This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.mft File: OX2fPb_DZTMuKCvRdqaAdURtHRs.mft (raw, json) Hash identifier: vHk+PACwADX1lKS2fbwY8vxPhgcQnt5ZSuL/ZaH50e0= Subject key identifier: EA:CE:74:3E:0F:45:90:34:01:06:30:41:0C:CA:CC:28:70:12:13:23 Authority key identifier: 39:7D:9F:3D:BF:C3:65:33:2E:28:2B:D1:76:A6:80:75:44:6D:1D:1B Certificate issuer: /CN=397d9f3dbfc365332e282bd176a68075446d1d1b Certificate serial: 019AF0BEF7B904AADBA6A85B5D6F9D8797A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OX2fPb_DZTMuKCvRdqaAdURtHRs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.mft Manifest number: 1185 Signing time: Fri 05 Dec 2025 23:00:38 +0000 Manifest this update: Fri 05 Dec 2025 23:00:38 +0000 Manifest next update: Sat 06 Dec 2025 23:00:38 +0000 Files and hashes: 1: OX2fPb_DZTMuKCvRdqaAdURtHRs.crl (hash: d6UpkZkRdiYpheq8yX07Ke7YVW6fuorD+UBkaeqMd+s=) 2: PKmiIVXi-5ieWf281G2v09ZDGMA.roa (hash: 6UbdjRvfhwNfGfOQcI0HpEZ2pxwE+yP96jeW3uJG9VU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.mft rsync://rpki.ripe.net/repository/DEFAULT/OX2fPb_DZTMuKCvRdqaAdURtHRs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:be:f7:b9:04:aa:db:a6:a8:5b:5d:6f:9d:87:97:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=397d9f3dbfc365332e282bd176a68075446d1d1b Validity Not Before: Dec 5 23:00:38 2025 GMT Not After : Dec 6 23:00:38 2025 GMT Subject: CN=eace743e0f459034010630410ccacc2870121323 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:c0:e6:76:cc:a0:e9:44:4a:5a:21:54:a8:f7: 23:6e:01:04:3f:f4:fe:80:d8:c9:96:7a:93:cd:6b: 54:f1:5f:2f:ec:f2:87:ac:b5:8b:01:14:66:d0:e5: 70:a5:b4:46:60:2e:ca:b9:b7:76:a1:ed:d4:07:d3: 9c:b2:03:23:64:55:23:f0:a3:b8:3d:17:69:a9:7c: cc:b0:b5:97:dc:5d:ff:57:1f:fd:70:ce:ce:58:f4: de:f5:9b:8e:ae:db:f8:ed:e5:a0:3b:04:45:89:49: d2:75:0d:1b:a6:08:cb:a1:3c:4d:cc:21:96:93:57: 87:69:3b:1f:7f:63:46:ca:cf:d9:c3:fa:f3:3c:0d: f2:de:fc:dd:6c:80:92:77:76:03:b5:ef:67:e7:bd: 22:d1:a3:6f:0e:a7:cf:b6:66:a9:32:69:f7:9c:d2: af:df:85:c1:43:c3:46:64:7d:77:7c:24:94:2b:55: dd:08:3b:a5:c0:67:68:e8:71:97:95:ab:c2:4b:aa: e4:f3:4d:8e:71:49:9d:19:9d:bb:6b:51:1f:fa:79: a3:24:f3:f2:b9:4b:3d:61:a8:6e:5c:4b:f4:cc:1c: b9:12:5c:76:97:ac:89:a3:b0:19:b3:e3:23:38:3e: 35:2f:28:26:aa:da:42:88:da:b8:33:69:a3:c1:c4: 96:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:CE:74:3E:0F:45:90:34:01:06:30:41:0C:CA:CC:28:70:12:13:23 X509v3 Authority Key Identifier: