This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft File: O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft (raw, json) Hash identifier: Bo7EYa58a+en/cRhudKCgUzZwJAFq/HNdYNtLqTJIz0= Subject key identifier: CC:E5:97:74:13:EB:91:4E:9B:46:1B:51:5D:5F:72:20:BB:D8:70:2E Authority key identifier: 3B:F2:C2:0D:A4:D6:30:18:2E:EE:33:45:AD:9D:1C:4A:D9:17:0D:50 Certificate issuer: /CN=3bf2c20da4d630182eee3345ad9d1c4ad9170d50 Certificate serial: 019AF276E63721ABEC0F19AB9C4A78BB8E06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft Manifest number: 11A0 Signing time: Sat 06 Dec 2025 07:01:09 +0000 Manifest this update: Sat 06 Dec 2025 07:01:09 +0000 Manifest next update: Sun 07 Dec 2025 07:01:09 +0000 Files and hashes: 1: O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl (hash: boXiWgMnpwOPj232LKJ5dqGbDOfKWbG3O+up4BwnIJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:e6:37:21:ab:ec:0f:19:ab:9c:4a:78:bb:8e:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bf2c20da4d630182eee3345ad9d1c4ad9170d50 Validity Not Before: Dec 6 07:01:09 2025 GMT Not After : Dec 7 07:01:09 2025 GMT Subject: CN=cce5977413eb914e9b461b515d5f7220bbd8702e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:16:38:a5:f7:8e:53:48:5e:06:80:03:93:d7: ba:6a:03:38:af:e1:af:2a:55:b1:ab:fe:9e:5b:93: 56:a7:f3:54:d1:5e:9f:4a:a2:8d:c5:84:12:59:8e: f4:44:5e:e6:52:c1:d2:69:c6:c8:58:57:de:a1:93: 07:68:cf:f6:09:c9:3a:51:4f:0c:c6:b1:e5:4a:81: 24:4c:4f:80:85:23:cf:cb:02:5e:4a:8b:7f:f4:22: b8:9c:16:f7:35:c7:18:3f:63:bf:62:86:4c:7b:48: f0:18:8b:31:3e:5d:e9:08:8a:c3:f3:66:f5:11:b8: 75:c1:85:f4:76:4a:b2:9b:d9:2a:1b:6b:cd:90:fa: f3:0d:15:ca:07:c8:0c:48:17:fd:a3:24:2b:51:e0: ab:db:4e:54:51:9e:21:7c:74:f1:c4:57:73:8d:15: 61:f4:08:f3:80:73:3f:13:08:b4:cc:9c:34:aa:16: 4f:56:a2:51:0a:3f:40:16:f1:80:13:d8:3c:0f:41: 3b:03:5b:62:4b:94:8f:aa:8e:0d:c3:48:61:2a:66: c7:81:02:d1:32:b2:eb:1d:b5:6b:a1:9c:f3:30:90: 5f:9a:ed:e4:66:ba:75:ab:05:ac:cd:58:57:7e:5d: 0e:dd:35:a6:6f:30:b5:7f:41:99:a0:cd:79:7a:dc: 5d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:E5:97:74:13:EB:91:4E:9B:46:1B:51:5D:5F:72:20:BB:D8:70:2E X509v3 Authority Key Identifier: keyid:3B:F2:C2:0D:A4:D6:30:18:2E:EE:33:45:AD:9D:1C:4A:D9:17:0D:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_LCDaTWMBgu7jNFrZ0cStkXDVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/072b46-0da1-42d2-899c-a0bda8af756a/1/O_LCDaTWMBgu7jNFrZ0cStkXDVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:b5:b3:88:de:c4:7a:3a:56:3a:9b:5f:0f:3c:e9:cd:50:2b: 