This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft File: OIzM14vxZTPzMYVEPqgtza2SBBA.mft (raw, json) Hash identifier: h3CFQdlKcOcdzRlb8p5auxc+KAIfdv472BFpRmxHjaQ= Subject key identifier: 6A:A3:8E:BB:65:3D:EF:87:A8:87:9B:AC:6B:94:C2:C7:97:9E:9B:18 Authority key identifier: 38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 Certificate issuer: /CN=388cccd78bf16533f33185443ea82dcdad920410 Certificate serial: 019AF23F5F25F52DC36687F13241DE767D22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft Manifest number: 0D9E Signing time: Sat 06 Dec 2025 06:00:30 +0000 Manifest this update: Sat 06 Dec 2025 06:00:30 +0000 Manifest next update: Sun 07 Dec 2025 06:00:30 +0000 Files and hashes: 1: OIzM14vxZTPzMYVEPqgtza2SBBA.crl (hash: RdlDH3wASPLViz4MTrAehYtjObHZ+26bih6EXjsJRNQ=) 2: S5-p15oe6PO1US7yiwalFk2guhA.roa (hash: RxwUj9qrcB8W+bA9U60Y3Yd+aWieeN2zZTQTfRBMSD8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:5f:25:f5:2d:c3:66:87:f1:32:41:de:76:7d:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=388cccd78bf16533f33185443ea82dcdad920410 Validity Not Before: Dec 6 06:00:30 2025 GMT Not After : Dec 7 06:00:30 2025 GMT Subject: CN=6aa38ebb653def87a8879bac6b94c2c7979e9b18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:46:4a:32:c4:3c:39:70:d4:15:b1:37:70:47: 46:21:f6:ac:55:76:87:14:9a:99:de:f8:e9:5b:66: 64:73:92:11:23:34:0f:6b:ab:f2:e1:2a:ce:0c:12: 20:bb:45:72:b5:8a:8d:bd:15:82:4e:87:a8:60:3b: 6d:3f:0a:36:a1:0a:bf:de:33:73:47:cf:7a:d0:f7: 58:db:69:ff:6e:8b:bd:2d:cc:d3:18:a6:f6:4d:19: 80:c2:00:a5:35:5f:7e:95:51:0f:76:d6:0c:60:3b: 2d:ed:b1:b8:eb:16:51:56:1f:1c:de:30:1a:35:8a: da:4a:e7:16:bb:e5:a5:5f:68:e6:2a:2a:c9:f2:4f: c3:b5:91:1e:b0:1c:a7:50:78:54:61:41:20:74:ad: dc:ce:63:8f:f3:a5:03:37:e6:44:fa:4a:d2:87:72: 19:36:08:e5:6a:6e:79:29:89:2b:3a:84:9a:7f:6c: 53:b7:08:ec:e1:e9:e8:75:ac:94:f1:d4:c8:24:62: 98:18:e2:b5:4f:b0:e9:de:3e:b4:50:4e:54:ad:3f: 43:58:94:b5:7d:93:73:b9:53:35:e2:31:55:67:5c: 2c:0c:76:9c:86:8d:7f:87:4a:48:71:33:15:ce:31: 42:91:28:6b:ce:69:4c:92:87:b4:0c:d5:6a:61:5d: 3c:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:A3:8E:BB:65:3D:EF:87:A8:87:9B:AC:6B:94:C2:C7:97:9E:9B:18 X509v3 Authority Key Identifier: keyid:38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:7a:93:7d:11:a4:65:86:38:39:5d:a6:59:c3:aa:d0:da:61: 3b:bd:b6:c2:df:94:b6:5e:39:ac:bc:6e:d7:72:5c:70:ce:8e: 37:d8:73:b3:a6:fc:6b:12:9f:e9:58:27:4e:94:0e:b6:fe:02: d2:68:44:16:0d:38:e8:18:ef:15:43:49:5f:6a:ed:6a:b7:ad: 77:05:0e:d9:7d:6c:3b:0f:c6:9b:6a:91:9b:27:d6:6b:b4:1d: 7a:f2:16:d3:9f:35:a8:f2:b4:7f:9c:27:09:10:82:21:76:eb: 05:e3:5f:e8:74:99:7f:27:10:9c:2c:ed:57:8a:dd:d7:2b:75: 87:b1:2d:d7:cb:e0:1f:e9:a0:e4:5f:b3:b0:1d:d1:9c:d7:58: f8:dc:07:e0:d3:d2:93:c2:87:ae:77:4b:aa:81:93:2f:55:60: 6c:ff:40:99:26:4a:33:33:d6:a7:83:56:49:b8:d2:06:9f:39: 26:66:23:8d:ae:3e:73:9b:cf:dc:7b:57:54:fc:99:2f:d5:d3: b8:85:66:2b:ef:34:1a:87:3c:88:7c:3b:7a:ff:1c:9a:2c:fc: e4:91:dc:bd:b7:59:87:28:4e:49:8d:9b:b0:79:5a:8b:84:b8: 83:77:4a:04:cb:27:8a:a2:dd:eb:06:5e:11:05:8e:9f:8b:0c: 0d:d0:81:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP18l9S3DZofxMkHedn0iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OGNjY2Q3OGJmMTY1MzNmMzMxODU0NDNlYTgyZGNkYWQ5 MjA0MTAwHhcNMjUxMjA2MDYwMDMwWhcNMjUxMjA3MDYwMDMwWjAzMTEwLwYDVQQD Eyg2YWEzOGViYjY1M2RlZjg3YTg4NzliYWM2Yjk0YzJjNzk3OWU5YjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kZKMsQ8OXDUFbE3cEdGIfasVXaH FJqZ3vjpW2Zkc5IRIzQPa6vy4SrODBIgu0VytYqNvRWCToeoYDttPwo2oQq/3jNz R8960PdY22n/bou9LczTGKb2TRmAwgClNV9+lVEPdtYMYDst7bG46xZRVh8c3jAa NYraSucWu+WlX2jmKirJ8k/DtZEesBynUHhUYUEgdK3czmOP86UDN+ZE+krSh3IZ Ngjlam55KYkrOoSaf2xTtwjs4enodayU8dTIJGKYGOK1T7Dp3j60UE5UrT9DWJS1 fZNzuVM14jFVZ1wsDHacho1/h0pIcTMVzjFCkShrzmlMkoe0DNVqYV08mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGqjjrtlPe+HqIebrGuUwseXnpsYMB8GA1UdIwQY MBaAFDiMzNeL8WUz8zGFRD6oLc2tkgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQt MjEwOThhNjEzNTdlLzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQtMjEwOThhNjEzNTdl LzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXqTfRGk ZYY4OV2mWcOq0NphO722wt+Utl45rLxu13JccM6ON9hzs6b8axKf6VgnTpQOtv4C 0mhEFg046BjvFUNJX2rtaretdwUO2X1sOw/Gm2qRmyfWa7QdevIW0581qPK0f5wn CRCCIXbrBeNf6HSZfycQnCztV4rd1yt1h7Et18vgH+mg5F+zsB3RnNdY+NwH4NPS k8KHrndLqoGTL1VgbP9AmSZKMzPWp4NWSbjSBp85JmYjja4+c5vP3HtXVPyZL9XT uIVmK+80Goc8iHw7ev8cmiz85JHcvbdZhyhOSY2bsHlai4S4g3dKBMsniqLd6wZe EQWOn4sMDdCBHA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:03 2025 by rpki-client