This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft File: OzBfl6JvMdgAYFn7OrGerPt4NFU.mft (raw, json) Hash identifier: cnLe6murdTf5wULpjM2oDgacmAWPQ2/FvTIUd7+quGQ= Subject key identifier: 82:89:CD:97:10:0D:21:48:4E:8C:D7:65:FD:8D:B2:2F:60:3C:AD:A0 Authority key identifier: 3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55 Certificate issuer: /CN=3b305f97a26f31d8006059fb3ab19eacfb783455 Certificate serial: 019AF12EA905C09BD9C02D0D89583632602C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft Manifest number: 0B4B Signing time: Sat 06 Dec 2025 01:02:38 +0000 Manifest this update: Sat 06 Dec 2025 01:02:38 +0000 Manifest next update: Sun 07 Dec 2025 01:02:38 +0000 Files and hashes: 1: 6t5f4Ujb0FAO84dMqgRAqgV1jVs.roa (hash: u7nakvY2IzZI/nPIoCHOpaknwKeAH1RDuYLRGXqd0p4=) 2: OzBfl6JvMdgAYFn7OrGerPt4NFU.crl (hash: D+m/kmAR0hqKI3ORfb+NRS5igdktNBhh/Br42neMxmE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a9:05:c0:9b:d9:c0:2d:0d:89:58:36:32:60:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b305f97a26f31d8006059fb3ab19eacfb783455 Validity Not Before: Dec 6 01:02:38 2025 GMT Not After : Dec 7 01:02:38 2025 GMT Subject: CN=8289cd97100d21484e8cd765fd8db22f603cada0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:02:d5:ab:05:f7:72:cd:ef:c9:6f:b2:e2:a6: 8a:37:45:f5:34:f2:7c:bd:ec:79:8c:ee:18:33:e9: 90:5c:2d:c2:4d:f7:27:c3:ac:85:de:99:2c:b4:38: 65:d2:04:32:3e:c1:b8:bc:25:bd:28:f0:72:a7:bb: 27:e9:39:db:9b:68:b8:b7:df:9c:dd:a2:98:28:03: ba:52:d1:47:39:0c:ac:aa:fd:67:ec:da:19:63:70: 65:99:4a:d1:5f:3f:34:80:5e:83:cd:5b:d3:57:3f: 6c:8b:b5:7b:27:12:df:52:5f:0f:6c:07:ed:5c:79: 12:57:b0:63:82:2f:d1:e5:60:21:44:aa:db:19:1e: d6:4e:0e:d6:a0:e5:ed:ab:19:05:fb:1b:d9:b3:da: 52:0e:74:b8:9c:5f:d5:e3:ad:8c:46:87:76:de:ce: 33:92:28:d7:c2:e1:7a:75:83:55:a4:3c:45:0a:30: 77:57:3f:15:bf:55:ff:b1:cc:9e:6b:8b:c5:e2:94: d0:b2:83:ed:f3:8f:1c:42:16:73:c8:ea:ea:e2:a5: 83:2e:6b:cd:6b:4c:b6:1a:07:49:1c:44:78:77:0c: af:54:4f:58:8c:dc:c1:52:1e:bd:50:e0:f6:ad:d5: 94:9a:e5:42:52:59:e9:fa:45:f8:0e:1f:28:c0:ea: 30:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:89:CD:97:10:0D:21:48:4E:8C:D7:65:FD:8D:B2:2F:60:3C:AD:A0 X509v3 Authority Key Identifier: keyid:3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption be:12:0b:1f:e2:cb:a2:00:63:79:11:1c:1b:93:54:89:51:9f: 04:94:1e:a7:e7:d7:45:61:2b:97:b4:3d:74:bb:06:2d:71:a9: c1:df:62:aa:53:f0:a2:ac:7d:0a:24:aa:e4:6e:3e:54:ec:c5: 97:81:74:65:0c:e3:8f:21:98:28:dd:96:ce:5b:c6:c8:a6:8b: 4b:68:d7:9e:db:21:03:fe:a2:43:bd:7d:39:9c:8b:ec:30:25: 74:f0:70:0e:5a:ce:6e:c9:b9:87:7d:2f:ff:1c:17:47:13:f5: 12:69:30:b7:8e:e4:ab:d3:a2:c9:ed:54:f0:f4:fc:c4:12:61: 19:35:66:44:12:03:f0:74:99:e8:36:c2:bd:6b:dd:8f:a5:1c: 71:4e:e8:3b:be:c1:85:97:8e:b4:f0:d2:bd:59:60:20:7c:ca: 97:0d:f7:10:62:1b:53:7a:d5:5d:66:3f:03:94:49:70:f6:ee: 4e:3e:b1:b7:8e:86:21:0d:d5:91:41:d7:83:7d:2b:a9:f1:b7: 06:7c:7c:76:83:78:86:8b:85:d7:10:32:22:00:bc:cf:d9:a6: b6:14:bc:25:3f:f9:a2:2c:9e:d6:72:73:c8:a2:fd:c3:ee:1e: e1:b9:2a:fd:d5:75:c9:38:a4:9e:a1:9a:bd:c3:7b:7e:bb:af: e4:ff:f4:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqkFwJvZwC0NiVg2MmAsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiMzA1Zjk3YTI2ZjMxZDgwMDYwNTlmYjNhYjE5ZWFjZmI3 ODM0NTUwHhcNMjUxMjA2MDEwMjM4WhcNMjUxMjA3MDEwMjM4WjAzMTEwLwYDVQQD Eyg4Mjg5Y2Q5NzEwMGQyMTQ4NGU4Y2Q3NjVmZDhkYjIyZjYwM2NhZGEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQLVqwX3cs3vyW+y4qaKN0X1NPJ8 vex5jO4YM+mQXC3CTfcnw6yF3pkstDhl0gQyPsG4vCW9KPByp7sn6Tnbm2i4t9+c 3aKYKAO6UtFHOQysqv1n7NoZY3BlmUrRXz80gF6DzVvTVz9si7V7JxLfUl8PbAft XHkSV7Bjgi/R5WAhRKrbGR7WTg7WoOXtqxkF+xvZs9pSDnS4nF/V462MRod23s4z kijXwuF6dYNVpDxFCjB3Vz8Vv1X/scyea4vF4pTQsoPt848cQhZzyOrq4qWDLmvN a0y2GgdJHER4dwyvVE9YjNzBUh69UOD2rdWUmuVCUlnp+kX4Dh8owOow9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIKJzZcQDSFITozXZf2Nsi9gPK2gMB8GA1UdIwQY MBaAFDswX5eibzHYAGBZ+zqxnqz7eDRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODkt NThiOWIwYzI0NDBiLzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODktNThiOWIwYzI0NDBi LzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvhILH+LL ogBjeREcG5NUiVGfBJQep+fXRWErl7Q9dLsGLXGpwd9iqlPwoqx9CiSq5G4+VOzF l4F0ZQzjjyGYKN2WzlvGyKaLS2jXntshA/6iQ719OZyL7DAldPBwDlrObsm5h30v /xwXRxP1Emkwt47kq9Oiye1U8PT8xBJhGTVmRBID8HSZ6DbCvWvdj6UccU7oO77B hZeOtPDSvVlgIHzKlw33EGIbU3rVXWY/A5RJcPbuTj6xt46GIQ3VkUHXg30rqfG3 Bnx8doN4houF1xAyIgC8z9mmthS8JT/5oiye1nJzyKL9w+4e4bkq/dV1yTiknqGa vcN7fruv5P/0Fw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:25:28 2025 by rpki-client