This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft File: 0OZTSNwTyFSZx3dNFWYUwSARirU.mft (raw, json) Hash identifier: Mox3ojnroD7hyEy97Q3dfGORLjpA0W1bHN89WFVO1HU= Subject key identifier: 1C:2D:9B:0B:A4:86:D5:CD:11:39:B7:9B:F0:64:56:F8:21:60:E4:C9 Authority key identifier: D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5 Certificate issuer: /CN=d0e65348dc13c85499c7774d156614c120118ab5 Certificate serial: 019AF12E71EA6094F5C4DC82AC05FCC1FC0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft Manifest number: 16B9 Signing time: Sat 06 Dec 2025 01:02:24 +0000 Manifest this update: Sat 06 Dec 2025 01:02:24 +0000 Manifest next update: Sun 07 Dec 2025 01:02:24 +0000 Files and hashes: 1: 0OZTSNwTyFSZx3dNFWYUwSARirU.crl (hash: BbSOF9cpfRS9tX+pKrGTN6AiiF+u64D0lcuO09lFooA=) 2: I8hH4YeV3HM0yWrc52lfIOhYTt8.roa (hash: colmP8j9TQydvYGFc1+glmJgVJjDM5AxsV+6TerMW6o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:71:ea:60:94:f5:c4:dc:82:ac:05:fc:c1:fc:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0e65348dc13c85499c7774d156614c120118ab5 Validity Not Before: Dec 6 01:02:24 2025 GMT Not After : Dec 7 01:02:24 2025 GMT Subject: CN=1c2d9b0ba486d5cd1139b79bf06456f82160e4c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d5:18:e2:4b:af:99:67:d4:3b:f2:11:40:1d: 40:21:69:e9:b0:06:46:31:bd:1c:ed:01:d3:08:cb: 09:6c:1b:7a:b3:3d:13:2e:0d:b9:22:31:29:9d:2c: f7:56:e7:af:fe:25:5d:fe:95:0c:64:56:d2:89:e2: e0:63:6d:e9:b3:95:c7:ed:a7:50:bd:d2:05:55:39: 66:fb:2b:54:2d:bf:af:67:45:56:8b:0b:a8:2a:46: 20:95:98:50:f5:ee:5f:4f:7a:40:10:10:97:9d:05: 45:42:5e:9f:92:01:58:80:85:33:84:ea:ab:73:af: 4a:4a:75:e7:97:6e:de:b2:21:3e:cf:d3:8e:94:c2: 3d:c6:ff:d9:00:87:bd:9a:56:b9:62:a3:cb:3d:60: 00:45:b5:b4:57:6e:02:4b:a6:d2:c8:1b:8f:52:94: 27:df:b8:e7:85:64:da:d1:ce:2b:57:94:f4:4a:b5: f4:f7:6a:c6:d8:ad:68:49:12:cb:d8:30:7e:02:5f: 67:34:61:da:07:63:80:da:41:c2:11:ee:d3:de:f6: 22:45:12:0e:73:75:c7:78:6c:9d:75:fe:f7:e3:cb: 3d:6f:47:eb:5a:86:00:91:c8:d1:80:b3:b9:ed:a1: c7:4f:9c:68:13:ad:07:b6:4f:21:0f:67:04:59:02: 41:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:2D:9B:0B:A4:86:D5:CD:11:39:B7:9B:F0:64:56:F8:21:60:E4:C9 X509v3 Authority Key Identifier: keyid:D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:e1:87:34:3d:d5:a2:64:a5:b8:6e:34:9b:63:5d:03:5c:51: 4f:be:c7:b2:5a:df:db:21:45:ca:d4:53:0b:06:6e:2f:35:fe: 44:b0:1d:4a:23:bd:f5:23:60:35:e4:e9:bf:a9:ca:19:89:f7: ef:b4:1f:1e:e8:db:53:25:07:ed:09:76:40:3c:e0:50:a2:2f: 37:25:ae:7f:c0:44:d1:87:72:ef:be:9f:11:12:94:8c:0d:33: 08:ed:c0:7a:01:4d:1f:68:1e:02:0b:ea:88:c4:8d:61:20:71: ef:13:6d:44:6a:7b:8a:a7:7c:89:2a:0c:3a:d1:59:98:49:8b: 1f:2b:5f:c4:4d:37:83:45:42:56:b7:17:52:05:a3:79:ad:e1: 15:7a:19:5b:02:93:0d:99:53:80:01:06:ac:6e:5e:f2:45:d5: a2:7a:bc:67:d3:d0:21:67:21:a2:64:0d:97:1a:c1:0b:96:a1: 0c:c5:f1:68:90:a6:2d:c0:27:62:a3:c1:ce:e2:4f:74:5c:d5: aa:92:bb:51:d7:58:be:d7:62:fa:a0:c0:8b:bf:3d:4d:d8:9a: 43:3e:45:b6:21:ca:b0:86:ba:d8:83:45:a0:7c:1c:81:81:e2: a1:75:f3:33:9b:77:b9:1c:58:44:bb:8a:52:d6:8d:58:cd:a1: 45:a9:30:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLnHqYJT1xNyCrAX8wfwKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwZTY1MzQ4ZGMxM2M4NTQ5OWM3Nzc0ZDE1NjYxNGMxMjAx MThhYjUwHhcNMjUxMjA2MDEwMjI0WhcNMjUxMjA3MDEwMjI0WjAzMTEwLwYDVQQD EygxYzJkOWIwYmE0ODZkNWNkMTEzOWI3OWJmMDY0NTZmODIxNjBlNGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9UY4kuvmWfUO/IRQB1AIWnpsAZG Mb0c7QHTCMsJbBt6sz0TLg25IjEpnSz3Vuev/iVd/pUMZFbSieLgY23ps5XH7adQ vdIFVTlm+ytULb+vZ0VWiwuoKkYglZhQ9e5fT3pAEBCXnQVFQl6fkgFYgIUzhOqr c69KSnXnl27esiE+z9OOlMI9xv/ZAIe9mla5YqPLPWAARbW0V24CS6bSyBuPUpQn 37jnhWTa0c4rV5T0SrX092rG2K1oSRLL2DB+Al9nNGHaB2OA2kHCEe7T3vYiRRIO c3XHeGyddf7348s9b0frWoYAkcjRgLO57aHHT5xoE60Htk8hD2cEWQJBDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBwtmwukhtXNETm3m/BkVvghYOTJMB8GA1UdIwQY MBaAFNDmU0jcE8hUmcd3TRVmFMEgEYq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYt MGRiMGVjMWU5NDVjLzEvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYtMGRiMGVjMWU5NDVj LzEvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUeGHND3V omSluG40m2NdA1xRT77Hslrf2yFFytRTCwZuLzX+RLAdSiO99SNgNeTpv6nKGYn3 77QfHujbUyUH7Ql2QDzgUKIvNyWuf8BE0Ydy776fERKUjA0zCO3AegFNH2geAgvq iMSNYSBx7xNtRGp7iqd8iSoMOtFZmEmLHytfxE03g0VCVrcXUgWjea3hFXoZWwKT DZlTgAEGrG5e8kXVonq8Z9PQIWchomQNlxrBC5ahDMXxaJCmLcAnYqPBzuJPdFzV qpK7UddYvtdi+qDAi789TdiaQz5FtiHKsIa62INFoHwcgYHioXXzM5t3uRxYRLuK UtaNWM2hRakwKQ== -----END CERTIFICATE-----Generated at Sat Dec 6 06:53:04 2025 by rpki-client