This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft File: O2BOwM_ulmxBmzptXwgrVjwYaL0.mft (raw, json) Hash identifier: XpTtBr8gCdMSNciY7G+k6QZZmN+2iMOrkkRgKLMiejw= Subject key identifier: 3C:47:60:EF:20:F2:C2:B8:45:7C:CF:F7:22:31:D2:A3:C3:78:32:20 Authority key identifier: 3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD Certificate issuer: /CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd Certificate serial: 019AF1D1BF4EFB23256F9CF8D5FB4024F89A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft Manifest number: 0B0E Signing time: Sat 06 Dec 2025 04:00:46 +0000 Manifest this update: Sat 06 Dec 2025 04:00:46 +0000 Manifest next update: Sun 07 Dec 2025 04:00:46 +0000 Files and hashes: 1: O2BOwM_ulmxBmzptXwgrVjwYaL0.crl (hash: WNnTGEzgOpkrlXqA/Q0U730PI73WRE/EcHBtAp+E0ng=) 2: Uekfh-0K2vRcuzrLz8uBXFaOroQ.roa (hash: QN8HhWjjJPearCTxHxonyEJ2yJIbW9sXZXyp6RMDaE0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.crl rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:bf:4e:fb:23:25:6f:9c:f8:d5:fb:40:24:f8:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b604ec0cfee966c419b3a6d5f082b563c1868bd Validity Not Before: Dec 6 04:00:46 2025 GMT Not After : Dec 7 04:00:46 2025 GMT Subject: CN=3c4760ef20f2c2b8457ccff72231d2a3c3783220 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:9d:73:e7:52:18:bb:83:24:9f:a5:ba:05:78: 22:9e:0c:fd:fd:ab:eb:04:04:be:1f:1d:9f:7d:26: 6a:df:3f:e6:d3:f0:ac:f2:b4:a1:77:a9:51:79:98: 18:c0:4b:4e:4a:ad:60:ca:05:d2:bd:29:c4:82:10: c0:f7:52:a0:02:c1:6a:9a:f8:bb:8e:e9:5f:a3:64: 9d:7d:29:47:97:38:1f:26:98:72:3c:61:82:46:0a: 6c:27:aa:91:f8:91:52:d0:f8:b2:4b:93:df:fa:76: 73:74:15:f7:e2:6c:c9:cb:68:51:30:e9:52:01:22: fc:9d:11:60:a3:4a:d6:b4:e7:f9:24:4a:6a:ee:36: 11:eb:40:b1:2e:92:20:9e:23:d0:b5:9e:2a:e2:c2: 86:c7:f2:66:8c:87:73:cb:bf:be:8d:a2:54:ba:44: 35:51:31:3c:6e:4e:5b:a6:99:c4:62:7d:dc:9b:64: 04:be:0b:5d:6e:16:f0:f1:27:46:78:de:ac:89:1e: de:03:a4:10:7e:c3:27:7e:f8:60:31:ba:57:31:c8: bf:a9:19:13:aa:be:db:24:1d:d0:29:c0:8d:4f:2e: a1:6b:af:00:cd:d4:91:53:7f:8d:35:bd:a6:b0:67: ca:bd:ac:83:d8:e4:3c:0f:2f:fb:f7:61:e3:14:3f: c8:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:47:60:EF:20:F2:C2:B8:45:7C:CF:F7:22:31:D2:A3:C3:78:32:20 X509v3 Authority Key Identifier: