This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft File: O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft (raw, json) Hash identifier: 3/QQb6z9lO0qvsvdv+n2ZKQDSuPFg9sRtI1RhpkBtOs= Subject key identifier: 70:4B:F3:B6:C8:EE:EF:0C:B9:21:7C:04:DB:11:42:7D:B6:45:5D:4E Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34 Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334 Certificate serial: 019AF49BBF7B0FA1807977AC8C045B913659 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft Manifest number: 0BF2 Signing time: Sat 06 Dec 2025 17:00:38 +0000 Manifest this update: Sat 06 Dec 2025 17:00:38 +0000 Manifest next update: Sun 07 Dec 2025 17:00:38 +0000 Files and hashes: 1: O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl (hash: BjL7vAfyIocEFTRMcn2Z60MuRD6DcRwveQNxYS/vCk4=) 2: iKF-Q9PfXOLXW4CJahZRW_VogkE.roa (hash: +qqtPKI3qMehNAw49JzdFyEOoExudNvSKeInlgLAy1I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:bf:7b:0f:a1:80:79:77:ac:8c:04:5b:91:36:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334 Validity Not Before: Dec 6 17:00:38 2025 GMT Not After : Dec 7 17:00:38 2025 GMT Subject: CN=704bf3b6c8eeef0cb9217c04db11427db6455d4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:69:71:92:e3:90:26:ae:29:e9:92:a2:e5:de: 47:1f:2f:71:a7:69:f8:07:c8:8c:88:c3:d9:35:49: 07:9e:7e:c9:e7:ec:73:2a:ee:9a:07:80:9f:28:52: 53:28:89:1e:02:c3:8f:dd:68:a6:db:fb:48:30:ca: b3:91:e6:cb:c8:cf:20:89:ad:25:36:93:2d:40:c0: 6b:75:8a:15:3d:92:b7:8c:64:8e:76:4b:36:bb:7e: fe:5e:1a:ba:00:f2:af:33:d9:4a:03:52:cd:eb:c6: dc:6c:0b:c5:85:0a:20:03:5d:4e:de:37:19:83:3f: ea:54:a2:7e:03:78:11:a5:d2:b2:4f:53:8a:e2:62: f5:eb:87:1f:d9:6b:18:9d:6b:af:b7:b6:b9:e6:ad: 1b:b0:35:3d:25:b3:84:2b:6c:66:0c:b6:fa:23:0e: 7c:cc:19:dc:97:db:69:60:89:cf:4b:ab:78:a2:60: e8:18:c4:db:37:19:b5:80:9b:c5:ee:95:a9:67:a3: 6d:90:80:65:72:6c:16:b4:98:1f:68:c7:e5:51:0d: 8c:b2:92:e2:54:5e:5c:4f:3b:f2:08:9e:41:9e:f0: 3b:a6:a6:ed:3d:1d:39:b3:5d:5a:93:82:00:0b:f7: 60:4a:81:27:84:2f:67:61:e2:50:79:9e:86:2d:05: f3:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:4B:F3:B6:C8:EE:EF:0C:B9:21:7C:04:DB:11:42:7D:B6:45:5D:4E X509v3 Authority Key Identifier: keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:4a:0a:98:65:25:92:91:4b:6b:dc:12:65:8f:8c:2e:5d:50: 85:e5:31:9d:52:23:b0:8c:dd:2a:85:44:a6:23:16:46:31:37: 66:4a:41:7a:60:59:eb:22:95:e2:12:37:65:91:77:16:9d:16: b0:fd:65:79:8c:e3:6a:88:de:4b:17:b6:44:b0:50:02:ff:5f: f1:cd:31:da:42:73:5f:b4:21:87:0f:68:4d:c8:c2:c2:db:64: 63:c3:a6:90:4e:84:10:06:f9:ae:69:fc:ff:03:ee:96:e0:d8: bc:30:ef:60:87:64:c7:e8:79:42:76:fa:1f:60:0f:e2:cd:74: d7:12:26:2b:ab:48:c2:1f:3d:64:37:4c:c3:d0:63:c7:23:a4: 95:25:e7:e7:70:48:30:17:cc:58:49:2f:ba:b2:fe:e5:d6:50: fc:b3:99:8e:24:34:df:2e:cf:35:24:af:e9:fb:ab:92:89:e3: 28:ff:6c:dc:91:dd:77:15:c9:af:91:51:df:29:d8:d9:b9:89: be:b2:10:2f:b7:cb:27:75:30:b6:46:c8:c6:9f:d4:9d:2b:e0: 47:97:4a:12:a7:63:08:15:7f:cb:8f:53:f5:9f:80:02:ce:8e: 1e:59:7b:16:52:cc:74:c1:6e:b7:32:5d:1f:27:c7:98:f6:d9: 3c:9d:c4:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m797D6GAeXesjARbkTZZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx OWIzMzQwHhcNMjUxMjA2MTcwMDM4WhcNMjUxMjA3MTcwMDM4WjAzMTEwLwYDVQQD Eyg3MDRiZjNiNmM4ZWVlZjBjYjkyMTdjMDRkYjExNDI3ZGI2NDU1ZDRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2lxkuOQJq4p6ZKi5d5HHy9xp2n4 B8iMiMPZNUkHnn7J5+xzKu6aB4CfKFJTKIkeAsOP3Wim2/tIMMqzkebLyM8gia0l NpMtQMBrdYoVPZK3jGSOdks2u37+Xhq6APKvM9lKA1LN68bcbAvFhQogA11O3jcZ gz/qVKJ+A3gRpdKyT1OK4mL164cf2WsYnWuvt7a55q0bsDU9JbOEK2xmDLb6Iw58 zBncl9tpYInPS6t4omDoGMTbNxm1gJvF7pWpZ6NtkIBlcmwWtJgfaMflUQ2MspLi VF5cTzvyCJ5BnvA7pqbtPR05s11ak4IAC/dgSoEnhC9nYeJQeZ6GLQXzvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHBL87bI7u8MuSF8BNsRQn22RV1OMB8GA1UdIwQY MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt YzcxNjFkYzVjMDg3LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3 LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUoKmGUl kpFLa9wSZY+MLl1QheUxnVIjsIzdKoVEpiMWRjE3ZkpBemBZ6yKV4hI3ZZF3Fp0W sP1leYzjaojeSxe2RLBQAv9f8c0x2kJzX7Qhhw9oTcjCwttkY8OmkE6EEAb5rmn8 /wPuluDYvDDvYIdkx+h5Qnb6H2AP4s101xImK6tIwh89ZDdMw9BjxyOklSXn53BI MBfMWEkvurL+5dZQ/LOZjiQ03y7PNSSv6furkonjKP9s3JHddxXJr5FR3ynY2bmJ vrIQL7fLJ3UwtkbIxp/UnSvgR5dKEqdjCBV/y49T9Z+AAs6OHll7FlLMdMFutzJd HyfHmPbZPJ3E8Q== -----END CERTIFICATE-----Generated at Sat Dec 6 22:42:56 2025 by rpki-client