This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft File: o2osPu23l22c4wRYHyNTL-y0bn8.mft (raw, json) Hash identifier: PrP3V5MJhGJeUoXE9B+jDoQPgAsbqw6z7Rgc0IHhY0g= Subject key identifier: 13:FA:C6:67:82:22:82:96:6C:12:79:6D:C6:B8:92:85:97:BD:3F:36 Authority key identifier: A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F Certificate issuer: /CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f Certificate serial: 019B2D789AD228AEF9DB3BFD18261A81E8FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft Manifest number: 177D Signing time: Wed 17 Dec 2025 18:00:37 +0000 Manifest this update: Wed 17 Dec 2025 18:00:37 +0000 Manifest next update: Thu 18 Dec 2025 18:00:37 +0000 Files and hashes: 1: o2osPu23l22c4wRYHyNTL-y0bn8.crl (hash: Wup8CCxmCZMFusJQh8eItIpShbybuJLJs/mdPjGxJ/k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:78:9a:d2:28:ae:f9:db:3b:fd:18:26:1a:81:e8:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f Validity Not Before: Dec 17 18:00:37 2025 GMT Not After : Dec 18 18:00:37 2025 GMT Subject: CN=13fac667822282966c12796dc6b8928597bd3f36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:6a:6e:5b:8a:7d:7d:fb:86:a7:1f:d3:69:f0: 90:38:b9:86:54:0b:6b:62:92:91:6b:55:90:60:72: a6:09:e8:17:30:84:50:db:a0:72:c8:22:b7:00:fc: 0a:a7:bf:cb:91:a1:b7:b8:d0:94:28:f2:3f:3a:f6: 34:e0:b8:37:ed:b2:fe:6e:3a:61:40:4c:af:8c:02: 6f:d8:c8:05:3c:e5:15:b2:f0:05:e9:83:bf:58:4e: 44:01:7a:30:d6:aa:98:17:45:87:96:f9:ba:5c:c5: df:25:08:20:af:8b:31:65:88:1b:d4:27:93:ef:f6: 68:88:55:af:3e:38:bf:43:71:74:be:08:2a:cd:a9: d2:97:5d:ee:6a:01:fc:9d:71:5a:18:cf:13:00:d9: d5:d7:0b:6b:6d:21:3f:55:38:1f:20:d6:2b:f1:e5: a3:7f:9b:a7:ec:9a:16:fa:39:ab:12:d6:7c:a1:67: b1:63:eb:36:12:d7:f3:4a:c2:73:f8:e5:89:5a:77: 27:ef:44:ba:af:ed:9e:09:93:7d:0a:f6:3c:ed:16: 57:71:1d:11:e6:46:6f:07:eb:ae:7e:d8:77:de:c9: 0b:8a:3d:d0:7b:4f:4c:ae:e2:a1:99:72:3f:28:53: 7f:dd:83:7d:5c:44:38:c4:f8:08:44:41:95:b5:bd: bb:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:FA:C6:67:82:22:82:96:6C:12:79:6D:C6:B8:92:85:97:BD:3F:36 X509v3 Authority Key Identifier: keyid:A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:fe:ec:aa:29:52:ee:06:16:a6:2d:6a:1f:9e:04:46:6e:5c: 98:5e:fc:b0:f5:a7:95:12:ad:66:24:b3:a8:c3:54:e8:ec:30: 07:15:0b:6c:97:c8:d9:7a:7c:31:1d:f7:05:03:bf:59:12:8f: 2a:ab:27:79:63:5f:f0:b1:69:3f:d3:7b:0d:79:43:c7:50:a7: 2f:97:75:43:93:7f:24:2b:f3:e6:2b:dd:7c:af:dc:e9:94:e9: 04:4d:a3:f0:81:94:95:24:4e:69:6c:2b:84:4f:02:66:73:f3: 86:d1:40:38:7f:87:50:d9:09:18:19:a0:ee:12:80:62:c4:3b: a5:0a:d3:35:45:a4:c1:36:d5:cd:8e:ae:4d:82:b0:cd:cc:2a: 7e:8e:ed:35:06:6d:0b:39:12:4a:51:87:62:a2:ed:03:bf:0e: 51:bd:94:63:1d:bb:37:2d:b8:ab:07:9b:87:03:b3:2a:93:df: d8:d3:0d:be:f5:30:0a:90:16:63:ba:3f:23:6f:55:14:74:b5: 94:12:63:72:3d:96:cf:8c:38:c9:81:95:2e:db:d3:7d:1e:06: d1:97:14:9f:cd:a0:69:b1:bf:cf:b2:a1:5d:66:c8:ee:5d:fb: 8e:a9:90:a2:c0:c9:4a:52:10:00:34:87:48:e1:23:4f:db:62: 3a:3d:72:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsteJrSKK752zv9GCYagej7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNmEyYzNlZWRiNzk3NmQ5Y2UzMDQ1ODFmMjM1MzJmZWNi NDZlN2YwHhcNMjUxMjE3MTgwMDM3WhcNMjUxMjE4MTgwMDM3WjAzMTEwLwYDVQQD EygxM2ZhYzY2NzgyMjI4Mjk2NmMxMjc5NmRjNmI4OTI4NTk3YmQzZjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmpuW4p9ffuGpx/TafCQOLmGVAtr YpKRa1WQYHKmCegXMIRQ26ByyCK3APwKp7/LkaG3uNCUKPI/OvY04Lg37bL+bjph QEyvjAJv2MgFPOUVsvAF6YO/WE5EAXow1qqYF0WHlvm6XMXfJQggr4sxZYgb1CeT 7/ZoiFWvPji/Q3F0vggqzanSl13uagH8nXFaGM8TANnV1wtrbSE/VTgfINYr8eWj f5un7JoW+jmrEtZ8oWexY+s2EtfzSsJz+OWJWncn70S6r+2eCZN9CvY87RZXcR0R 5kZvB+uufth33skLij3Qe09MruKhmXI/KFN/3YN9XEQ4xPgIREGVtb27dwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBP6xmeCIoKWbBJ5bca4koWXvT82MB8GA1UdIwQY MBaAFKNqLD7tt5dtnOMEWB8jUy/stG5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGIt ZGRlMTkyM2JhNzI0LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGItZGRlMTkyM2JhNzI0 LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/7sqilS 7gYWpi1qH54ERm5cmF78sPWnlRKtZiSzqMNU6OwwBxULbJfI2Xp8MR33BQO/WRKP KqsneWNf8LFpP9N7DXlDx1CnL5d1Q5N/JCvz5ivdfK/c6ZTpBE2j8IGUlSROaWwr hE8CZnPzhtFAOH+HUNkJGBmg7hKAYsQ7pQrTNUWkwTbVzY6uTYKwzcwqfo7tNQZt CzkSSlGHYqLtA78OUb2UYx27Ny24qwebhwOzKpPf2NMNvvUwCpAWY7o/I29VFHS1 lBJjcj2Wz4w4yYGVLtvTfR4G0ZcUn82gabG/z7KhXWbI7l37jqmQosDJSlIQADSH SOEjT9tiOj1ypw== -----END CERTIFICATE-----Generated at Wed Dec 17 20:12:55 2025 by rpki-client