This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft File: OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json) Hash identifier: +ljqxn9Zz8AaWaVaAioVQjF5/cwNajh9DDr+mPFAxB4= Subject key identifier: C8:BF:66:15:13:4E:A9:2A:9F:BB:C9:35:30:55:97:F9:CC:4C:77:AF Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C Certificate issuer: /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c Certificate serial: 019AF19B36D17168AD56494F67CA01AC6CFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft Manifest number: 175C Signing time: Sat 06 Dec 2025 03:01:12 +0000 Manifest this update: Sat 06 Dec 2025 03:01:12 +0000 Manifest next update: Sun 07 Dec 2025 03:01:12 +0000 Files and hashes: 1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: lfItc5S2niRlDZNjvTfVq5vzOL70duSTjf8XZUO0rdM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:36:d1:71:68:ad:56:49:4f:67:ca:01:ac:6c:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c Validity Not Before: Dec 6 03:01:12 2025 GMT Not After : Dec 7 03:01:12 2025 GMT Subject: CN=c8bf6615134ea92a9fbbc935305597f9cc4c77af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:00:46:cd:35:5e:90:a8:83:c2:06:4d:32:09: ed:f6:76:bb:3e:6d:38:8d:ec:8f:b6:18:53:f0:4b: ff:b3:a0:ad:25:bb:a7:58:ef:c5:84:24:5f:07:8e: 3e:f1:ee:e9:12:2f:a5:57:1a:dc:62:f6:f3:5a:e5: 90:fc:a5:40:7f:5e:cc:1e:32:14:fe:4b:6b:74:1f: fc:2f:ed:b9:f3:bc:0a:0c:43:de:65:01:13:92:d8: 6e:e8:c7:2c:c8:a2:ff:80:fc:b6:72:e4:df:de:d1: 71:1e:42:0a:e3:5b:7b:c7:5b:75:d9:34:d2:fb:26: 37:f1:1b:88:aa:60:0d:51:85:50:08:18:3d:e9:be: 4a:27:7c:ad:18:68:11:ea:87:e9:df:10:0d:05:9e: 5e:d7:bf:69:af:ba:73:28:06:8c:0c:e8:2c:f4:7c: 6f:26:24:47:be:1f:04:ab:bb:c2:3a:05:a2:3d:ef: 31:83:ae:92:c4:9f:54:07:35:e5:9b:64:c8:4c:5f: dd:4c:5e:13:e8:49:47:d0:02:9e:f7:9c:88:13:ba: 37:99:93:80:03:2f:86:ce:0b:16:12:29:2b:30:ef: 65:74:d7:1c:d5:1f:a4:6b:d7:47:92:5b:70:29:64: ca:a2:7f:ce:3b:d3:74:fc:dd:0d:5d:61:85:f7:69: c9:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:BF:66:15:13:4E:A9:2A:9F:BB:C9:35:30:55:97:F9:CC:4C:77:AF X509v3 Authority Key Identifier: keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:c3:3b:52:b9:40:e8:e2:94:fd:51:5f:59:e6:28:7f:68:21: d9:d8:99:08:89:2e:7a:c1:e7:3b:9f:e2:11:bf:03:80:38:59: 8c:43:87:c7:80:ae:cc:6e:ee:e6:d7:5a:05:b1:b6:3b:86:d7: 48:b5:b8:08:75:d1:81:65:aa:18:3b:eb:04:97:d1:3f:28:65: ca:6e:d2:a0:7c:95:36:ed:ad:d3:49:74:18:56:f5:b2:95:11: 90:12:99:26:87:96:58:48:86:32:bc:09:5d:52:8d:06:23:2e: e3:42:b7:f6:f4:e5:19:50:85:69:82:60:ee:12:7b:0b:0b:93: 6b:c0:fa:c3:7d:87:fd:d6:a3:dd:70:18:cf:35:0a:91:c1:29: 8c:c5:dd:0e:c1:cb:df:e8:9f:42:05:75:dd:80:17:ad:74:ea: 8e:7e:d6:06:df:a6:a7:b3:fa:68:ec:fc:26:e0:a4:94:52:9c: 5d:bc:fd:40:d0:2d:19:bc:83:08:99:b3:57:58:cc:4b:ab:a1: f9:e0:58:c0:55:0b:3c:37:57:ea:b7:e4:2e:00:34:55:69:d4: 06:0b:0d:33:49:60:52:a4:69:2b:da:c7:9c:7d:92:3e:bc:8b: 99:4d:16:fb:93:a4:03:97:e2:b6:d9:78:86:28:b8:d0:4c:4b: 01:9a:03:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmzbRcWitVklPZ8oBrGz7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky ZTZlMWMwHhcNMjUxMjA2MDMwMTEyWhcNMjUxMjA3MDMwMTEyWjAzMTEwLwYDVQQD EyhjOGJmNjYxNTEzNGVhOTJhOWZiYmM5MzUzMDU1OTdmOWNjNGM3N2FmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwBGzTVekKiDwgZNMgnt9na7Pm04 jeyPthhT8Ev/s6CtJbunWO/FhCRfB44+8e7pEi+lVxrcYvbzWuWQ/KVAf17MHjIU /ktrdB/8L+2587wKDEPeZQETkthu6McsyKL/gPy2cuTf3tFxHkIK41t7x1t12TTS +yY38RuIqmANUYVQCBg96b5KJ3ytGGgR6ofp3xANBZ5e179pr7pzKAaMDOgs9Hxv JiRHvh8Eq7vCOgWiPe8xg66SxJ9UBzXlm2TITF/dTF4T6ElH0AKe95yIE7o3mZOA Ay+GzgsWEikrMO9ldNcc1R+ka9dHkltwKWTKon/OO9N0/N0NXWGF92nJ/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMi/ZhUTTqkqn7vJNTBVl/nMTHevMB8GA1UdIwQY MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4 LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANsM7UrlA 6OKU/VFfWeYof2gh2diZCIkuesHnO5/iEb8DgDhZjEOHx4CuzG7u5tdaBbG2O4bX SLW4CHXRgWWqGDvrBJfRPyhlym7SoHyVNu2t00l0GFb1spURkBKZJoeWWEiGMrwJ XVKNBiMu40K39vTlGVCFaYJg7hJ7CwuTa8D6w32H/daj3XAYzzUKkcEpjMXdDsHL 3+ifQgV13YAXrXTqjn7WBt+mp7P6aOz8JuCklFKcXbz9QNAtGbyDCJmzV1jMS6uh +eBYwFULPDdX6rfkLgA0VWnUBgsNM0lgUqRpK9rHnH2SPryLmU0W+5OkA5fittl4 hii40ExLAZoDug== -----END CERTIFICATE-----Generated at Sat Dec 6 10:38:18 2025 by rpki-client