This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft File: Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json) Hash identifier: rN75btbIRyKPYQAdGjbRrrDAM9/5cxO9HLM3d9/26P8= Subject key identifier: B6:43:E6:15:39:5A:7A:61:2A:05:6D:2C:9F:0A:CD:C6:6E:3E:97:C3 Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42 Certificate issuer: /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42 Certificate serial: 019AF12D7846CFF0F04528C44204D9817893 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:01:20 +0000 Manifest this update: Sat 06 Dec 2025 01:01:20 +0000 Manifest next update: Sun 07 Dec 2025 01:01:20 +0000 Files and hashes: 1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: u1fLciSmDwGcf4DY6qacMdsWM0wh9d9R1RhTaeTJdBE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:78:46:cf:f0:f0:45:28:c4:42:04:d9:81:78:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42 Validity Not Before: Dec 6 01:01:20 2025 GMT Not After : Dec 7 01:01:20 2025 GMT Subject: CN=b643e615395a7a612a056d2c9f0acdc66e3e97c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:c7:a9:14:7b:e9:15:4d:b8:40:2e:07:79:22: ef:00:36:c0:eb:fa:70:e8:3b:52:c7:5b:ff:f6:24: 4f:5b:a2:3a:03:65:b1:06:b4:b1:73:da:75:43:30: 90:47:15:eb:99:77:5b:ba:6e:3c:cf:05:65:20:60: 30:f3:13:19:f7:c4:bb:5a:a9:f2:08:a7:9a:b1:2a: 51:63:c6:78:9b:63:4f:17:08:d5:98:ca:b3:19:b7: 14:28:39:bc:89:8a:c8:9c:e1:9d:5d:55:41:01:6d: 97:82:8f:35:0e:42:82:21:1a:cc:37:49:52:ea:82: c8:60:63:7a:35:a8:92:8b:2c:a7:8f:9b:b7:e8:e2: a5:78:98:b0:da:76:3e:62:e5:1c:a1:3e:97:7c:44: 68:ee:ee:5c:cf:ed:0b:79:1e:f2:bf:fb:a4:15:34: b5:7f:ec:4c:54:d1:2f:f2:4b:36:a4:b1:e1:df:39: 9e:1e:75:44:4c:20:e0:36:e1:ad:f7:c7:17:e9:31: 34:c3:61:08:77:cd:f9:23:d5:42:2f:61:da:aa:35: 62:2a:19:1e:28:a0:99:a5:de:68:f2:e4:c4:36:22: c3:c0:27:04:aa:fe:51:cb:b2:50:df:23:27:f0:90: c1:bf:9e:d2:a6:48:e2:16:d9:a9:cd:ed:e7:1b:67: 8c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:43:E6:15:39:5A:7A:61:2A:05:6D:2C:9F:0A:CD:C6:6E:3E:97:C3 X509v3 Authority Key Identifier: keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:60:34:1c:43:2e:d3:c8:cd:a2:89:d6:e1:e9:c1:63:f7:a3: a1:93:15:c2:b5:2b:54:9e:7c:6e:75:e3:ac:d0:c0:34:6d:3f: e1:bd:1a:68:ce:55:a2:5c:e1:2a:c4:c6:ab:66:e7:f3:c0:ff: 95:16:b5:17:db:8b:d0:a9:bf:3c:02:27:d2:9e:59:87:58:e6: 5d:8f:b3:7b:d4:10:32:7c:1f:4f:9e:b2:94:69:3d:c2:2d:aa: ce:0f:9c:79:b0:9b:40:f4:c7:8f:d2:c2:ba:17:14:c7:30:e7: 95:0c:79:40:e5:89:1b:ce:94:73:96:24:37:47:c8:83:0d:1f: 78:13:ea:c7:ed:b9:5d:7d:10:07:71:19:b8:2c:61:b2:89:18: 22:bd:4b:5e:46:b8:09:47:4b:97:fc:d8:a9:d9:c0:fa:c6:f7: 59:30:50:34:7f:b3:89:b4:b8:5d:1d:35:8b:58:8a:70:86:2b: ea:10:22:bd:96:67:a1:97:2b:21:d0:b5:a2:58:8c:d2:cc:09: 3b:49:bd:cd:fd:5c:3c:1b:0e:48:c1:16:a2:16:34:5d:1b:58: 9b:c5:b0:91:7f:c9:3f:38:3b:41:01:a9:69:94:31:d3:12:56: f2:d3:1a:dd:ef:81:5a:8d:da:b9:a4:c9:17:8e:5b:9c:a2:7e: a1:c0:f6:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLXhGz/DwRSjEQgTZgXiTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3 MTdhNDIwHhcNMjUxMjA2MDEwMTIwWhcNMjUxMjA3MDEwMTIwWjAzMTEwLwYDVQQD EyhiNjQzZTYxNTM5NWE3YTYxMmEwNTZkMmM5ZjBhY2RjNjZlM2U5N2MzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysepFHvpFU24QC4HeSLvADbA6/pw 6DtSx1v/9iRPW6I6A2WxBrSxc9p1QzCQRxXrmXdbum48zwVlIGAw8xMZ98S7Wqny CKeasSpRY8Z4m2NPFwjVmMqzGbcUKDm8iYrInOGdXVVBAW2Xgo81DkKCIRrMN0lS 6oLIYGN6NaiSiyynj5u36OKleJiw2nY+YuUcoT6XfERo7u5cz+0LeR7yv/ukFTS1 f+xMVNEv8ks2pLHh3zmeHnVETCDgNuGt98cX6TE0w2EId835I9VCL2HaqjViKhke KKCZpd5o8uTENiLDwCcEqv5Ry7JQ3yMn8JDBv57SpkjiFtmpze3nG2eMYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLZD5hU5WnphKgVtLJ8KzcZuPpfDMB8GA1UdIwQY MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1 LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2A0HEMu 08jNoonW4enBY/ejoZMVwrUrVJ58bnXjrNDANG0/4b0aaM5VolzhKsTGq2bn88D/ lRa1F9uL0Km/PAIn0p5Zh1jmXY+ze9QQMnwfT56ylGk9wi2qzg+cebCbQPTHj9LC uhcUxzDnlQx5QOWJG86Uc5YkN0fIgw0feBPqx+25XX0QB3EZuCxhsokYIr1LXka4 CUdLl/zYqdnA+sb3WTBQNH+zibS4XR01i1iKcIYr6hAivZZnoZcrIdC1oliM0swJ O0m9zf1cPBsOSMEWohY0XRtYm8WwkX/JPzg7QQGpaZQx0xJW8tMa3e+BWo3auaTJ F45bnKJ+ocD2GA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:03:50 2025 by rpki-client