This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json) Hash identifier: TKG3bH9U9lUCYkJRK5SwYCvFUotChxa0xcCkxzc/OrE= Subject key identifier: BF:48:FF:AC:AD:5D:B6:D0:5F:72:63:CF:70:2C:05:E7:29:D8:E5:7E Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Certificate serial: 019B0859916028F673B6241547AFC3A3DD85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft Manifest number: 0472 Signing time: Wed 10 Dec 2025 13:00:46 +0000 Manifest this update: Wed 10 Dec 2025 13:00:46 +0000 Manifest next update: Thu 11 Dec 2025 13:00:46 +0000 Files and hashes: 1: BFrr-Y0U-5iptN2idzPFsrYv6zw.roa (hash: SItZsNwfN8g7OyWNk2li9IKpDbpjiOGNcOTycVK0WwU=) 2: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: QjbS2+xDgvrWyYmhYhTSGMznH+r19aE9NtA1VA4JBBE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:59:91:60:28:f6:73:b6:24:15:47:af:c3:a3:dd:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Validity Not Before: Dec 10 13:00:46 2025 GMT Not After : Dec 11 13:00:46 2025 GMT Subject: CN=bf48ffacad5db6d05f7263cf702c05e729d8e57e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:05:e2:44:d4:4a:22:7d:76:73:c7:ce:fb:da: 3c:9f:37:a0:ef:09:61:65:a5:1c:ce:33:5a:6f:e8: 71:60:b1:67:d5:a9:03:cd:96:93:f5:e0:ed:21:4c: 45:bd:2f:b3:89:84:39:5d:30:fc:35:74:4b:0d:03: 78:7a:f8:65:ac:95:6a:05:63:ea:be:6b:36:83:62: 6f:5f:0c:1c:b9:b1:b1:08:0b:f2:05:fe:2c:48:e6: bc:06:60:f7:a5:6b:e5:7a:bb:44:52:7d:78:db:5d: 2a:86:90:ed:56:f8:0c:e0:9b:0c:b4:2a:b5:d4:ab: b3:86:04:40:2e:01:16:97:a2:af:d2:f5:29:94:80: 25:eb:3f:4c:15:5a:af:cc:70:35:20:42:d8:fb:3b: 38:54:ab:5e:a1:7b:7d:f5:9d:7b:10:00:6c:0d:9d: 2c:40:e5:d0:24:cc:98:a8:9a:c4:e4:15:cf:b0:64: 2c:41:63:4d:3b:66:4e:e0:d5:2d:43:0b:cb:33:e4: 54:79:77:ea:49:4c:93:34:4e:ce:1f:39:84:bd:90: 47:57:40:45:c3:0f:ef:2d:f9:f7:f3:a1:32:83:64: 8e:8e:3e:e6:f7:a4:2b:0d:73:e5:ce:d0:94:85:f9: 39:2c:62:30:55:0d:35:8f:8b:db:2b:03:3c:24:ef: 16:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:48:FF:AC:AD:5D:B6:D0:5F:72:63:CF:70:2C:05:E7:29:D8:E5:7E X509v3 Authority Key Identifier: keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:d6:5d:53:3a:bc:ae:8d:12:ae:47:04:54:a4:1a:ac:c7:67: c6:61:61:07:df:9a:1a:19:73:f2:a1:d8:fe:b3:fb:f8:7e:5a: e4:8d:49:db:e9:47:e7:e5:a5:e1:fb:66:d9:0b:c2:ce:48:07: 31:50:ce:1a:7b:7a:ed:b5:a7:f5:11:32:00:71:7f:26:50:e8: 2d:e6:90:42:8c:4e:60:d9:7a:a3:50:e5:50:0d:e7:dc:64:df: 89:d7:db:d3:34:98:71:b8:63:5c:72:9f:00:ce:6c:bd:17:b9: cd:ba:23:6d:08:a1:28:b6:5c:47:b7:f0:28:0e:55:d2:82:2a: 0d:32:c8:26:e4:00:20:82:32:cd:cc:16:54:fc:48:53:14:48: f0:cb:e2:19:e8:8b:3c:16:d2:bd:19:77:d6:78:87:3a:53:ee: 3f:66:3d:eb:61:65:59:9c:fa:18:8e:69:4f:0e:76:2a:2d:e3: 8f:db:08:a5:34:7d:cb:39:8c:32:ed:81:cb:27:b7:2a:7f:5a: 50:c3:d0:72:e3:aa:01:8a:b1:d1:af:7e:40:6c:3a:5b:03:cd: 69:f5:cc:b4:d0:b2:65:1d:16:df:58:c8:05:73:8e:ad:c4:a8: 2f:7e:47:05:12:39:46:bf:53:c6:8e:56:51:1a:ed:85:2c:ab: e8:5b:56:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsIWZFgKPZztiQVR6/Do92FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0 M2ViNzkwHhcNMjUxMjEwMTMwMDQ2WhcNMjUxMjExMTMwMDQ2WjAzMTEwLwYDVQQD EyhiZjQ4ZmZhY2FkNWRiNmQwNWY3MjYzY2Y3MDJjMDVlNzI5ZDhlNTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowXiRNRKIn12c8fO+9o8nzeg7wlh ZaUczjNab+hxYLFn1akDzZaT9eDtIUxFvS+ziYQ5XTD8NXRLDQN4evhlrJVqBWPq vms2g2JvXwwcubGxCAvyBf4sSOa8BmD3pWvlertEUn14210qhpDtVvgM4JsMtCq1 1KuzhgRALgEWl6Kv0vUplIAl6z9MFVqvzHA1IELY+zs4VKteoXt99Z17EABsDZ0s QOXQJMyYqJrE5BXPsGQsQWNNO2ZO4NUtQwvLM+RUeXfqSUyTNE7OHzmEvZBHV0BF ww/vLfn386Eyg2SOjj7m96QrDXPlztCUhfk5LGIwVQ01j4vbKwM8JO8WsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9I/6ytXbbQX3Jjz3AsBecp2OV+MB8GA1UdIwQY MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4 LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN9ZdUzq8 ro0SrkcEVKQarMdnxmFhB9+aGhlz8qHY/rP7+H5a5I1J2+lH5+Wl4ftm2QvCzkgH MVDOGnt67bWn9REyAHF/JlDoLeaQQoxOYNl6o1DlUA3n3GTfidfb0zSYcbhjXHKf AM5svRe5zbojbQihKLZcR7fwKA5V0oIqDTLIJuQAIIIyzcwWVPxIUxRI8MviGeiL PBbSvRl31niHOlPuP2Y962FlWZz6GI5pTw52Ki3jj9sIpTR9yzmMMu2Byye3Kn9a UMPQcuOqAYqx0a9+QGw6WwPNafXMtNCyZR0W31jIBXOOrcSoL35HBRI5Rr9Txo5W URrthSyr6FtWZw== -----END CERTIFICATE-----Generated at Wed Dec 10 17:41:56 2025 by rpki-client