This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft File: O849R0p3XOR3Y3FjK8GWyh9Owjs.mft (raw, json) Hash identifier: VKb/ZLL2MDkrZbbOtMrirRX6UuJfROB1W6OCZp0RMG8= Subject key identifier: F4:51:B5:A0:AF:A2:FB:C4:B5:F1:86:1F:E8:2B:80:93:04:E7:3F:67 Authority key identifier: 3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B Certificate issuer: /CN=3bce3d474a775ce4776371632bc196ca1f4ec23b Certificate serial: 019AF0881E20D54FB9FA953E757261DE05CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft Manifest number: 03FB Signing time: Fri 05 Dec 2025 22:00:43 +0000 Manifest this update: Fri 05 Dec 2025 22:00:43 +0000 Manifest next update: Sat 06 Dec 2025 22:00:43 +0000 Files and hashes: 1: O849R0p3XOR3Y3FjK8GWyh9Owjs.crl (hash: iBSLGRtHEhYiuTQzF/8oe7VAHpWm65PaNR6iNgpB+zs=) 2: aqZglDYGnEsB53FUZu6hOgHFRNI.roa (hash: PiTo1HXxs70zjyTF54PbMNKhREuF1Fd5QySzyhgibes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:1e:20:d5:4f:b9:fa:95:3e:75:72:61:de:05:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bce3d474a775ce4776371632bc196ca1f4ec23b Validity Not Before: Dec 5 22:00:43 2025 GMT Not After : Dec 6 22:00:43 2025 GMT Subject: CN=f451b5a0afa2fbc4b5f1861fe82b809304e73f67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:77:0b:f0:51:22:cf:3f:c1:31:84:71:b1:7f: 37:9a:c9:89:b3:51:43:49:59:a2:1d:8b:d4:ba:e7: 2e:a4:1c:70:d2:18:fa:96:55:de:12:5e:d1:87:9b: aa:d5:c0:42:bc:ea:42:38:62:c9:0a:c7:ee:d1:31: 40:b2:1f:da:bb:57:dd:8d:ea:a8:f1:e3:30:3e:28: 51:41:f5:18:ce:89:ea:41:cf:6e:47:8f:82:76:47: 30:69:cf:03:dd:f2:42:1a:00:4e:79:c5:c6:7f:fd: f6:67:ba:02:c3:85:25:bf:e3:dc:45:53:3c:47:30: 92:9b:e6:a1:b1:bf:03:3c:a5:75:9e:d3:fd:bd:19: 33:79:e5:eb:f5:92:10:0b:a5:0b:21:e5:ab:e3:af: df:99:3e:cc:63:10:ab:64:5c:ec:ca:51:77:cd:5f: 7a:15:6c:0a:60:06:d7:cf:6c:e5:c0:90:db:95:d0: e7:05:9c:25:e0:07:71:1d:f4:72:db:aa:75:b4:cf: 6a:38:13:aa:95:ae:bc:77:70:b6:47:0e:0a:66:df: 0f:44:7d:a0:33:6c:39:fa:c6:09:64:30:12:ab:87: b2:c9:2e:60:a3:12:7a:13:bd:6b:a4:5e:6d:a2:af: f7:43:f2:24:e1:29:d2:e2:09:40:fb:42:fe:a3:04: 9d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:51:B5:A0:AF:A2:FB:C4:B5:F1:86:1F:E8:2B:80:93:04:E7:3F:67 X509v3 Authority Key Identifier: keyid:3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:b8:10:bf:01:42:42:71:08:d5:78:39:49:69:8d:27:2a:fa: 62:3a:84:0b:2d:cf:65:6c:ec:79:a6:92:71:c6:93:57:d9:68: cd:49:4e:e3:38:55:4d:20:db:c9:6c:af:3a:fe:27:80:b6:e2: 32:b6:c2:f3:b1:3f:af:01:db:1a:21:1c:66:1b:3b:df:8a:2b: ed:07:93:74:6f:ff:a8:2b:17:db:ac:ab:65:07:dc:4f:43:19: 88:94:7d:52:5b:9c:d6:3b:c0:3c:c8:4e:d4:82:bb:d3:54:05: 33:d8:35:12:b0:f5:f5:cd:00:1d:9b:53:23:1c:b0:69:66:5b: 7d:56:6c:cb:70:6a:39:38:d5:22:77:f6:dc:21:66:6c:53:2b: d3:43:85:18:c2:4c:ed:90:0b:ca:98:b7:d8:a2:b9:f9:4d:aa: 01:19:e4:ae:46:37:59:6d:c8:e6:07:aa:07:61:5d:73:0f:e2: a2:a3:b4:35:e3:61:e4:2a:6d:ad:6d:b9:bc:9c:61:b9:1a:07: 87:e9:5a:d9:38:07:75:46:7f:e8:55:19:52:1c:85:b2:a8:1a: e9:db:99:fe:0e:55:ab:12:9f:ed:8c:15:19:67:79:75:94:7f: 5b:ae:62:5a:a5:79:80:82:9a:5b:f2:10:b5:e5:f6:6e:bb:e2: a1:9f:9d:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiB4g1U+5+pU+dXJh3gXMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiY2UzZDQ3NGE3NzVjZTQ3NzYzNzE2MzJiYzE5NmNhMWY0 ZWMyM2IwHhcNMjUxMjA1MjIwMDQzWhcNMjUxMjA2MjIwMDQzWjAzMTEwLwYDVQQD EyhmNDUxYjVhMGFmYTJmYmM0YjVmMTg2MWZlODJiODA5MzA0ZTczZjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsncL8FEizz/BMYRxsX83msmJs1FD SVmiHYvUuucupBxw0hj6llXeEl7Rh5uq1cBCvOpCOGLJCsfu0TFAsh/au1fdjeqo 8eMwPihRQfUYzonqQc9uR4+Cdkcwac8D3fJCGgBOecXGf/32Z7oCw4Ulv+PcRVM8 RzCSm+ahsb8DPKV1ntP9vRkzeeXr9ZIQC6ULIeWr46/fmT7MYxCrZFzsylF3zV96 FWwKYAbXz2zlwJDbldDnBZwl4AdxHfRy26p1tM9qOBOqla68d3C2Rw4KZt8PRH2g M2w5+sYJZDASq4eyyS5goxJ6E71rpF5toq/3Q/Ik4SnS4glA+0L+owSdPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRRtaCvovvEtfGGH+grgJME5z9nMB8GA1UdIwQY MBaAFDvOPUdKd1zkd2NxYyvBlsofTsI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEt NjNjYzZjNjdjOTk1LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEtNjNjYzZjNjdjOTk1 LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALrgQvwFC QnEI1Xg5SWmNJyr6YjqECy3PZWzseaaSccaTV9lozUlO4zhVTSDbyWyvOv4ngLbi MrbC87E/rwHbGiEcZhs734or7QeTdG//qCsX26yrZQfcT0MZiJR9Uluc1jvAPMhO 1IK701QFM9g1ErD19c0AHZtTIxywaWZbfVZsy3BqOTjVInf23CFmbFMr00OFGMJM 7ZALypi32KK5+U2qARnkrkY3WW3I5geqB2Fdcw/ioqO0NeNh5CptrW25vJxhuRoH h+la2TgHdUZ/6FUZUhyFsqga6duZ/g5VqxKf7YwVGWd5dZR/W65iWqV5gIKaW/IQ teX2brvioZ+dqA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:40 2025 by rpki-client