This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft File: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft (raw, json) Hash identifier: g/Sl9YpXYdmowymCvJK/44IFFsNH1XxbWo5qxr6jq6k= Subject key identifier: C2:54:95:D8:30:39:A6:54:29:BD:B9:03:03:7D:B8:24:40:2B:CB:83 Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Certificate serial: 019AF088A21FF05FC88F66ACE833EE5EC2ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft Manifest number: 0C2E Signing time: Fri 05 Dec 2025 22:01:17 +0000 Manifest this update: Fri 05 Dec 2025 22:01:17 +0000 Manifest next update: Sat 06 Dec 2025 22:01:17 +0000 Files and hashes: 1: F3oEv0QBT7ejRZnF2aTKoyEK5cI.roa (hash: MTTLBQPL1aOScQOGtAiCwXpSCEzlrz60TWKC9wTFgO4=) 2: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl (hash: l5S3iVQKUlgIgBwSFg+s5l+ps1TB/O5U33h7v3LhV/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:a2:1f:f0:5f:c8:8f:66:ac:e8:33:ee:5e:c2:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Validity Not Before: Dec 5 22:01:17 2025 GMT Not After : Dec 6 22:01:17 2025 GMT Subject: CN=c25495d83039a65429bdb903037db824402bcb83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:67:2b:99:79:34:72:a4:1c:53:70:b8:21:ea: 9c:b4:95:6b:51:1f:8b:0a:62:94:34:e2:79:bc:d2: 56:b1:2b:1d:b7:a4:0f:24:c3:74:87:e9:3e:c2:67: 6d:1f:7d:1c:21:8e:bf:5a:b9:2a:d7:6f:ac:65:52: c2:8b:dd:10:d5:7a:f3:48:62:17:61:b7:6d:66:58: fa:59:fa:c1:08:2c:7e:68:f5:eb:fc:c9:ef:04:f0: 5f:fd:f6:2d:20:d3:06:14:3f:cd:db:8d:ae:92:79: 5c:5c:a0:c8:83:9f:38:ee:eb:74:ce:8f:e3:a5:fc: 75:14:b1:ba:62:c0:e8:1e:cc:d8:3e:e0:69:a9:db: 4e:27:a3:b5:6d:26:b7:4c:07:31:9f:96:e0:90:9f: 81:ca:c8:f3:2f:df:cb:07:ce:c8:5a:9c:24:c3:be: 92:9b:ef:c5:45:da:98:b3:85:3c:01:22:ab:89:15: b4:9e:dc:ce:e3:da:1e:ed:e8:23:19:dd:13:40:fe: 8d:a9:ea:fc:5e:2b:6d:c1:2c:35:65:67:1c:da:6e: 34:09:df:36:da:b2:60:e3:7d:90:cd:b8:0c:10:3b: 67:7c:98:5d:14:da:57:3d:83:f0:41:68:bb:ec:90: 8f:d9:61:d0:6a:fc:b6:ce:5b:f1:48:c6:1c:a0:4d: 8d:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:54:95:D8:30:39:A6:54:29:BD:B9:03:03:7D:B8:24:40:2B:CB:83 X509v3 Authority Key Identifier: keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:46:b1:e5:93:61:62:e6:3b:31:d8:b4:c1:fe:aa:81:d6:ed: e3:4d:ed:22:de:25:b8:19:90:f3:a3:ac:8e:74:9c:d9:fb:42: 21:63:37:0b:ba:7b:c4:f7:ae:6b:4b:59:63:b5:af:53:73:8e: 94:4e:17:07:ba:5b:fc:b0:f5:e7:92:8c:3b:bb:a5:d8:19:7e: 92:f0:c2:43:96:f1:ca:af:6e:bb:50:53:f0:4b:07:4e:98:32: db:2e:89:e3:3e:50:14:b1:0b:ff:39:50:fa:c2:92:3c:57:24: 5a:0d:f0:fd:38:f1:82:3a:b1:66:0d:5c:21:24:9d:49:2a:4f: 2e:e0:33:be:c5:89:b9:d7:25:d7:f2:9e:a9:ff:d0:3e:29:bd: 9a:73:f1:78:9e:b8:f0:2d:72:72:c4:78:3b:3c:ec:7e:7b:e0: 0a:b5:a1:9f:46:c5:1a:d7:c9:3d:88:5d:92:3d:d5:88:87:ca: a0:1e:fe:67:15:a3:d1:2f:2e:83:f5:05:ca:5a:d4:5b:dd:b3: ec:99:30:8a:75:4a:df:4c:10:a3:32:14:c3:d3:ae:17:cc:3b: 3f:c0:b7:42:1e:27:4d:0b:0f:d1:7b:c0:42:7d:53:e7:e6:56: b1:10:f1:52:95:38:e7:64:5a:70:24:0e:c3:d6:42:0b:d2:ed: 1c:6c:cf:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiKIf8F/Ij2as6DPuXsLtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk Mjc3ZDYwHhcNMjUxMjA1MjIwMTE3WhcNMjUxMjA2MjIwMTE3WjAzMTEwLwYDVQQD EyhjMjU0OTVkODMwMzlhNjU0MjliZGI5MDMwMzdkYjgyNDQwMmJjYjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2crmXk0cqQcU3C4IeqctJVrUR+L CmKUNOJ5vNJWsSsdt6QPJMN0h+k+wmdtH30cIY6/Wrkq12+sZVLCi90Q1XrzSGIX YbdtZlj6WfrBCCx+aPXr/MnvBPBf/fYtINMGFD/N242uknlcXKDIg5847ut0zo/j pfx1FLG6YsDoHszYPuBpqdtOJ6O1bSa3TAcxn5bgkJ+BysjzL9/LB87IWpwkw76S m+/FRdqYs4U8ASKriRW0ntzO49oe7egjGd0TQP6Nqer8XittwSw1ZWcc2m40Cd82 2rJg432QzbgMEDtnfJhdFNpXPYPwQWi77JCP2WHQavy2zlvxSMYcoE2NUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMJUldgwOaZUKb25AwN9uCRAK8uDMB8GA1UdIwQY MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt NDYxMTA0NmYxYTRlLzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMEax5ZNh YuY7Mdi0wf6qgdbt403tIt4luBmQ86OsjnSc2ftCIWM3C7p7xPeua0tZY7WvU3OO lE4XB7pb/LD155KMO7ul2Bl+kvDCQ5bxyq9uu1BT8EsHTpgy2y6J4z5QFLEL/zlQ +sKSPFckWg3w/TjxgjqxZg1cISSdSSpPLuAzvsWJudcl1/Keqf/QPim9mnPxeJ64 8C1ycsR4OzzsfnvgCrWhn0bFGtfJPYhdkj3ViIfKoB7+ZxWj0S8ug/UFylrUW92z 7JkwinVK30wQozIUw9OuF8w7P8C3Qh4nTQsP0XvAQn1T5+ZWsRDxUpU452RacCQO w9ZCC9LtHGzPcA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:01 2025 by rpki-client