This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft File: OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft (raw, json) Hash identifier: iMB8k91INxVV4h1duKT9dUoybgojyi5UQR8c4ZpJlm8= Subject key identifier: F6:5B:7F:E5:79:BA:2A:D3:24:2E:92:F3:66:18:37:74:B9:D0:3F:3D Authority key identifier: 38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0 Certificate issuer: /CN=385cf4939beeeaeaf4409c2840eb344cab0850e0 Certificate serial: 019AF209825C749D115647AEF217E82F3820 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft Manifest number: 0CA8 Signing time: Sat 06 Dec 2025 05:01:40 +0000 Manifest this update: Sat 06 Dec 2025 05:01:40 +0000 Manifest next update: Sun 07 Dec 2025 05:01:40 +0000 Files and hashes: 1: KI_OzKHWNWDApgfZA8fhKRHWYNw.roa (hash: KgInzOYraW/0zKTqbj1OirpA4x6saReBh+LdfK4ZXdI=) 2: OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl (hash: VDVzPZRIE3ZlnthjJCk6t0cXAbR/jL42Y3dQxr2IQVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:82:5c:74:9d:11:56:47:ae:f2:17:e8:2f:38:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=385cf4939beeeaeaf4409c2840eb344cab0850e0 Validity Not Before: Dec 6 05:01:40 2025 GMT Not After : Dec 7 05:01:40 2025 GMT Subject: CN=f65b7fe579ba2ad3242e92f366183774b9d03f3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c2:8d:e6:a3:b6:3e:78:49:a5:10:1d:74:32: 3f:c0:d8:95:48:87:e7:fc:9e:29:f9:5d:8d:32:ca: b1:30:29:60:16:ee:ab:94:8b:97:d4:40:c3:d0:12: 5c:a4:11:9a:41:79:96:5c:b8:0b:1c:d7:68:0e:76: 9c:ca:1b:91:09:72:ec:bd:b2:72:fb:7c:76:b8:69: d4:68:99:de:0e:61:ec:2b:9f:47:48:8b:fe:7d:fc: 5c:6a:15:5a:75:9b:18:52:30:5d:a5:80:78:ea:60: 75:a3:de:bf:8d:97:ea:6d:5c:2e:0a:06:14:0b:7a: 7d:ad:dd:3c:82:2c:70:ff:c9:90:89:8c:f2:9d:b6: f4:23:4b:d5:3d:27:a0:fe:e3:88:95:24:01:cf:cd: f9:b0:73:49:d7:2c:fa:dc:78:46:ef:ff:52:1f:bf: 55:64:a4:a3:68:1e:cd:41:54:8a:54:c3:bc:8d:b3: 76:94:93:8a:23:b6:9d:09:6f:db:07:ca:29:69:80: 08:2b:43:4d:35:26:f8:43:09:3a:6b:86:0b:11:13: a5:46:82:44:0d:00:19:e9:f5:0c:d7:06:1f:7d:07: 5b:51:94:2c:cf:54:d2:cb:d8:0f:b4:b1:6e:83:0c: 54:30:88:26:8a:0c:67:17:37:69:e9:dc:f5:45:6d: af:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:5B:7F:E5:79:BA:2A:D3:24:2E:92:F3:66:18:37:74:B9:D0:3F:3D X509v3 Authority Key Identifier: