This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft File: OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json) Hash identifier: EJz54BMmYNIC9ZqNXEWJ8EZyzYGQ17wXNf/UBdgB8yc= Subject key identifier: 4D:DF:63:C7:59:B7:E1:B9:2F:6A:A6:28:39:3F:8F:46:1E:C9:78:75 Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD Certificate issuer: /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Certificate serial: 019AF49BFEBD4F3349D53568B1420BCBE100 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft Manifest number: 033C Signing time: Sat 06 Dec 2025 17:00:55 +0000 Manifest this update: Sat 06 Dec 2025 17:00:55 +0000 Manifest next update: Sun 07 Dec 2025 17:00:55 +0000 Files and hashes: 1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: 5IDTGah/JRAWhnSg5rSu0yajYDXivK9MFRzuWCDgGx8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:fe:bd:4f:33:49:d5:35:68:b1:42:0b:cb:e1:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad Validity Not Before: Dec 6 17:00:55 2025 GMT Not After : Dec 7 17:00:55 2025 GMT Subject: CN=4ddf63c759b7e1b92f6aa628393f8f461ec97875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:02:d3:fb:ad:0c:ae:6b:e1:bd:9f:82:64:5f: 89:d1:9e:12:13:c6:f2:7b:67:10:2a:bb:6e:f2:51: f0:99:a3:d4:ce:0c:48:c9:24:c4:12:24:e5:27:a7: f0:36:ea:a7:bf:0d:2e:44:55:38:10:1c:52:81:7d: 95:3d:94:01:de:ef:9d:f8:e4:f0:7e:19:55:f1:df: de:01:28:81:47:3d:b4:f7:c7:98:24:81:bf:5e:99: aa:d3:13:19:06:33:d7:0f:a7:ca:21:8f:d2:22:00: 85:fa:03:62:60:49:a0:a3:93:31:4f:49:b0:d3:9b: 3e:6b:3a:3a:81:98:8e:1a:a9:c8:5c:e6:43:37:20: 31:43:28:23:b7:65:36:f9:29:ec:6e:3c:2d:1d:81: df:d8:a6:9d:c9:4a:26:7c:de:60:32:b3:5d:2f:9a: 36:4d:b2:f8:68:4a:aa:67:93:49:bc:4f:1c:a2:7d: 77:6e:f6:5d:5c:e9:d6:56:a3:e7:0a:63:83:b8:c9: 55:14:3c:22:f3:f6:0e:ee:58:ee:17:b5:9f:ba:c4: 2a:07:3f:ec:f9:9b:a8:5e:3c:35:90:63:db:86:7e: b1:52:da:1a:e1:c5:a7:75:b9:99:49:a4:9f:f9:ef: 0b:e6:d5:80:01:17:3d:9c:17:3d:a2:14:63:c3:21: 49:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:DF:63:C7:59:B7:E1:B9:2F:6A:A6:28:39:3F:8F:46:1E:C9:78:75 X509v3 Authority Key Identifier: keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:e1:92:09:52:db:b6:fb:1b:cf:2a:48:d9:f9:32:52:f8:b2: 6d:43:62:22:9d:dc:92:b9:b6:fa:b3:ea:92:9b:79:0b:a6:b4: 56:2f:f3:9c:80:c1:44:41:9e:86:a3:e0:17:bc:14:d5:5d:96: f7:fd:93:04:da:0a:a0:e2:50:42:a5:79:7a:18:5c:13:33:96: 05:16:b8:3b:9c:22:28:5b:9a:30:a9:e2:d5:6f:5b:04:d2:cf: c8:52:e0:c1:98:d6:44:c1:59:c2:e4:d0:f8:69:66:6e:a3:a0: a3:a7:27:ba:79:49:c1:61:70:fc:02:e9:04:e5:89:7b:7f:a8: e7:58:fe:2b:99:e7:7a:16:36:b0:0c:10:e9:11:d2:66:98:9c: 7c:2d:19:b3:e5:14:32:51:6b:9e:78:49:97:ae:f1:b5:5d:27: 7e:2a:73:fe:16:3c:3d:3a:f0:25:53:60:d2:ef:03:6b:c8:5a: 43:10:b0:92:82:1b:8c:d6:2c:30:39:6b:93:47:cd:46:dc:57: 9c:bc:00:7f:8d:cb:2f:01:ba:b1:07:a4:cb:33:a4:d4:80:a7: ca:e8:e2:6e:be:a0:94:cb:dc:b5:46:f6:25:4b:0f:c6:0a:f6: b7:2a:14:80:b4:6c:8f:fd:be:f5:92:f2:51:1f:21:25:f4:bd: 17:60:af:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m/69TzNJ1TVosUILy+EAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2 NjYxYWQwHhcNMjUxMjA2MTcwMDU1WhcNMjUxMjA3MTcwMDU1WjAzMTEwLwYDVQQD Eyg0ZGRmNjNjNzU5YjdlMWI5MmY2YWE2MjgzOTNmOGY0NjFlYzk3ODc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwLT+60MrmvhvZ+CZF+J0Z4SE8by e2cQKrtu8lHwmaPUzgxIySTEEiTlJ6fwNuqnvw0uRFU4EBxSgX2VPZQB3u+d+OTw fhlV8d/eASiBRz2098eYJIG/Xpmq0xMZBjPXD6fKIY/SIgCF+gNiYEmgo5MxT0mw 05s+azo6gZiOGqnIXOZDNyAxQygjt2U2+SnsbjwtHYHf2KadyUomfN5gMrNdL5o2 TbL4aEqqZ5NJvE8con13bvZdXOnWVqPnCmODuMlVFDwi8/YO7ljuF7WfusQqBz/s +ZuoXjw1kGPbhn6xUtoa4cWndbmZSaSf+e8L5tWAARc9nBc9ohRjwyFJjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE3fY8dZt+G5L2qmKDk/j0YeyXh1MB8GA1UdIwQY MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0 LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOGSCVLb tvsbzypI2fkyUviybUNiIp3ckrm2+rPqkpt5C6a0Vi/znIDBREGehqPgF7wU1V2W 9/2TBNoKoOJQQqV5ehhcEzOWBRa4O5wiKFuaMKni1W9bBNLPyFLgwZjWRMFZwuTQ +GlmbqOgo6cnunlJwWFw/ALpBOWJe3+o51j+K5nnehY2sAwQ6RHSZpicfC0Zs+UU MlFrnnhJl67xtV0nfipz/hY8PTrwJVNg0u8Da8haQxCwkoIbjNYsMDlrk0fNRtxX nLwAf43LLwG6sQekyzOk1ICnyujibr6glMvctUb2JUsPxgr2tyoUgLRsj/2+9ZLy UR8hJfS9F2CvnA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:34:41 2025 by rpki-client