This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft File: ohv-an3Hf0ADcofKevZeOEhfxuk.mft (raw, json) Hash identifier: IX977vBoSeNNAtMUIpDYh9tIOR7hpaF9Zm2bBO51gz4= Subject key identifier: 73:38:F2:07:99:81:69:C5:F4:49:D5:B0:54:28:A3:05:9C:B2:5B:FD Authority key identifier: A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9 Certificate issuer: /CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9 Certificate serial: 019AF12E36993A1AA020BBA8D7ECCD404838 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft Manifest number: 0F5F Signing time: Sat 06 Dec 2025 01:02:08 +0000 Manifest this update: Sat 06 Dec 2025 01:02:08 +0000 Manifest next update: Sun 07 Dec 2025 01:02:08 +0000 Files and hashes: 1: ohv-an3Hf0ADcofKevZeOEhfxuk.crl (hash: VVJC36+Y2exfggSIykvtesoLt6krZ8Juu3kBiTNfXEc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:36:99:3a:1a:a0:20:bb:a8:d7:ec:cd:40:48:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a21bfe6a7dc77f40037287ca7af65e38485fc6e9 Validity Not Before: Dec 6 01:02:08 2025 GMT Not After : Dec 7 01:02:08 2025 GMT Subject: CN=7338f207998169c5f449d5b05428a3059cb25bfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a1:86:8b:0b:27:30:45:e2:50:5a:72:28:ff: 44:68:63:c7:39:7c:4f:99:81:07:d7:65:78:81:4a: ed:47:27:e8:91:8c:fa:da:c2:d7:d3:d1:d8:f8:d4: ef:18:66:78:50:7a:20:de:df:0b:f2:77:20:b5:b1: 7b:03:12:d2:12:8c:2e:9b:71:8c:20:a4:39:76:94: 2d:46:7b:c5:18:8e:6d:b8:53:92:16:c6:dd:3d:34: 35:28:66:e1:31:a7:bc:09:93:d3:81:f1:85:ef:07: 2c:26:c3:ba:e1:5e:40:9d:25:e6:d5:2e:ef:98:e1: 5a:3c:68:d9:be:35:84:a0:14:b6:08:b2:46:ab:6b: 61:11:76:84:0d:aa:c7:1e:25:56:07:2b:78:ca:30: 9a:d8:41:67:62:b8:88:d2:d0:43:fa:28:d2:01:1c: ec:63:d8:fd:f7:4f:e0:e6:ee:96:34:c2:10:f3:71: bf:e6:78:09:b4:d1:2f:f7:e7:93:bd:76:41:16:1f: 2f:8d:1c:92:9e:fa:36:13:a3:1d:4b:f2:dd:78:9f: a7:2e:ae:4d:af:ee:a6:a4:aa:27:24:2a:43:c8:06: d8:21:bd:9a:b1:61:90:b4:85:54:d3:bf:ef:8a:fd: 93:8f:e7:a1:8a:31:5e:0e:89:c1:ca:a3:e1:48:8f: bc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:38:F2:07:99:81:69:C5:F4:49:D5:B0:54:28:A3:05:9C:B2:5B:FD X509v3 Authority Key Identifier: keyid:A2:1B:FE:6A:7D:C7:7F:40:03:72:87:CA:7A:F6:5E:38:48:5F:C6:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohv-an3Hf0ADcofKevZeOEhfxuk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cfb54d-a553-4324-b541-0b535120f327/1/ohv-an3Hf0ADcofKevZeOEhfxuk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:2d:4d:26:0e:a7:b8:23:ca:d6:ca:a2:ac:d0:11:f1:c7:03: