This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft File: OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json) Hash identifier: epNVMGlG5Al4fT+qX7RMrWaXznsf4DVSkzWTzjdjoCk= Subject key identifier: 93:6F:0C:7C:79:88:B6:BC:5F:80:70:D0:2E:9A:D6:6A:2C:C2:9A:AC Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32 Certificate issuer: /CN=38628865afd8a4dfafddef811efcfc79c0387332 Certificate serial: 019AF12DD2CDFBAA98A550E31EBE4D61C264 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft Manifest number: 0C58 Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: lpOAQhEFUYsayOI5ZGzMmCA4hhdifyhBdcZNB3b90is=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d2:cd:fb:aa:98:a5:50:e3:1e:be:4d:61:c2:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=936f0c7c7988b6bc5f8070d02e9ad66a2cc29aac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:6c:47:af:3a:00:4d:87:96:9d:36:16:d3:82: 5e:1e:f8:cc:2a:63:d1:c1:a8:19:f5:8b:cc:81:f1: e0:7b:ae:8d:d2:69:a9:c5:1f:b8:60:62:cc:18:7a: 86:4a:db:7c:f0:b3:da:77:57:c8:6b:8a:d5:df:8e: 0a:46:78:b4:fd:f0:62:15:36:52:26:c8:99:57:67: 64:ec:1a:82:2c:0b:79:2e:86:de:d1:39:3f:20:f0: 2b:ab:e3:4d:3b:da:ab:fc:a4:c2:de:5b:33:62:9a: 39:46:6d:de:b5:08:58:36:d0:55:3b:3c:30:46:87: 6e:b6:92:6c:fa:6e:37:2b:46:ac:3d:39:f4:48:66: 2e:96:db:32:47:91:ed:58:00:ba:d8:b7:b2:1e:92: d9:ea:78:bc:17:09:1e:26:f6:05:02:24:b6:cf:10: 96:d4:15:61:bf:aa:6a:96:c9:20:49:d3:ab:86:c0: 9d:8c:0d:65:cf:e6:be:ad:0c:2d:4d:cf:c2:c9:9d: 04:15:14:02:6c:da:8c:74:e4:9a:24:8d:46:28:74: 48:bc:ae:e4:05:55:aa:f4:49:86:94:9f:d7:5a:bf: 32:45:ef:43:02:4f:b9:78:ee:08:3e:1c:9b:d3:9a: 11:2f:ec:7b:e1:0f:9e:00:65:47:b2:54:ea:29:9d: 8c:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:6F:0C:7C:79:88:B6:BC:5F:80:70:D0:2E:9A:D6:6A:2C:C2:9A:AC X509v3 Authority Key Identifier: keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:18:5f:27:21:b4:16:f9:27:3a:ac:9d:33:94:a9:a0:19:21: 95:e5:58:c4:24:33:52:1b:da:1f:76:f1:6e:c9:79:55:a0:ae: e7:be:c5:ab:cb:3a:75:c9:0d:1d:be:fd:4f:87:f5:39:82:f6: c8:9a:56:f4:98:12:50:91:ad:28:71:fa:bf:ab:35:21:22:8f: 51:d6:7c:1a:76:6c:41:75:15:90:b7:4f:1d:27:2e:dc:8b:5b: 22:1d:56:6e:81:df:b9:8e:0a:f6:bd:97:21:b1:27:8b:98:d4: e1:f3:b9:f1:8c:1f:3a:54:9b:a2:88:eb:69:91:f2:9c:d6:f6: 30:a3:b0:9a:6e:7e:c9:36:41:a5:87:2e:44:5f:3b:7d:38:ad: 12:e7:c7:b5:c5:af:e5:84:bf:11:e2:2c:50:2a:bd:66:1a:ff: 7a:41:dd:d6:f9:32:65:89:22:39:3c:69:04:d9:21:0a:5d:26: 82:fb:f5:ac:5d:de:e7:31:f3:3a:67:57:0b:e6:f5:13:9c:6d: d6:e0:45:86:6c:94:07:57:db:79:08:44:73:eb:df:84:37:aa: 6d:66:5c:52:45:f9:ad:02:54:46:15:ac:fc:aa:07:c0:3f:f3: ed:b6:b1:07:2a:2d:c0:6c:fe:6e:0c:f9:2d:57:3e:c4:38:10: 79:44:90:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdLN+6qYpVDjHr5NYcJkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz ODczMzIwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD Eyg5MzZmMGM3Yzc5ODhiNmJjNWY4MDcwZDAyZTlhZDY2YTJjYzI5YWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+2xHrzoATYeWnTYW04JeHvjMKmPR wagZ9YvMgfHge66N0mmpxR+4YGLMGHqGStt88LPad1fIa4rV344KRni0/fBiFTZS JsiZV2dk7BqCLAt5Lobe0Tk/IPArq+NNO9qr/KTC3lszYpo5Rm3etQhYNtBVOzww RodutpJs+m43K0asPTn0SGYultsyR5HtWAC62LeyHpLZ6ni8FwkeJvYFAiS2zxCW 1BVhv6pqlskgSdOrhsCdjA1lz+a+rQwtTc/CyZ0EFRQCbNqMdOSaJI1GKHRIvK7k BVWq9EmGlJ/XWr8yRe9DAk+5eO4IPhyb05oRL+x74Q+eAGVHslTqKZ2MgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJNvDHx5iLa8X4Bw0C6a1moswpqsMB8GA1UdIwQY MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIhhfJyG0 FvknOqydM5SpoBkhleVYxCQzUhvaH3bxbsl5VaCu577Fq8s6dckNHb79T4f1OYL2 yJpW9JgSUJGtKHH6v6s1ISKPUdZ8GnZsQXUVkLdPHScu3ItbIh1WboHfuY4K9r2X IbEni5jU4fO58YwfOlSboojraZHynNb2MKOwmm5+yTZBpYcuRF87fTitEufHtcWv 5YS/EeIsUCq9Zhr/ekHd1vkyZYkiOTxpBNkhCl0mgvv1rF3e5zHzOmdXC+b1E5xt 1uBFhmyUB1fbeQhEc+vfhDeqbWZcUkX5rQJURhWs/KoHwD/z7baxByotwGz+bgz5 LVc+xDgQeUSQbg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:04:45 2025 by rpki-client