This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft File: OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft (raw, json) Hash identifier: XW4p4DkwmEnNihzqwRhLbPaEuatayAyXzx3GGuDqj6o= Subject key identifier: 85:7E:39:75:5B:0D:FC:8B:AA:A5:D8:98:8E:BC:80:90:C5:CA:5D:90 Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Certificate serial: 019AF23FB52E1658F81941E41CE9F1B23EF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft Manifest number: 0EE4 Signing time: Sat 06 Dec 2025 06:00:52 +0000 Manifest this update: Sat 06 Dec 2025 06:00:52 +0000 Manifest next update: Sun 07 Dec 2025 06:00:52 +0000 Files and hashes: 1: OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl (hash: q0qmkJ7P0YlLRciI1inwZ2fk8nV1PVWH4dd47k/BuYI=) 2: m3UPJQ_Zh7wapyw5537rzzPo3os.roa (hash: EUy+4/7WXUAZtQJhe/6fh4vD4Ks9aUtYKkwAIbRuQrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:b5:2e:16:58:f8:19:41:e4:1c:e9:f1:b2:3e:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a Validity Not Before: Dec 6 06:00:52 2025 GMT Not After : Dec 7 06:00:52 2025 GMT Subject: CN=857e39755b0dfc8baaa5d8988ebc8090c5ca5d90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:04:d8:86:f1:6d:b3:4d:c4:7b:b9:31:28:f7: c4:56:e4:a2:21:1c:af:75:b8:aa:08:de:e4:9b:3e: 5e:57:9f:b1:8e:93:9b:fd:69:d3:65:54:44:87:23: 2d:4c:c7:f6:8b:c6:a5:10:b0:b3:35:6d:c3:f9:15: 79:2f:a8:a1:5b:f4:3f:cc:21:59:41:42:ed:9a:89: ea:37:35:45:d2:9b:86:9e:66:c5:45:ac:bb:58:99: 2c:92:a1:55:84:91:59:48:3d:c2:c6:25:c5:d6:01: 25:25:54:89:73:c5:fa:ac:c4:2c:f3:06:9e:a1:95: 8a:de:ec:b8:e7:09:78:d0:d2:e7:8b:33:aa:3f:73: 4a:44:03:ef:a0:03:26:54:d0:fa:c3:ec:7a:5e:d6: b9:19:31:4c:9e:9e:66:99:86:f1:93:40:89:28:ca: 4f:13:9b:73:5f:97:62:c3:9e:de:d8:6a:27:70:0b: 1a:2e:c4:3d:a7:f5:ee:31:8d:17:a6:67:6a:de:c4: 66:84:39:10:a7:ea:23:2b:6e:e7:ee:0f:1f:9f:46: 27:af:ba:e8:4d:39:14:81:19:f3:13:3f:97:37:f7: 46:a9:a2:9a:20:f9:23:2a:aa:a0:ab:cc:5b:7b:70: e3:6d:d9:48:92:58:1d:22:f3:6d:3a:a1:d6:4b:a3: 67:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7E:39:75:5B:0D:FC:8B:AA:A5:D8:98:8E:BC:80:90:C5:CA:5D:90 X509v3 Authority Key Identifier: keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:5d:be:39:60:86:e0:33:a1:b8:df:3e:68:7a:49:71:fb:91: a1:63:2e:e4:d9:96:35:67:fe:4e:43:f6:0f:d1:3c:dc:3b:a0: 35:9c:17:ec:16:89:69:8e:52:e1:0c:97:e0:da:ff:39:24:ed: 4f:a4:24:29:e3:dd:d6:a3:4f:52:c9:5c:72:aa:e9:b1:ca:be: 50:c7:5c:cd:fb:b3:50:32:bd:17:fa:b7:0f:05:e9:de:0e:c4: 58:56:be:30:34:a2:95:09:05:fc:c4:41:7a:58:a0:4a:8b:b3: 6d:d8:03:78:fa:69:8a:38:d5:b5:c3:77:df:20:15:4d:b3:f7: 6f:3b:fd:59:1a:30:fb:4f:a8:a2:ac:b6:59:8e:7d:b0:a3:04: 68:26:c5:0e:e3:a9:a4:64:36:19:b0:46:20:02:94:2c:3e:53: f3:24:ca:51:fe:c9:ab:28:da:4d:bd:a3:c2:5e:cf:14:3a:96: 38:bf:a0:91:64:09:72:71:7f:af:23:d4:c4:98:2b:45:cf:38: 91:17:5d:22:7e:ab:1e:48:2d:96:12:35:c4:f2:16:e2:e3:52: a4:dd:16:3d:f3:5e:dd:59:0c:4c:2e:98:be:99:77:1a:7b:0d: 9f:f7:59:a5:62:1f:2a:52:db:0c:49:57:aa:a8:b4:89:3f:10: cf:07:4a:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP7UuFlj4GUHkHOnxsj7yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli ZDNhOWEwHhcNMjUxMjA2MDYwMDUyWhcNMjUxMjA3MDYwMDUyWjAzMTEwLwYDVQQD Eyg4NTdlMzk3NTViMGRmYzhiYWFhNWQ4OTg4ZWJjODA5MGM1Y2E1ZDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsATYhvFts03Ee7kxKPfEVuSiIRyv dbiqCN7kmz5eV5+xjpOb/WnTZVREhyMtTMf2i8alELCzNW3D+RV5L6ihW/Q/zCFZ QULtmonqNzVF0puGnmbFRay7WJkskqFVhJFZSD3CxiXF1gElJVSJc8X6rMQs8wae oZWK3uy45wl40NLnizOqP3NKRAPvoAMmVND6w+x6Xta5GTFMnp5mmYbxk0CJKMpP E5tzX5diw57e2GoncAsaLsQ9p/XuMY0Xpmdq3sRmhDkQp+ojK27n7g8fn0Ynr7ro TTkUgRnzEz+XN/dGqaKaIPkjKqqgq8xbe3DjbdlIklgdIvNtOqHWS6NnVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIV+OXVbDfyLqqXYmI68gJDFyl2QMB8GA1UdIwQY MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt MDAzMmZkYzU0NTBiLzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn12+OWCG 4DOhuN8+aHpJcfuRoWMu5NmWNWf+TkP2D9E83DugNZwX7BaJaY5S4QyX4Nr/OSTt T6QkKePd1qNPUslccqrpscq+UMdczfuzUDK9F/q3DwXp3g7EWFa+MDSilQkF/MRB eligSouzbdgDePppijjVtcN33yAVTbP3bzv9WRow+0+ooqy2WY59sKMEaCbFDuOp pGQ2GbBGIAKULD5T8yTKUf7JqyjaTb2jwl7PFDqWOL+gkWQJcnF/ryPUxJgrRc84 kRddIn6rHkgtlhI1xPIW4uNSpN0WPfNe3VkMTC6Yvpl3GnsNn/dZpWIfKlLbDElX qqi0iT8QzwdK2A== -----END CERTIFICATE-----Generated at Sat Dec 6 12:18:17 2025 by rpki-client