b5:55:c6:c4:58:84:f3:48:8e:af:85:a1:da:d8:8c:4c:ac:3a: 6d:e5:6b:c9:c3:88:68:50:f2:02:a8:05:8d:2e:f3:7a:e0:db: e5:67:3a:5e:27:76:b6:29:ff:d0:89:4f:48:10:32:15:d7:82: 0d:0a:85:b3:7e:0a:e0:ad:6e:d6:2f:68:aa:22:64:31:d3:3a: 23:f2:c4:fb:1b:76:2c:16:dd:16:40:88:f3:29:65:18:79:a5: 80:d2:02:cd:40:d1:48:90:8d:da:9a:4c:f6:11:3f:23:95:a7: 0b:79:66:63:d8:4d:e2:34:d1:ce:b2:75:90:6a:2e:ff:74:82: 38:f6:b5:2d:30:4e:99:f3:ab:ca:74:94:3d:cd:f1:be:27:5c: 80:9c:16:4d:0e:19:51:f6:9d:54:f4:32:d4:b3:90:21:8b:7f: 66:d0:fe:ae:c1:2b:e3:6b:dd:16:c6:3d:0c:68:44:02:44:a5: 34:e8:82:99:c1:8e:9b:ee:d6:47:0f:31:15:24:fb:56:02:9f: 37:64:8a:9a:15:0e:6b:cc:25:f1:82:32:63:08:28:5d:5b:7a: a7:29:d8:dc:90:81:42:50:08:99:19:a5:5c:5e:f9:31:d8:6d: b5:ea:8e:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLjaZOhqgILuo1+zNQEg4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMWJmZTZhN2RjNzdmNDAwMzcyODdjYTdhZjY1ZTM4NDg1 ZmM2ZTkwHhcNMjUxMjA2MDEwMjA4WhcNMjUxMjA3MDEwMjA4WjAzMTEwLwYDVQQD Eyg3MzM4ZjIwNzk5ODE2OWM1ZjQ0OWQ1YjA1NDI4YTMwNTljYjI1YmZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6GGiwsnMEXiUFpyKP9EaGPHOXxP mYEH12V4gUrtRyfokYz62sLX09HY+NTvGGZ4UHog3t8L8ncgtbF7AxLSEowum3GM IKQ5dpQtRnvFGI5tuFOSFsbdPTQ1KGbhMae8CZPTgfGF7wcsJsO64V5AnSXm1S7v mOFaPGjZvjWEoBS2CLJGq2thEXaEDarHHiVWByt4yjCa2EFnYriI0tBD+ijSARzs Y9j990/g5u6WNMIQ83G/5ngJtNEv9+eTvXZBFh8vjRySnvo2E6MdS/LdeJ+nLq5N r+6mpKonJCpDyAbYIb2asWGQtIVU07/viv2Tj+ehijFeDonByqPhSI+8nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHM48geZgWnF9EnVsFQoowWcslv9MB8GA1UdIwQY MBaAFKIb/mp9x39AA3KHynr2XjhIX8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEt MGI1MzUxMjBmMzI3LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9jZmI1NGQtYTU1My00MzI0LWI1NDEtMGI1MzUxMjBmMzI3 LzEvb2h2LWFuM0hmMEFEY29mS2V2WmVPRWhmeHVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaS1NJg6n uCPK1sqirNAR8ccDtVXGxFiE80iOr4Wh2tiMTKw6beVrycOIaFDyAqgFjS7zeuDb 5Wc6Xid2tin/0IlPSBAyFdeCDQqFs34K4K1u1i9oqiJkMdM6I/LE+xt2LBbdFkCI 8yllGHmlgNICzUDRSJCN2ppM9hE/I5WnC3lmY9hN4jTRzrJ1kGou/3SCOPa1LTBO mfOrynSUPc3xvidcgJwWTQ4ZUfadVPQy1LOQIYt/ZtD+rsEr42vdFsY9DGhEAkSl NOiCmcGOm+7WRw8xFST7VgKfN2SKmhUOa8wl8YIyYwgoXVt6pynY3JCBQlAImRml XF75MdhtteqOAQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:31:07 2025 by rpki-client