22:c2:e6:98:07:e8:3f:87:de:7f:8d:21:1a:bf:1c:4b:42:08: 82:3a:64:39:d1:fb:f9:3e:cb:f4:18:82:24:1b:c9:42:42:b6: 75:53:59:fe:16:a0:63:43:24:45:7d:dd:d9:8a:f0:f9:69:de: 20:51:d7:11:f9:66:8f:77:86:e5:ac:20:b9:1d:e6:22:e6:f2: df:73:31:09:f0:27:64:ce:3f:c6:05:2d:31:68:fb:dc:b5:4a: 36:fc:05:4c:9d:a0:02:58:a8:b1:89:0b:2e:b5:b7:ed:d6:99: 07:76:a1:06:9c:99:61:c6:c6:59:97:bd:2e:d2:da:5b:35:41: 56:63:bf:4a:dd:74:a6:49:1a:89:a2:fe:7a:36:be:89:11:9c: 1f:0a:fe:37:ef:04:bb:c7:c7:84:03:00:07:cf:94:a2:db:2b: e4:b6:49:1a:03:8d:19:50:4c:39:d5:07:76:7b:b3:51:b7:53: 77:c6:d6:26:f7:17:e9:2e:4f:3b:3e:50:f1:56:40:f3:b8:86: 9e:11:fd:38:01:2d:7d:e4:e5:cb:81:c2:68:fe:3c:71:53:0b: 5a:61:3c:8e:48:34:8a:35:ce:65:0a:aa:79:a6:06:87:21:72: 42:0d:e2:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryduY3IavsDxmrnEp4u44GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZjJjMjBkYTRkNjMwMTgyZWVlMzM0NWFkOWQxYzRhZDkx NzBkNTAwHhcNMjUxMjA2MDcwMTA5WhcNMjUxMjA3MDcwMTA5WjAzMTEwLwYDVQQD EyhjY2U1OTc3NDEzZWI5MTRlOWI0NjFiNTE1ZDVmNzIyMGJiZDg3MDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhY4pfeOU0heBoADk9e6agM4r+Gv KlWxq/6eW5NWp/NU0V6fSqKNxYQSWY70RF7mUsHSacbIWFfeoZMHaM/2Cck6UU8M xrHlSoEkTE+AhSPPywJeSot/9CK4nBb3NccYP2O/YoZMe0jwGIsxPl3pCIrD82b1 Ebh1wYX0dkqym9kqG2vNkPrzDRXKB8gMSBf9oyQrUeCr205UUZ4hfHTxxFdzjRVh 9AjzgHM/Ewi0zJw0qhZPVqJRCj9AFvGAE9g8D0E7A1tiS5SPqo4Nw0hhKmbHgQLR MrLrHbVroZzzMJBfmu3kZrp1qwWszVhXfl0O3TWmbzC1f0GZoM15etxdOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMzll3QT65FOm0YbUV1fciC72HAuMB8GA1UdIwQY MBaAFDvywg2k1jAYLu4zRa2dHErZFw1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wNzJiNDYtMGRhMS00MmQyLTg5OWMt YTBiZGE4YWY3NTZhLzEvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny8wNzJiNDYtMGRhMS00MmQyLTg5OWMtYTBiZGE4YWY3NTZh LzEvT19MQ0RhVFdNQmd1N2pORnJaMGNTdGtYRFZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcrWziN7E ejpWOptfDzzpzVArIsLmmAfoP4fef40hGr8cS0IIgjpkOdH7+T7L9BiCJBvJQkK2 dVNZ/hagY0MkRX3d2Yrw+WneIFHXEflmj3eG5awguR3mIuby33MxCfAnZM4/xgUt MWj73LVKNvwFTJ2gAliosYkLLrW37daZB3ahBpyZYcbGWZe9LtLaWzVBVmO/St10 pkkaiaL+eja+iRGcHwr+N+8Eu8fHhAMAB8+Uotsr5LZJGgONGVBMOdUHdnuzUbdT d8bWJvcX6S5POz5Q8VZA87iGnhH9OAEtfeTly4HCaP48cVMLWmE8jkg0ijXOZQqq eaYGhyFyQg3i3A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:19 2025 by rpki-client