This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft File: OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json) Hash identifier: hc+4G8459QXRq2B2aUF2c7sVlpsp9JWBbyWNFGBZNtg= Subject key identifier: 26:D3:AE:06:69:72:E8:D5:73:1B:A9:B0:A5:E6:31:D8:1C:4E:83:A2 Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D Certificate issuer: /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d Certificate serial: 019AF1D1803C3552344C6DCA5886956E19A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 04:00:30 +0000 Manifest this update: Sat 06 Dec 2025 04:00:30 +0000 Manifest next update: Sun 07 Dec 2025 04:00:30 +0000 Files and hashes: 1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: Psp1ZycXzaHSnBLIzNepF/AWIjTOLETqcyqurimbPW0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:80:3c:35:52:34:4c:6d:ca:58:86:95:6e:19:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d Validity Not Before: Dec 6 04:00:30 2025 GMT Not After : Dec 7 04:00:30 2025 GMT Subject: CN=26d3ae066972e8d5731ba9b0a5e631d81c4e83a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a4:c4:21:5f:43:3a:23:5a:01:81:1a:63:b7: e7:2f:44:ea:30:e1:3b:af:69:bf:c0:c5:3e:91:27: 05:ca:61:fd:43:db:32:70:7a:c1:6f:66:fa:a7:ac: 8d:27:65:cd:28:e3:1a:1d:e4:34:7c:17:d8:9b:55: 4b:d0:76:15:c8:39:3e:7c:23:e7:72:66:7e:f6:bc: f8:b6:49:26:46:a3:0a:02:26:7b:72:26:5e:7e:f2: 6d:9d:e0:e9:7e:ee:6e:54:ce:4d:02:b0:4d:89:b2: ef:30:ad:1b:a0:ce:2f:39:e2:8a:cd:6c:e6:fa:1e: 07:0a:5b:30:b3:8a:b5:b9:79:a7:19:0c:bd:f3:a4: 72:7a:65:bc:bc:62:e4:5e:5e:db:81:7d:5e:38:45: e5:cd:b0:ec:69:50:53:ed:2c:f9:3e:16:bd:6a:32: ca:41:f7:72:d1:a2:18:f0:86:6f:cc:6d:26:66:40: 7a:22:6c:8d:ff:16:63:e3:b6:1f:ba:72:cd:62:52: 98:33:75:40:96:c8:c4:d4:54:9a:e3:44:d1:f6:27: 24:84:91:7d:c1:ee:42:15:d3:da:8d:10:51:22:8d: bb:a1:1d:bf:c2:73:ac:77:6e:6a:09:c0:b9:f0:52: e8:3a:82:d1:0b:f7:c9:6f:65:35:cc:38:61:61:86: 08:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:D3:AE:06:69:72:E8:D5:73:1B:A9:B0:A5:E6:31:D8:1C:4E:83:A2 X509v3 Authority Key Identifier: keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:15:fb:76:a8:f2:0f:ab:ae:89:c6:7c:af:99:40:45:94:8a: 8a:01:54:2b:d7:91:52:03:99:e1:0b:fc:24:98:a5:9a:97:a9: 41:d8:06:3b:5e:e5:2e:e3:74:60:ea:50:6b:18:75:18:3c:3e: 9f:51:83:ad:31:79:bc:02:cd:fe:50:f5:a7:41:1e:1e:d5:ea: b8:bb:ba:6a:72:2d:e8:ea:a5:d6:93:22:16:96:51:50:24:dd: 49:41:cb:46:85:ac:27:e3:1c:5c:00:1a:c3:03:0a:30:97:86: 9d:cd:eb:52:da:98:66:6d:2f:3e:e6:b5:7b:42:4d:4f:47:0a: f5:e3:ec:2c:0f:ea:db:f6:e6:d5:c2:94:5d:26:9d:d4:3c:38: 15:a1:ac:f1:d7:57:88:aa:e5:34:ad:17:83:78:fb:86:c7:da: a0:5f:c8:9f:5a:9c:e5:bb:2a:d3:66:8e:39:62:b1:dd:76:a6: 53:e6:a6:4b:ae:d3:5b:e8:1f:ac:3b:eb:97:99:f7:44:a2:14: bc:26:1d:77:19:81:3e:5a:5b:1f:e3:f5:fc:a5:47:6e:c0:81: 00:44:a2:b2:35:14:04:d1:97:7d:2a:73:b8:13:bf:c2:cb:84: cc:53:9d:b8:32:b7:70:2f:33:c2:30:3b:96:35:7d:58:87:06: 34:88:65:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0YA8NVI0TG3KWIaVbhmnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3 NGMzMWQwHhcNMjUxMjA2MDQwMDMwWhcNMjUxMjA3MDQwMDMwWjAzMTEwLwYDVQQD EygyNmQzYWUwNjY5NzJlOGQ1NzMxYmE5YjBhNWU2MzFkODFjNGU4M2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26TEIV9DOiNaAYEaY7fnL0TqMOE7 r2m/wMU+kScFymH9Q9sycHrBb2b6p6yNJ2XNKOMaHeQ0fBfYm1VL0HYVyDk+fCPn cmZ+9rz4tkkmRqMKAiZ7ciZefvJtneDpfu5uVM5NArBNibLvMK0boM4vOeKKzWzm +h4HClsws4q1uXmnGQy986RyemW8vGLkXl7bgX1eOEXlzbDsaVBT7Sz5Pha9ajLK Qfdy0aIY8IZvzG0mZkB6ImyN/xZj47YfunLNYlKYM3VAlsjE1FSa40TR9ickhJF9 we5CFdPajRBRIo27oR2/wnOsd25qCcC58FLoOoLRC/fJb2U1zDhhYYYInwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCbTrgZpcujVcxupsKXmMdgcToOiMB8GA1UdIwQY MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2 LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBX7dqjy D6uuicZ8r5lARZSKigFUK9eRUgOZ4Qv8JJilmpepQdgGO17lLuN0YOpQaxh1GDw+ n1GDrTF5vALN/lD1p0EeHtXquLu6anIt6Oql1pMiFpZRUCTdSUHLRoWsJ+McXAAa wwMKMJeGnc3rUtqYZm0vPua1e0JNT0cK9ePsLA/q2/bm1cKUXSad1Dw4FaGs8ddX iKrlNK0Xg3j7hsfaoF/In1qc5bsq02aOOWKx3XamU+amS67TW+gfrDvrl5n3RKIU vCYddxmBPlpbH+P1/KVHbsCBAESisjUUBNGXfSpzuBO/wsuEzFOduDK3cC8zwjA7 ljV9WIcGNIhlRw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:41:02 2025 by rpki-client