keyid:39:7D:9F:3D:BF:C3:65:33:2E:28:2B:D1:76:A6:80:75:44:6D:1D:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OX2fPb_DZTMuKCvRdqaAdURtHRs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:5f:a4:3f:a7:43:67:a2:a7:dc:4f:3b:3f:c4:fb:1c:bb:f6: ff:96:6a:b0:2b:e2:43:26:34:58:52:f3:93:12:96:e4:19:01: ec:ac:73:09:6a:4a:fe:9f:42:42:2e:48:d2:9d:d1:8b:7e:2d: ea:85:65:9b:aa:23:54:ae:e2:d7:51:e8:7f:48:35:70:14:63: c4:17:c4:b4:29:73:f2:dc:b9:55:55:37:fa:f2:c9:73:66:66: a1:5c:ae:45:c8:42:db:78:d2:c3:5b:64:3a:1d:0f:56:bf:81: 25:1c:f7:7e:f8:1e:60:2e:14:d6:09:73:68:8a:9a:f5:30:64: 5c:77:d1:93:f6:1c:94:ec:5f:60:e7:75:a9:62:da:40:4f:64: 67:02:36:b7:26:70:bc:95:6a:28:dd:a5:55:df:9c:57:eb:19: cb:c3:78:19:19:c4:3c:7c:6c:b1:8c:e8:b0:dd:6f:5a:dc:d2: 09:14:ca:41:a0:61:04:87:1d:7f:17:7b:d9:cd:5a:e8:9c:67: 03:70:99:59:20:bd:3b:69:bd:42:7f:39:a9:51:e6:a4:70:bb: 12:19:ae:d2:1e:91:44:e8:c4:f2:a3:65:0e:47:59:19:31:8f: 1f:c3:97:d4:4e:cc:29:0b:fb:2c:c2:e1:f7:eb:d7:65:de:70: 90:16:58:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvve5BKrbpqhbXW+dh5ekMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5N2Q5ZjNkYmZjMzY1MzMyZTI4MmJkMTc2YTY4MDc1NDQ2 ZDFkMWIwHhcNMjUxMjA1MjMwMDM4WhcNMjUxMjA2MjMwMDM4WjAzMTEwLwYDVQQD EyhlYWNlNzQzZTBmNDU5MDM0MDEwNjMwNDEwY2NhY2MyODcwMTIxMzIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Dmdsyg6URKWiFUqPcjbgEEP/T+ gNjJlnqTzWtU8V8v7PKHrLWLARRm0OVwpbRGYC7Kubd2oe3UB9OcsgMjZFUj8KO4 PRdpqXzMsLWX3F3/Vx/9cM7OWPTe9ZuOrtv47eWgOwRFiUnSdQ0bpgjLoTxNzCGW k1eHaTsff2NGys/Zw/rzPA3y3vzdbICSd3YDte9n570i0aNvDqfPtmapMmn3nNKv 34XBQ8NGZH13fCSUK1XdCDulwGdo6HGXlavCS6rk802OcUmdGZ27a1Ef+nmjJPPy uUs9YahuXEv0zBy5Elx2l6yJo7AZs+MjOD41LygmqtpCiNq4M2mjwcSWPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOrOdD4PRZA0AQYwQQzKzChwEhMjMB8GA1UdIwQY MBaAFDl9nz2/w2UzLigr0XamgHVEbR0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1gyZlBiX0RaVE11S0N2UmRxYUFkVVJ0SFJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9hZjJmOGYtMTIxMi00OTQzLWJkMGMt ZDg2YWIyZmU3NjQ4LzEvT1gyZlBiX0RaVE11S0N2UmRxYUFkVVJ0SFJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9hZjJmOGYtMTIxMi00OTQzLWJkMGMtZDg2YWIyZmU3NjQ4 LzEvT1gyZlBiX0RaVE11S0N2UmRxYUFkVVJ0SFJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeV+kP6dD Z6Kn3E87P8T7HLv2/5ZqsCviQyY0WFLzkxKW5BkB7KxzCWpK/p9CQi5I0p3Ri34t 6oVlm6ojVK7i11Hof0g1cBRjxBfEtClz8ty5VVU3+vLJc2ZmoVyuRchC23jSw1tk Oh0PVr+BJRz3fvgeYC4U1glzaIqa9TBkXHfRk/YclOxfYOd1qWLaQE9kZwI2tyZw vJVqKN2lVd+cV+sZy8N4GRnEPHxssYzosN1vWtzSCRTKQaBhBIcdfxd72c1a6Jxn A3CZWSC9O2m9Qn85qVHmpHC7Ehmu0h6RROjE8qNlDkdZGTGPH8OX1E7MKQv7LMLh 9+vXZd5wkBZYYg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:06 2025 by rpki-client