This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft File: oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json) Hash identifier: N6CbJ6aEgRs13qZ5OBKhp8ePAYEKcIHpRX6OwOoO1SM= Subject key identifier: 64:B2:AA:52:B5:EE:3B:89:20:61:AE:11:2D:A2:38:64:73:98:FF:9C Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 Certificate issuer: /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Certificate serial: 019AF19ACDA7AB35E03DA9CBF86FF11F98B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 03:00:45 +0000 Manifest this update: Sat 06 Dec 2025 03:00:45 +0000 Manifest next update: Sun 07 Dec 2025 03:00:45 +0000 Files and hashes: 1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: v/YvBBV0R9+jfFKngbd09fUI/0cEi8/oOJ7b3E7InrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:cd:a7:ab:35:e0:3d:a9:cb:f8:6f:f1:1f:98:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Validity Not Before: Dec 6 03:00:45 2025 GMT Not After : Dec 7 03:00:45 2025 GMT Subject: CN=64b2aa52b5ee3b892061ae112da238647398ff9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:0c:48:00:29:8c:3e:eb:e2:e1:68:1a:75:fd: 1b:1a:8e:bf:c7:2c:9a:c0:fa:15:c3:69:20:3c:65: 7c:e1:47:b1:e6:13:d6:32:6e:21:70:b4:20:74:8f: 3c:66:aa:cf:48:5d:f1:f7:83:f6:13:3e:78:c7:14: 9f:78:66:10:fd:4c:dd:62:86:dd:32:b4:df:18:84: 4f:8b:ba:13:5e:7d:b1:ea:73:1d:90:c8:ba:9a:c5: 15:84:77:06:61:da:eb:24:56:a1:c1:3b:79:2d:2a: 82:05:30:36:54:62:71:1c:c7:f0:07:6e:d7:23:c4: eb:15:51:18:b5:07:70:e3:42:bc:d8:5e:6c:d3:87: 72:83:71:b2:c9:1b:7b:cd:90:31:af:d4:f9:db:cc: 23:97:c9:a3:58:d3:38:e1:99:af:07:04:23:c0:27: 24:38:e2:90:d9:15:6b:a9:49:b8:81:41:9c:7a:a0: 36:41:e9:45:9b:db:68:4e:d2:a6:e7:25:ac:04:f1: fe:ef:8d:93:8c:fe:0e:6b:11:7a:2b:87:3d:37:67: 99:4a:87:5b:9a:88:66:b3:7c:ec:80:49:6f:74:26: 43:3b:e0:3b:a6:3c:df:30:3f:51:03:fc:38:fd:27: ff:d8:0d:09:e0:24:4c:f7:de:48:6a:36:0c:28:7c: 39:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:B2:AA:52:B5:EE:3B:89:20:61:AE:11:2D:A2:38:64:73:98:FF:9C X509v3 Authority Key Identifier: keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:18:24:1b:3f:46:6f:96:ba:0f:34:6b:e3:74:48:22:98:b1: 8d:1b:1c:85:77:62:1c:45:b5:e9:a1:24:5f:a1:28:f0:33:49: 55:2d:da:ae:d8:f0:3a:97:85:5c:a6:e7:2b:52:8e:76:8f:80: 18:02:01:20:6a:83:93:f5:5b:29:22:27:e0:a1:80:d2:6f:27: 28:ec:ad:db:9d:57:1d:3c:39:48:75:51:95:09:f9:d7:9a:cb: 49:9d:86:ef:e6:4b:a4:32:a7:07:0d:8a:71:b3:cd:c8:4a:45: 88:dd:89:03:0c:b4:d1:a7:80:b4:55:87:4a:a7:70:26:23:5e: da:a1:28:82:98:1d:c0:c8:c2:20:a8:27:0d:7f:90:61:95:57: e7:b4:de:f3:93:20:02:58:9f:34:67:97:2e:d1:09:7f:cb:9e: 28:36:d8:12:9a:8b:5a:2c:60:c6:e0:5a:e0:d1:b3:35:d7:ef: 4b:ba:fc:33:b1:30:64:1f:95:85:5f:64:f4:92:60:b2:55:4a: 46:16:cc:76:01:3e:24:23:93:2f:79:48:1f:bc:82:e0:d0:c9: 7b:d4:fd:e8:9e:45:09:e0:78:9a:d4:71:6e:25:43:6d:75:07: de:3c:20:d4:3f:ae:98:ad:7d:f0:41:b6:e0:7f:ce:d1:a1:99: a7:bd:f1:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxms2nqzXgPanL+G/xH5i1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm MjI0NzQwHhcNMjUxMjA2MDMwMDQ1WhcNMjUxMjA3MDMwMDQ1WjAzMTEwLwYDVQQD Eyg2NGIyYWE1MmI1ZWUzYjg5MjA2MWFlMTEyZGEyMzg2NDczOThmZjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQxIACmMPuvi4Wgadf0bGo6/xyya wPoVw2kgPGV84Uex5hPWMm4hcLQgdI88ZqrPSF3x94P2Ez54xxSfeGYQ/UzdYobd MrTfGIRPi7oTXn2x6nMdkMi6msUVhHcGYdrrJFahwTt5LSqCBTA2VGJxHMfwB27X I8TrFVEYtQdw40K82F5s04dyg3GyyRt7zZAxr9T528wjl8mjWNM44ZmvBwQjwCck OOKQ2RVrqUm4gUGceqA2QelFm9toTtKm5yWsBPH+742TjP4OaxF6K4c9N2eZSodb mohms3zsgElvdCZDO+A7pjzfMD9RA/w4/Sf/2A0J4CRM995IajYMKHw5vwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGSyqlK17juJIGGuES2iOGRzmP+cMB8GA1UdIwQY MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1 LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORgkGz9G b5a6DzRr43RIIpixjRschXdiHEW16aEkX6Eo8DNJVS3artjwOpeFXKbnK1KOdo+A GAIBIGqDk/VbKSIn4KGA0m8nKOyt251XHTw5SHVRlQn515rLSZ2G7+ZLpDKnBw2K cbPNyEpFiN2JAwy00aeAtFWHSqdwJiNe2qEogpgdwMjCIKgnDX+QYZVX57Te85Mg AlifNGeXLtEJf8ueKDbYEpqLWixgxuBa4NGzNdfvS7r8M7EwZB+VhV9k9JJgslVK RhbMdgE+JCOTL3lIH7yC4NDJe9T96J5FCeB4mtRxbiVDbXUH3jwg1D+umK198EG2 4H/O0aGZp73xSg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:33:12 2025 by rpki-client