keyid:3B:60:4E:C0:CF:EE:96:6C:41:9B:3A:6D:5F:08:2B:56:3C:18:68:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2BOwM_ulmxBmzptXwgrVjwYaL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/3f5ea4-1868-4a0b-9218-87e9f21b418b/1/O2BOwM_ulmxBmzptXwgrVjwYaL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:45:29:e7:19:88:82:98:5d:5e:54:0d:ae:30:91:1c:b0:88: 01:4e:23:a4:bf:e5:d1:5e:b9:03:af:70:12:e3:4d:dc:cd:8e: 9d:de:ba:ed:a6:a4:e3:1a:97:e1:17:b8:09:b0:19:a3:50:1a: bb:9c:04:ed:26:2c:b5:05:5b:59:06:e4:f6:f7:d1:07:93:f0: a3:77:5e:4c:03:b4:19:73:2d:46:44:77:ae:01:3f:9d:25:b1: 28:b7:a7:38:e2:d5:d1:76:3b:9b:46:52:f1:31:45:8e:4c:06: 83:60:3f:02:60:d2:9d:08:78:b3:72:81:b8:39:db:1c:2e:e9: 73:d8:ee:fc:94:67:80:8b:4f:bb:79:64:58:be:38:e0:91:e9: 5b:69:1d:c5:03:5a:1e:5e:47:c1:45:49:58:53:95:25:00:c4: 44:4a:57:2c:29:a7:6b:dd:3b:d2:9a:f9:2e:69:9c:ea:2f:b4: ac:7e:9a:f1:06:a2:98:08:fc:c2:32:f7:f0:3f:b8:ff:44:ae: 01:f1:9c:ed:cc:28:d9:76:e5:c2:26:33:12:ac:f7:17:bc:fc: d0:bb:2b:f2:33:95:af:39:ac:6a:ec:e6:ca:05:34:49:7f:60: d9:9c:ef:ec:3a:f5:89:77:5b:ee:38:da:b0:1a:97:c2:9b:c2: 9f:9d:ca:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0b9O+yMlb5z41ftAJPiaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNjA0ZWMwY2ZlZTk2NmM0MTliM2E2ZDVmMDgyYjU2M2Mx ODY4YmQwHhcNMjUxMjA2MDQwMDQ2WhcNMjUxMjA3MDQwMDQ2WjAzMTEwLwYDVQQD EygzYzQ3NjBlZjIwZjJjMmI4NDU3Y2NmZjcyMjMxZDJhM2MzNzgzMjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z1z51IYu4Mkn6W6BXgingz9/avr BAS+Hx2ffSZq3z/m0/Cs8rShd6lReZgYwEtOSq1gygXSvSnEghDA91KgAsFqmvi7 julfo2SdfSlHlzgfJphyPGGCRgpsJ6qR+JFS0PiyS5Pf+nZzdBX34mzJy2hRMOlS ASL8nRFgo0rWtOf5JEpq7jYR60CxLpIgniPQtZ4q4sKGx/JmjIdzy7++jaJUukQ1 UTE8bk5bppnEYn3cm2QEvgtdbhbw8SdGeN6siR7eA6QQfsMnfvhgMbpXMci/qRkT qr7bJB3QKcCNTy6ha68AzdSRU3+NNb2msGfKvayD2OQ8Dy/792HjFD/IIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDxHYO8g8sK4RXzP9yIx0qPDeDIgMB8GA1UdIwQY MBaAFDtgTsDP7pZsQZs6bV8IK1Y8GGi9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgt ODdlOWYyMWI0MThiLzEvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS8zZjVlYTQtMTg2OC00YTBiLTkyMTgtODdlOWYyMWI0MThi LzEvTzJCT3dNX3VsbXhCbXpwdFh3Z3JWandZYUwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEkUp5xmI gphdXlQNrjCRHLCIAU4jpL/l0V65A69wEuNN3M2Ond667aak4xqX4Re4CbAZo1Aa u5wE7SYstQVbWQbk9vfRB5Pwo3deTAO0GXMtRkR3rgE/nSWxKLenOOLV0XY7m0ZS 8TFFjkwGg2A/AmDSnQh4s3KBuDnbHC7pc9ju/JRngItPu3lkWL444JHpW2kdxQNa Hl5HwUVJWFOVJQDEREpXLCmna9070pr5Lmmc6i+0rH6a8QaimAj8wjL38D+4/0Su AfGc7cwo2XblwiYzEqz3F7z80Lsr8jOVrzmsauzmygU0SX9g2Zzv7Dr1iXdb7jja sBqXwpvCn53KJQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:33 2025 by rpki-client