This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft File: OXsxr3cA59mVkO39nVhKG1A46tc.mft (raw, json) Hash identifier: 6mzxzkLCYXazNbX4GWK/qHz3vBkGYkWsodhR2RvOWhY= Subject key identifier: F2:7D:E3:17:85:68:2B:E8:2A:91:2B:C5:B5:EA:E6:DB:9F:8E:52:C1 Authority key identifier: 39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7 Certificate issuer: /CN=397b31af7700e7d99590edfd9d584a1b5038ead7 Certificate serial: 019AF23F5CE4EC968A3958631FF4AC787B78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft Manifest number: 0216 Signing time: Sat 06 Dec 2025 06:00:29 +0000 Manifest this update: Sat 06 Dec 2025 06:00:29 +0000 Manifest next update: Sun 07 Dec 2025 06:00:29 +0000 Files and hashes: 1: OXsxr3cA59mVkO39nVhKG1A46tc.crl (hash: ynh5d++4I9JVRfwRVzRDSBtIkkJIISI93ZqLe65uImQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:5c:e4:ec:96:8a:39:58:63:1f:f4:ac:78:7b:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=397b31af7700e7d99590edfd9d584a1b5038ead7 Validity Not Before: Dec 6 06:00:29 2025 GMT Not After : Dec 7 06:00:29 2025 GMT Subject: CN=f27de31785682be82a912bc5b5eae6db9f8e52c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:9f:79:44:47:11:80:8c:9d:0c:ce:3f:a5:bb: ec:5f:10:56:2b:53:81:14:3d:d6:77:95:4c:61:52: a2:ff:30:b5:b4:54:2f:2e:56:64:74:59:e9:9c:77: 0d:47:bd:20:c4:39:a1:59:92:e8:60:29:3e:8f:31: 9a:18:4c:3a:2f:a1:8d:da:db:66:dc:c2:69:ce:ae: 03:2f:7f:e6:b9:df:cf:26:57:7c:22:cb:ff:50:83: 0d:37:6b:df:82:67:25:d9:fe:9b:77:f8:d2:39:c1: 27:9a:33:06:8f:bc:02:e2:e3:da:d1:44:6c:44:f0: 34:1e:5b:4a:f0:6f:94:3f:8b:d0:5c:2c:70:0a:a3: 31:e9:74:6c:47:33:2a:1d:34:50:da:b6:99:d9:da: ab:35:b1:4b:49:85:f2:88:7a:ea:87:14:7e:eb:8e: 6a:2d:a9:d5:7b:c2:03:0d:6a:fe:6c:47:13:60:8c: c2:a1:a7:ee:9b:f4:3c:7e:a0:a0:3b:74:d1:d9:4b: 16:c3:61:27:af:a9:dc:c6:f9:60:ab:0f:8e:04:19: dc:38:d7:80:69:60:f8:5f:af:b8:7c:e3:63:01:72: 4f:d1:03:e1:40:64:da:95:ff:05:86:79:62:4c:42: 1e:9a:6b:a4:6a:5d:9a:93:ad:55:03:e1:0c:7b:4e: 36:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:7D:E3:17:85:68:2B:E8:2A:91:2B:C5:B5:EA:E6:DB:9F:8E:52:C1 X509v3 Authority Key Identifier: keyid:39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:79:1f:a1:b7:cd:d0:8f:72:75:d6:ba:d6:1e:9a:90:ff:8e: e8:49:b3:47:2b:d3:d5:09:f9:7a:34:d0:4f:7f:59:60:a2:18: 26:c2:0f:b3:14:cd:a4:47:10:85:b5:42:e7:e8:25:68:a1:c6: b1:c0:f8:70:c8:2f:2c:de:7f:86:1e:12:14:62:f7:ae:1d:63: 09:44:4b:57:7a:0d:b0:48:90:da:37:0e:f1:87:b0:5f:ac:68: 69:2d:83:2d:4a:ea:12:c3:ff:db:3e:36:9c:e1:b6:3a:fa:5b: 97:9e:1b:78:6f:de:07:8b:40:14:eb:3a:37:8b:87:b4:ee:b7: eb:44:16:56:69:f0:ff:af:93:16:a5:50:de:b5:2f:99:37:52: c8:ee:86:eb:29:07:21:9f:e6:01:9b:5e:7b:d3:b2:50:c7:69: cf:69:9e:18:7e:e6:4f:cb:99:f4:18:7e:6b:43:cb:43:52:5a: 8b:50:57:16:ec:f3:ef:b9:e3:3c:76:6e:e6:8a:79:51:ec:d9: 83:04:fd:17:40:bf:9f:23:8f:76:07:5e:56:dd:ea:02:cf:c9: c8:c9:09:ac:cc:d0:5e:6c:a2:de:2e:65:36:99:65:c8:84:3e: dc:51:8c:80:de:62:01:31:f5:ba:72:5d:30:e2:d2:cf:d2:0a: 48:fb:dc:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP1zk7JaKOVhjH/SseHt4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5N2IzMWFmNzcwMGU3ZDk5NTkwZWRmZDlkNTg0YTFiNTAz OGVhZDcwHhcNMjUxMjA2MDYwMDI5WhcNMjUxMjA3MDYwMDI5WjAzMTEwLwYDVQQD EyhmMjdkZTMxNzg1NjgyYmU4MmE5MTJiYzViNWVhZTZkYjlmOGU1MmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ95REcRgIydDM4/pbvsXxBWK1OB FD3Wd5VMYVKi/zC1tFQvLlZkdFnpnHcNR70gxDmhWZLoYCk+jzGaGEw6L6GN2ttm 3MJpzq4DL3/mud/PJld8Isv/UIMNN2vfgmcl2f6bd/jSOcEnmjMGj7wC4uPa0URs RPA0HltK8G+UP4vQXCxwCqMx6XRsRzMqHTRQ2raZ2dqrNbFLSYXyiHrqhxR+645q LanVe8IDDWr+bEcTYIzCoafum/Q8fqCgO3TR2UsWw2Enr6ncxvlgqw+OBBncONeA aWD4X6+4fONjAXJP0QPhQGTalf8FhnliTEIemmukal2ak61VA+EMe0423wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJ94xeFaCvoKpErxbXq5tufjlLBMB8GA1UdIwQY MBaAFDl7Ma93AOfZlZDt/Z1YShtQOOrXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2Qt YjIwMmUwNWFjODRhLzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2QtYjIwMmUwNWFjODRh LzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkXkfobfN 0I9ydda61h6akP+O6EmzRyvT1Qn5ejTQT39ZYKIYJsIPsxTNpEcQhbVC5+glaKHG scD4cMgvLN5/hh4SFGL3rh1jCURLV3oNsEiQ2jcO8YewX6xoaS2DLUrqEsP/2z42 nOG2Ovpbl54beG/eB4tAFOs6N4uHtO6360QWVmnw/6+TFqVQ3rUvmTdSyO6G6ykH IZ/mAZtee9OyUMdpz2meGH7mT8uZ9Bh+a0PLQ1Jai1BXFuzz77njPHZu5op5UezZ gwT9F0C/nyOPdgdeVt3qAs/JyMkJrMzQXmyi3i5lNpllyIQ+3FGMgN5iATH1unJd MOLSz9IKSPvcuQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:09:18 2025 by rpki-client