28:d5:15: 99:2f:6a:6d:44:4c:7d:6f:c7:b9:bd:c3:9d:fe:da: 12:88:c9:13:b0:f2:cf:43:a4:2f:c0:3c:47:45:ea: 7e:04:45:10:39:74:a6:9e:16:9e:de:0d:27:a6:71: 4f:83:04:da:9b:c0:4c:c5:c0:9e:ad:6c:a5:79:3e: ae:f8:eb:56:ed:85:1c:0d:3d:6c:e9:8f:a9:a3:09: 3e:e4:74:ef:20:60:cb:3a:cd:16:b0:bf:14:41:c0: 0a:d7:37:c5:d7:c2:be:34:91:e6:e2:86:5d:74:55: 73:25:12:39:0d:88:16:23:c7:83:3a:f7:e1:27:83: 81:b3:44:b3:1f:31:c9:f2:8a:57:e9:ac:6c:3d:6e: 25:c1:c0:ac:b5:64:9b:5d:06:e6:a5:03:3f:5a:e6: ab:65:46:2d:05:10:25:64:82:75:e5:51:2b:d6:a1: ea:69:a7:46:2c:ad:5a:42:4d:f6:2e:1d:04:d4:44: ba:bb:77:9e:28:c0:96:69:71:32:d7:da:27:ed:28: b4:b8:eb:d3:a9:36:34:22:1d:61:41:e5:5f:3b:b8: e1:79:e1:44:55:d4:87:64:32:05:7d:e3:27:04:18: 92:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:63:75:63:98:65:0B:49:E4:46:BB:90:DB:DC:4D:EE:E7:D8:42:0B X509v3 Authority Key Identifier: keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:af:d4:b7:e0:3a:63:95:6f:3e:f3:b1:f9:85:97:83:3a:a1: 44:76:25:85:3f:ac:28:10:0c:fe:57:fa:2f:02:33:b6:30:36: 44:35:62:d0:41:5b:60:e8:e5:2c:7e:21:0d:73:c5:fc:80:50: c6:51:90:4d:33:5d:22:fc:b9:8d:23:7d:31:29:48:ac:8f:a4: 77:13:23:19:a4:5f:81:3f:4f:20:44:67:89:26:88:64:69:9f: 4b:d3:c0:54:17:a2:93:bb:0f:ef:c0:50:74:a7:47:24:f3:55: ad:7e:c6:01:ab:0c:68:0a:f2:54:dc:d5:2f:5d:4a:7e:ea:75: 1d:92:87:23:22:36:04:f6:6e:58:55:04:de:44:3a:ee:95:b5: 2c:77:78:91:85:47:15:5b:13:b6:83:0d:52:61:60:49:44:1f: ab:67:d7:0f:bc:5b:be:e5:d8:12:3f:68:81:99:da:af:98:b8: e4:22:0d:4e:92:56:d9:98:1e:20:d6:5f:6b:2c:65:6d:bf:f6: 3e:e0:6e:5f:7d:47:51:a7:fb:6b:c7:f2:b8:77:c3:53:73:1d: d8:57:68:ee:06:e8:0a:84:4d:c4:c7:67:93:18:03:bd:e4:56: c1:0e:7e:e9:92:a6:63:6c:d8:c5:5b:1e:91:4d:3f:59:6d:83: 14:5e:44:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+ElIyaBahl6PDls7gktQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl MDdiNTQwHhcNMjUxMjA3MDQwMDU3WhcNMjUxMjA4MDQwMDU3WjAzMTEwLwYDVQQD EyhjNTYzNzU2Mzk4NjUwYjQ5ZTQ0NmJiOTBkYmRjNGRlZWU3ZDg0MjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYSdR6b/cjCaOSg2i/CTj/j9Hm0C Rn1cU5Uo1RWZL2ptREx9b8e5vcOd/toSiMkTsPLPQ6QvwDxHRep+BEUQOXSmnhae 3g0npnFPgwTam8BMxcCerWyleT6u+OtW7YUcDT1s6Y+powk+5HTvIGDLOs0WsL8U QcAK1zfF18K+NJHm4oZddFVzJRI5DYgWI8eDOvfhJ4OBs0SzHzHJ8opX6axsPW4l wcCstWSbXQbmpQM/WuarZUYtBRAlZIJ15VEr1qHqaadGLK1aQk32Lh0E1ES6u3ee KMCWaXEy19on7Si0uOvTqTY0Ih1hQeVfO7jheeFEVdSHZDIFfeMnBBiSbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMVjdWOYZQtJ5Ea7kNvcTe7n2EILMB8GA1UdIwQY MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5 LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ6/Ut+A6 Y5VvPvOx+YWXgzqhRHYlhT+sKBAM/lf6LwIztjA2RDVi0EFbYOjlLH4hDXPF/IBQ xlGQTTNdIvy5jSN9MSlIrI+kdxMjGaRfgT9PIERniSaIZGmfS9PAVBeik7sP78BQ dKdHJPNVrX7GAasMaAryVNzVL11Kfup1HZKHIyI2BPZuWFUE3kQ67pW1LHd4kYVH FVsTtoMNUmFgSUQfq2fXD7xbvuXYEj9ogZnar5i45CINTpJW2ZgeINZfayxlbb/2 PuBuX31HUaf7a8fyuHfDU3Md2Fdo7gboCoRNxMdnkxgDveRWwQ5+6ZKmY2zYxVse kU0/WW2DFF5EAQ== -----END CERTIFICATE-----Generated at Sun Dec 7 07:28:33 2025 by rpki-client