keyid:38:5C:F4:93:9B:EE:EA:EA:F4:40:9C:28:40:EB:34:4C:AB:08:50:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFz0k5vu6ur0QJwoQOs0TKsIUOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/35b6bd-14b6-43dc-8384-7b7615ff0e96/1/OFz0k5vu6ur0QJwoQOs0TKsIUOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:fc:d6:7a:f9:35:46:3b:82:6d:34:0e:49:8a:d1:30:69:9c: 45:57:bc:d1:43:c6:c2:40:d0:07:50:1a:3e:6c:21:5e:d5:f6: 2a:94:bb:ea:56:52:b3:50:45:27:65:66:96:ed:a7:e0:ba:d9: 13:7b:8c:4f:c8:a7:08:81:8d:03:f4:c0:6d:08:1a:82:1a:7f: 2e:72:ad:46:7e:c9:4b:90:92:25:74:bc:ea:36:83:f3:89:cc: be:b5:15:5f:36:00:cc:d0:55:d9:20:83:4e:c0:5e:76:93:75: 08:36:77:d9:c1:be:ea:91:a8:56:01:fe:81:c5:3f:f2:9c:c3: 8f:93:17:1f:9c:d8:3d:33:75:24:f8:50:7e:16:e2:1d:d5:a4: 68:55:c6:ec:66:fe:0e:3c:a9:ad:7e:41:b3:f7:a8:9c:9e:2c: 94:27:c1:58:55:34:38:41:81:a7:8a:26:68:13:9c:d0:6e:9f: 3f:3f:01:81:ab:e5:68:4b:c1:98:24:99:24:51:20:c8:eb:d6: 1a:4e:5c:09:d0:85:16:02:a1:8e:fa:11:01:ee:3b:a1:e7:c2: 63:29:52:04:aa:c6:ae:e9:71:6a:03:28:ed:3f:a0:ce:53:03: b9:da:13:2d:ba:81:93:0a:da:2c:f5:91:6e:b2:ed:89:5f:35: 3a:57:c8:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCYJcdJ0RVkeu8hfoLzggMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NWNmNDkzOWJlZWVhZWFmNDQwOWMyODQwZWIzNDRjYWIw ODUwZTAwHhcNMjUxMjA2MDUwMTQwWhcNMjUxMjA3MDUwMTQwWjAzMTEwLwYDVQQD EyhmNjViN2ZlNTc5YmEyYWQzMjQyZTkyZjM2NjE4Mzc3NGI5ZDAzZjNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMKN5qO2PnhJpRAddDI/wNiVSIfn /J4p+V2NMsqxMClgFu6rlIuX1EDD0BJcpBGaQXmWXLgLHNdoDnacyhuRCXLsvbJy +3x2uGnUaJneDmHsK59HSIv+ffxcahVadZsYUjBdpYB46mB1o96/jZfqbVwuCgYU C3p9rd08gixw/8mQiYzynbb0I0vVPSeg/uOIlSQBz835sHNJ1yz63HhG7/9SH79V ZKSjaB7NQVSKVMO8jbN2lJOKI7adCW/bB8opaYAIK0NNNSb4Qwk6a4YLEROlRoJE DQAZ6fUM1wYffQdbUZQsz1TSy9gPtLFugwxUMIgmigxnFzdp6dz1RW2vLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZbf+V5uirTJC6S82YYN3S50D89MB8GA1UdIwQY MBaAFDhc9JOb7urq9ECcKEDrNEyrCFDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQt N2I3NjE1ZmYwZTk2LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8zNWI2YmQtMTRiNi00M2RjLTgzODQtN2I3NjE1ZmYwZTk2 LzEvT0Z6MGs1dnU2dXIwUUp3b1FPczBUS3NJVU9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfzWevk1 RjuCbTQOSYrRMGmcRVe80UPGwkDQB1AaPmwhXtX2KpS76lZSs1BFJ2Vmlu2n4LrZ E3uMT8inCIGNA/TAbQgaghp/LnKtRn7JS5CSJXS86jaD84nMvrUVXzYAzNBV2SCD TsBedpN1CDZ32cG+6pGoVgH+gcU/8pzDj5MXH5zYPTN1JPhQfhbiHdWkaFXG7Gb+ DjyprX5Bs/eonJ4slCfBWFU0OEGBp4omaBOc0G6fPz8BgavlaEvBmCSZJFEgyOvW Gk5cCdCFFgKhjvoRAe47oefCYylSBKrGrulxagMo7T+gzlMDudoTLbqBkwraLPWR brLtiV81OlfIfw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:41 2025 by rpki-client