This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft File: oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json) Hash identifier: VsUpXYstcPwnQsi9SJ1M4GptzT+Fv/OAD97taG4y1JM= Subject key identifier: E6:AF:B6:E5:2D:80:90:78:36:A6:D7:E1:40:15:42:0A:50:6D:0A:4D Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD Certificate issuer: /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd Certificate serial: 019AF5E5A4B004A256CFBED5E97F7E12CFDB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft Manifest number: 03E5 Signing time: Sat 06 Dec 2025 23:00:58 +0000 Manifest this update: Sat 06 Dec 2025 23:00:58 +0000 Manifest next update: Sun 07 Dec 2025 23:00:58 +0000 Files and hashes: 1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: oNQUebILvx7g9m2HFiS1aD2HAWOtOfc5iperYiq8kXE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e5:a4:b0:04:a2:56:cf:be:d5:e9:7f:7e:12:cf:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd Validity Not Before: Dec 6 23:00:58 2025 GMT Not After : Dec 7 23:00:58 2025 GMT Subject: CN=e6afb6e52d80907836a6d7e14015420a506d0a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3b:bd:a9:3d:0f:76:6b:e8:7f:93:54:90:0a: e5:54:69:bb:c8:53:ed:90:4d:f8:5a:a4:17:1c:10: a8:be:42:2c:0a:48:62:b6:56:03:03:af:28:db:83: 11:99:95:c2:38:f1:02:8a:a7:62:13:36:4d:1b:5f: d1:91:f1:ba:e3:7a:58:bc:a5:ee:d7:7f:2b:93:95: 41:0b:82:a5:91:ae:49:14:53:fe:b1:fb:ad:08:2a: a1:87:07:0b:ee:ca:4b:13:67:92:02:cb:89:46:ff: 90:d0:cf:25:c4:2a:46:8a:40:28:ac:e9:77:af:18: 84:13:ef:4d:75:14:ce:e6:a0:61:58:a5:8a:a9:53: 70:30:23:ce:92:74:ce:76:45:8d:a7:12:aa:8c:7c: b0:b1:b9:82:e1:8b:a6:2c:b9:ed:05:09:d9:29:20: 90:8d:d8:a2:0f:74:6a:e5:73:94:87:0f:a1:41:5c: 30:29:32:46:14:32:48:24:c0:8c:e9:d3:bb:a4:9c: c4:5f:15:6b:b1:ae:2c:06:77:7b:8e:d8:25:df:40: 74:d5:5e:bd:f0:af:e1:3e:da:e6:d2:09:e8:5f:c6: 5d:b3:c1:ee:ba:75:5f:22:54:bb:c8:06:6b:09:78: c9:57:59:f5:9e:f7:70:da:97:f2:39:f7:f9:1a:77: 5a:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:AF:B6:E5:2D:80:90:78:36:A6:D7:E1:40:15:42:0A:50:6D:0A:4D X509v3 Authority Key Identifier: keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:11:6a:21:40:6c:1f:cb:2f:1c:2f:1e:94:ec:9d:57:0c:d7: 4e:32:20:6a:7a:6a:4c:43:f3:54:89:76:2c:36:35:45:b0:28: 16:51:50:d3:c3:e3:66:e9:13:a3:a3:01:fe:58:0a:e7:f8:2a: 71:51:ec:b1:c7:24:9e:4b:fd:4a:8a:52:c9:22:d5:83:4d:35: c1:18:44:31:dc:f3:fb:e0:49:48:f4:47:d0:e5:b5:b1:14:6f: de:ef:2d:1f:2e:7f:6c:54:16:51:79:52:07:a0:64:c8:65:ac: 26:74:f0:3d:c5:28:50:78:f8:e1:25:2f:21:90:ab:4e:8f:d4: 6c:a0:60:22:2c:8b:e8:72:c3:4f:4e:bb:46:a4:84:e3:38:df: 24:f9:98:7f:fd:d6:39:76:bd:74:de:3c:c2:1b:cf:e1:8d:e6: 8c:13:ae:f9:43:69:d2:d2:b8:7d:6b:af:8f:d5:30:9d:15:44: fb:22:62:c5:31:4a:bb:78:45:bb:c8:a7:0c:de:37:23:46:c4: 50:ca:27:69:ff:cc:d1:09:4c:14:09:4e:03:f2:ab:27:10:55: 80:90:30:50:dc:d5:93:8b:f5:b1:a3:73:75:01:68:48:d7:ef: 08:68:af:2f:5d:1d:aa:c4:ea:57:83:25:00:3d:f2:7f:b6:c7: c7:a4:3c:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15aSwBKJWz77V6X9+Es/bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl Y2VlY2QwHhcNMjUxMjA2MjMwMDU4WhcNMjUxMjA3MjMwMDU4WjAzMTEwLwYDVQQD EyhlNmFmYjZlNTJkODA5MDc4MzZhNmQ3ZTE0MDE1NDIwYTUwNmQwYTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ju9qT0Pdmvof5NUkArlVGm7yFPt kE34WqQXHBCovkIsCkhitlYDA68o24MRmZXCOPECiqdiEzZNG1/RkfG643pYvKXu 138rk5VBC4Klka5JFFP+sfutCCqhhwcL7spLE2eSAsuJRv+Q0M8lxCpGikAorOl3 rxiEE+9NdRTO5qBhWKWKqVNwMCPOknTOdkWNpxKqjHywsbmC4YumLLntBQnZKSCQ jdiiD3Rq5XOUhw+hQVwwKTJGFDJIJMCM6dO7pJzEXxVrsa4sBnd7jtgl30B01V69 8K/hPtrm0gnoX8Zds8HuunVfIlS7yAZrCXjJV1n1nvdw2pfyOff5GndaMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOavtuUtgJB4NqbX4UAVQgpQbQpNMB8GA1UdIwQY MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxFqIUBs H8svHC8elOydVwzXTjIganpqTEPzVIl2LDY1RbAoFlFQ08PjZukTo6MB/lgK5/gq cVHssccknkv9SopSySLVg001wRhEMdzz++BJSPRH0OW1sRRv3u8tHy5/bFQWUXlS B6BkyGWsJnTwPcUoUHj44SUvIZCrTo/UbKBgIiyL6HLDT067RqSE4zjfJPmYf/3W OXa9dN48whvP4Y3mjBOu+UNp0tK4fWuvj9UwnRVE+yJixTFKu3hFu8inDN43I0bE UMonaf/M0QlMFAlOA/KrJxBVgJAwUNzVk4v1saNzdQFoSNfvCGivL10dqsTqV4Ml AD3yf7bHx6Q8WQ== -----END CERTIFICATE-----Generated at Sun Dec 7 01:33:03 2025 by rpki-client