This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft File: OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json) Hash identifier: U62aT3c4zTCAtuX6R/YojQ4Us9QwBgZ+cjR88aPPCoo= Subject key identifier: 12:D0:47:8C:C6:69:74:6D:C8:79:E5:12:F6:25:2C:FD:71:69:C2:9B Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF Certificate issuer: /CN=397ab2286c67871dab457a7283297fc8c688a4af Certificate serial: 019AF5AE5B4FF6D55B2060460EA7F993EA77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 22:00:35 +0000 Manifest this update: Sat 06 Dec 2025 22:00:35 +0000 Manifest next update: Sun 07 Dec 2025 22:00:35 +0000 Files and hashes: 1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: 18mnNXGK6arCVQxEknYgCtwPYcAcJgzm0R9zhN+hjDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:5b:4f:f6:d5:5b:20:60:46:0e:a7:f9:93:ea:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af Validity Not Before: Dec 6 22:00:35 2025 GMT Not After : Dec 7 22:00:35 2025 GMT Subject: CN=12d0478cc669746dc879e512f6252cfd7169c29b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c2:1b:46:12:fc:9f:73:42:57:ad:c6:73:d4: 94:fb:9d:5f:79:43:dc:22:96:2e:4b:a8:45:25:5c: 06:dc:ee:22:8e:37:f6:1e:c2:41:de:51:60:e8:af: f6:aa:6d:59:67:ef:24:f1:a6:db:a6:ad:28:40:16: 70:b4:7c:30:95:39:23:ad:16:2d:7d:de:ab:44:75: a7:af:de:fe:fd:cc:e4:04:a5:9e:20:62:c0:56:ea: 08:40:d1:2b:63:7d:81:d6:de:6e:f1:1b:0c:5f:58: 22:7b:e6:40:12:97:71:50:96:3c:f8:3d:91:66:3e: ae:06:6e:74:66:70:2d:e4:02:85:28:55:dc:db:ee: d9:da:17:c0:60:38:80:4d:3e:f0:fb:e7:69:d1:37: fd:1a:3e:e5:e5:09:22:ef:56:f7:77:15:c2:db:48: 70:6e:f3:4a:d4:d2:b7:f0:95:76:43:21:41:36:79: ca:2d:f0:e5:2b:25:83:da:08:1d:21:25:66:24:61: 48:b5:0d:a9:e0:67:10:69:73:3c:4f:21:ff:b0:9a: 45:99:4a:95:0d:62:d2:15:71:17:75:31:40:9b:60: 83:6d:99:e2:b2:5f:7e:a8:c0:0e:8b:f2:88:cc:a6: 25:ec:99:c1:e9:09:82:56:40:67:07:b6:52:1b:f4: 1d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:D0:47:8C:C6:69:74:6D:C8:79:E5:12:F6:25:2C:FD:71:69:C2:9B X509v3 Authority Key Identifier: keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:98:3f:d6:59:9a:ce:d2:31:2d:92:16:53:b7:07:56:9c:fa: e4:f1:15:e2:90:d0:7c:eb:a3:a8:2b:a5:f1:be:cd:61:d9:36: 23:63:48:7d:5c:21:77:12:42:f7:78:29:7b:d7:01:8b:ba:66: a1:ef:83:94:bf:11:80:d6:b9:c2:e9:2e:f3:1d:b0:4e:a0:2c: 11:5b:d2:99:29:82:ce:2d:cf:bf:bf:2f:37:87:19:17:86:64: f9:9c:42:c1:89:74:e1:40:ed:fd:5e:2b:7f:51:07:f1:be:d9: 61:e9:8d:45:54:8d:f4:52:59:88:51:14:00:e9:79:b6:d0:fc: 88:2b:45:f5:8b:cb:e5:7c:a6:71:0f:9e:88:0b:e3:0d:c3:d1: d8:2f:94:85:1b:2e:cb:70:3e:07:be:eb:95:92:10:ea:48:3e: c2:7d:5f:e8:6c:cb:c6:03:b7:ff:a2:1c:ef:d4:1c:bd:de:f7: 84:84:18:89:d2:b3:b4:b5:6c:6e:d8:4e:37:88:b1:6d:5a:6d: 96:b6:bc:4d:c7:ff:50:4a:fb:4b:5c:a4:bd:df:d6:29:96:e6: 5a:ac:86:69:c3:87:80:f0:d7:a0:b4:2e:09:9b:80:c2:3b:b6: 63:59:cd:fb:a0:fe:e6:07:c8:a2:e4:4e:52:30:43:75:2e:9e: 05:68:3b:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rltP9tVbIGBGDqf5k+p3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4 OGE0YWYwHhcNMjUxMjA2MjIwMDM1WhcNMjUxMjA3MjIwMDM1WjAzMTEwLwYDVQQD EygxMmQwNDc4Y2M2Njk3NDZkYzg3OWU1MTJmNjI1MmNmZDcxNjljMjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcIbRhL8n3NCV63Gc9SU+51feUPc IpYuS6hFJVwG3O4ijjf2HsJB3lFg6K/2qm1ZZ+8k8abbpq0oQBZwtHwwlTkjrRYt fd6rRHWnr97+/czkBKWeIGLAVuoIQNErY32B1t5u8RsMX1gie+ZAEpdxUJY8+D2R Zj6uBm50ZnAt5AKFKFXc2+7Z2hfAYDiATT7w++dp0Tf9Gj7l5Qki71b3dxXC20hw bvNK1NK38JV2QyFBNnnKLfDlKyWD2ggdISVmJGFItQ2p4GcQaXM8TyH/sJpFmUqV DWLSFXEXdTFAm2CDbZnisl9+qMAOi/KIzKYl7JnB6QmCVkBnB7ZSG/Qd7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBLQR4zGaXRtyHnlEvYlLP1xacKbMB8GA1UdIwQY MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZg/1lma ztIxLZIWU7cHVpz65PEV4pDQfOujqCul8b7NYdk2I2NIfVwhdxJC93gpe9cBi7pm oe+DlL8RgNa5wuku8x2wTqAsEVvSmSmCzi3Pv78vN4cZF4Zk+ZxCwYl04UDt/V4r f1EH8b7ZYemNRVSN9FJZiFEUAOl5ttD8iCtF9YvL5XymcQ+eiAvjDcPR2C+UhRsu y3A+B77rlZIQ6kg+wn1f6GzLxgO3/6Ic79Qcvd73hIQYidKztLVsbthON4ixbVpt lra8Tcf/UEr7S1ykvd/WKZbmWqyGacOHgPDXoLQuCZuAwju2Y1nN+6D+5gfIouRO UjBDdS6eBWg79Q== -----END CERTIFICATE-----Generated at Sun Dec 7 02:34:16 2025 by rpki-client