This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft File: oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json) Hash identifier: 6q8qOce8PxLY/IIk6pTIuCaHboMH5cZWC3oC4xWpiJ4= Subject key identifier: 25:E7:37:5E:94:5C:F3:86:7E:45:54:54:12:BC:78:E6:9B:59:9C:2B Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E Certificate issuer: /CN=a323e041dd45965333e2b1474fc50be2f0fa950e Certificate serial: 019AF2771092BB9CEDAA4243FBAFC4D9418F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft Manifest number: 0B72 Signing time: Sat 06 Dec 2025 07:01:20 +0000 Manifest this update: Sat 06 Dec 2025 07:01:20 +0000 Manifest next update: Sun 07 Dec 2025 07:01:20 +0000 Files and hashes: 1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: bbOGxKGBGU3eAyxbo6vrN8tgXfG8ol3R/J0DnsvyiIE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:10:92:bb:9c:ed:aa:42:43:fb:af:c4:d9:41:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e Validity Not Before: Dec 6 07:01:20 2025 GMT Not After : Dec 7 07:01:20 2025 GMT Subject: CN=25e7375e945cf3867e45545412bc78e69b599c2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:59:23:26:0e:a2:cf:d7:88:97:cb:4e:a1:c9: f1:5d:fd:28:6b:c6:6b:53:89:09:bd:8f:48:6b:3e: d2:5c:86:58:01:83:d2:21:ed:c3:53:cb:5d:ef:b0: 4a:ec:20:d7:ae:8f:1e:44:ef:97:eb:e7:53:87:90: 85:9a:c1:a8:d5:d6:d6:95:d6:07:11:8f:84:10:15: f4:a5:00:0f:68:5e:bb:4f:95:25:1f:88:02:bd:67: 05:11:83:bf:01:9c:3a:1b:41:57:11:0b:d5:a6:af: d6:6a:1d:c5:7d:71:45:85:c9:96:e3:94:d5:89:01: ce:28:0b:76:af:71:dd:05:ac:e7:a2:b8:05:41:e9: 68:50:ce:02:d8:3b:bf:70:bc:61:dc:95:29:57:d9: 9c:12:d6:ea:64:88:a1:29:c6:7a:61:b1:0b:5b:9f: 96:d8:a0:d7:3b:1f:da:2f:a2:5a:1d:6a:c7:78:a8: 5b:a3:4d:39:3c:64:07:04:d5:3d:2f:84:9d:45:af: 1c:55:5e:97:56:8a:7a:06:3e:a0:81:31:18:39:e4: 27:90:e9:ac:8a:7f:c7:64:5b:c0:03:09:f4:8c:7d: ad:66:ec:23:d5:7d:8d:f1:69:12:34:66:54:4a:dd: cf:6c:c2:0f:c5:83:22:9d:9c:e8:02:f7:51:10:dc: 4b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:E7:37:5E:94:5C:F3:86:7E:45:54:54:12:BC:78:E6:9B:59:9C:2B X509v3 Authority Key Identifier: keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:29:0d:d3:df:8e:18:7f:39:d1:eb:65:9f:93:d5:be:11:19: 6c:85:4a:cb:fb:9f:fe:dc:72:02:76:8d:14:c5:b3:d3:3a:87: 65:50:8e:8a:07:bf:8f:e7:27:f7:0d:26:db:95:29:10:96:39: dc:0c:20:61:35:52:f1:db:37:3b:ba:96:6f:79:64:0d:86:d6: da:b1:e9:f5:9f:f3:b9:af:0f:12:89:98:1f:2f:8b:e7:fa:99: e7:be:99:1d:4e:7b:94:7a:33:ea:e8:08:2d:82:2a:f2:a2:d6: 0f:95:6a:1e:c2:18:6e:e6:b0:58:ad:12:2c:b8:c7:05:dd:b9: ae:4d:8d:05:1d:ac:f8:a0:8d:ae:55:b0:d4:da:9f:b1:6c:f0: 2e:66:4b:4c:1e:21:40:a0:e4:de:f5:86:14:0e:0f:16:1d:12: 3e:b1:53:d9:46:0b:9c:d6:0b:e6:5b:4d:89:70:1b:43:f2:18: c0:11:90:87:81:4c:32:cb:66:a3:ba:55:5f:36:ff:02:13:40: 1c:00:96:6e:dc:25:7e:67:5b:d0:9f:55:3c:e5:d7:2a:27:d3: 06:55:b3:38:eb:e5:f5:69:d0:b3:0e:74:7c:7f:61:12:f9:29: d2:8a:c2:5e:28:82:58:69:ad:f2:35:f3:a4:b0:a7:ed:e2:91: 89:3c:5e:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydxCSu5ztqkJD+6/E2UGPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm YTk1MGUwHhcNMjUxMjA2MDcwMTIwWhcNMjUxMjA3MDcwMTIwWjAzMTEwLwYDVQQD EygyNWU3Mzc1ZTk0NWNmMzg2N2U0NTU0NTQxMmJjNzhlNjliNTk5YzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFkjJg6iz9eIl8tOocnxXf0oa8Zr U4kJvY9Iaz7SXIZYAYPSIe3DU8td77BK7CDXro8eRO+X6+dTh5CFmsGo1dbWldYH EY+EEBX0pQAPaF67T5UlH4gCvWcFEYO/AZw6G0FXEQvVpq/Wah3FfXFFhcmW45TV iQHOKAt2r3HdBaznorgFQeloUM4C2Du/cLxh3JUpV9mcEtbqZIihKcZ6YbELW5+W 2KDXOx/aL6JaHWrHeKhbo005PGQHBNU9L4SdRa8cVV6XVop6Bj6ggTEYOeQnkOms in/HZFvAAwn0jH2tZuwj1X2N8WkSNGZUSt3PbMIPxYMinZzoAvdRENxLgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCXnN16UXPOGfkVUVBK8eOabWZwrMB8GA1UdIwQY MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSkN09+O GH850etln5PVvhEZbIVKy/uf/txyAnaNFMWz0zqHZVCOige/j+cn9w0m25UpEJY5 3AwgYTVS8ds3O7qWb3lkDYbW2rHp9Z/zua8PEomYHy+L5/qZ576ZHU57lHoz6ugI LYIq8qLWD5VqHsIYbuawWK0SLLjHBd25rk2NBR2s+KCNrlWw1NqfsWzwLmZLTB4h QKDk3vWGFA4PFh0SPrFT2UYLnNYL5ltNiXAbQ/IYwBGQh4FMMstmo7pVXzb/AhNA HACWbtwlfmdb0J9VPOXXKifTBlWzOOvl9WnQsw50fH9hEvkp0orCXiiCWGmt8jXz pLCn7eKRiTxeJA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:25:58 2025 by rpki-client