This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft File: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json) Hash identifier: CEQNQNtgLszs6ftJlJZ8EY8fsv9E48aBFsDkCYzS/YU= Subject key identifier: 69:63:3A:23:F6:DC:1A:98:6A:B9:AE:72:73:8F:ED:45:FD:1C:B3:5D Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9 Certificate issuer: /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9 Certificate serial: 019AF3C021C6BE2B117695CB1E78F418F628 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft Manifest number: 0369 Signing time: Sat 06 Dec 2025 13:00:46 +0000 Manifest this update: Sat 06 Dec 2025 13:00:46 +0000 Manifest next update: Sun 07 Dec 2025 13:00:46 +0000 Files and hashes: 1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: 8gRlK1j5s3cYNV+GTn6Kz/4G2iO1qCM3bJc34HuwuLI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:21:c6:be:2b:11:76:95:cb:1e:78:f4:18:f6:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9 Validity Not Before: Dec 6 13:00:46 2025 GMT Not After : Dec 7 13:00:46 2025 GMT Subject: CN=69633a23f6dc1a986ab9ae72738fed45fd1cb35d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f3:d7:1b:56:79:86:12:5a:b5:ea:b0:9d:57: 86:98:77:7f:36:bf:85:b4:da:92:cc:8b:36:92:30: ce:d7:d1:b9:c7:e0:49:87:de:53:cf:51:25:d0:f0: 81:4f:87:8f:0f:be:60:94:fa:7a:a6:e2:f6:d2:45: be:06:33:3f:ac:1b:df:be:12:61:e1:fc:99:54:38: 30:b5:c8:c6:0f:6a:6f:2f:df:0d:84:64:c8:89:55: 17:b7:d8:a9:b4:8e:f8:6b:ed:a1:e1:99:13:65:ff: 85:9e:0b:c1:89:01:43:89:a9:fe:78:0f:eb:f4:dd: 5a:15:45:73:79:f5:fd:67:96:ef:2d:2b:99:6d:4a: fd:57:e2:1b:6e:17:4d:1c:3a:48:34:a7:1e:ae:66: ca:0d:87:ec:f2:60:01:e1:5a:47:cf:ef:e6:1d:b6: 7a:ca:c4:97:26:f4:e6:55:65:38:88:c3:74:0b:7d: 6e:37:61:be:93:4e:8f:ee:b9:12:4e:99:5c:80:0f: 29:55:81:1c:73:97:7b:6c:ee:c0:83:4b:0b:cb:39: 01:f2:e2:06:b3:18:44:8d:f6:24:8e:7d:02:56:31: ad:e2:ba:e7:c7:ce:03:0d:a5:74:04:14:57:fc:90: 38:ef:15:4d:7d:68:10:e2:8c:19:46:1a:1d:de:08: 26:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:63:3A:23:F6:DC:1A:98:6A:B9:AE:72:73:8F:ED:45:FD:1C:B3:5D X509v3 Authority Key Identifier: keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:ad:8c:3f:72:97:f1:4f:2f:31:23:00:7d:2e:c4:14:37:88: d3:5c:2d:6c:0b:b6:53:3f:55:7a:50:93:36:b8:7d:95:7a:9f: ab:52:c3:5b:f5:bd:a6:0e:59:a7:19:6e:05:c2:8b:c3:38:c7: 16:73:6c:1a:52:bd:1e:91:1f:4d:47:69:74:73:04:83:4c:a5: 6e:c3:14:34:32:72:0c:37:c6:d6:52:bf:91:1a:c2:b5:a4:fd: 95:d7:11:30:61:da:11:f2:5c:09:2d:e3:6b:4f:4d:8f:8c:9f: b0:9c:e6:f7:2e:af:96:03:2c:f2:fc:9e:16:80:e7:85:9c:ac: 70:c5:b4:56:64:22:a1:f9:0a:14:97:bc:da:48:8b:bb:fa:c8: 85:1c:b6:d2:9b:1a:35:07:7a:3d:e8:a7:0f:c8:77:15:c5:09: 2b:c1:87:45:e9:cc:ff:4e:ad:d6:2b:76:4a:d6:6e:30:c3:0b: ec:7a:92:b0:49:df:7e:aa:56:37:ea:52:43:7e:c2:3b:f7:bc: 58:8f:fb:f2:9c:fb:17:cc:d2:7c:27:5e:bc:62:20:49:91:73: 95:02:f4:3e:8a:02:79:83:8b:69:30:fc:c0:6a:96:6d:a8:e5: 10:9f:3a:fa:30:d3:e2:d6:d5:e7:83:88:20:96:c4:73:e7:51: 7b:b4:40:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwCHGvisRdpXLHnj0GPYoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz NTFhZjkwHhcNMjUxMjA2MTMwMDQ2WhcNMjUxMjA3MTMwMDQ2WjAzMTEwLwYDVQQD Eyg2OTYzM2EyM2Y2ZGMxYTk4NmFiOWFlNzI3MzhmZWQ0NWZkMWNiMzVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfPXG1Z5hhJateqwnVeGmHd/Nr+F tNqSzIs2kjDO19G5x+BJh95Tz1El0PCBT4ePD75glPp6puL20kW+BjM/rBvfvhJh 4fyZVDgwtcjGD2pvL98NhGTIiVUXt9iptI74a+2h4ZkTZf+FngvBiQFDian+eA/r 9N1aFUVzefX9Z5bvLSuZbUr9V+IbbhdNHDpINKcermbKDYfs8mAB4VpHz+/mHbZ6 ysSXJvTmVWU4iMN0C31uN2G+k06P7rkSTplcgA8pVYEcc5d7bO7Ag0sLyzkB8uIG sxhEjfYkjn0CVjGt4rrnx84DDaV0BBRX/JA47xVNfWgQ4owZRhod3ggmJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGljOiP23BqYarmucnOP7UX9HLNdMB8GA1UdIwQY MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4 LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAba2MP3KX 8U8vMSMAfS7EFDeI01wtbAu2Uz9VelCTNrh9lXqfq1LDW/W9pg5ZpxluBcKLwzjH FnNsGlK9HpEfTUdpdHMEg0ylbsMUNDJyDDfG1lK/kRrCtaT9ldcRMGHaEfJcCS3j a09Nj4yfsJzm9y6vlgMs8vyeFoDnhZyscMW0VmQiofkKFJe82kiLu/rIhRy20psa NQd6PeinD8h3FcUJK8GHRenM/06t1it2StZuMMML7HqSsEnffqpWN+pSQ37CO/e8 WI/78pz7F8zSfCdevGIgSZFzlQL0PooCeYOLaTD8wGqWbajlEJ86+jDT4tbV54OI IJbEc+dRe7RA6w== -----END CERTIFICATE-----Generated at Sat Dec 6 19:37:52 2025 by rpki-client