This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft File: OhoMABa5sz-T6Kejk9CRkNXhhJk.mft (raw, json) Hash identifier: i9HE+0c1eJByxjPMzIVzB1hF1rK6o9F7ctwGvWmBAvA= Subject key identifier: 03:1D:B1:E8:32:72:94:27:80:18:43:62:26:99:AA:7E:AE:2F:60:1B Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99 Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499 Certificate serial: 019AF38A1C94D1466BAC48E86F5F723739C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft Manifest number: 0D39 Signing time: Sat 06 Dec 2025 12:01:45 +0000 Manifest this update: Sat 06 Dec 2025 12:01:45 +0000 Manifest next update: Sun 07 Dec 2025 12:01:45 +0000 Files and hashes: 1: OhoMABa5sz-T6Kejk9CRkNXhhJk.crl (hash: G45GNRO61U/QlFiaKDWpHKzE8fZLcrRyOU6/FQRHBCQ=) 2: UG2XZdsSP9vahLS8deUbiGwgM84.roa (hash: H+YkvMLky6FPgjSDWIrs7G2kpfOLt2YF+/59bitetA8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:8a:1c:94:d1:46:6b:ac:48:e8:6f:5f:72:37:39:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499 Validity Not Before: Dec 6 12:01:45 2025 GMT Not After : Dec 7 12:01:45 2025 GMT Subject: CN=031db1e832729427801843622699aa7eae2f601b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:09:f8:a0:a7:d9:8d:ec:a5:5e:af:35:a6:76: d9:f8:80:8a:03:92:99:60:93:11:75:7a:ee:d7:05: 5f:6b:03:42:e9:57:82:26:5e:c1:26:70:f6:ac:18: 11:dc:34:88:85:b4:95:54:19:70:53:57:67:c5:4f: 18:4d:32:02:9a:3f:7c:b4:b7:23:fc:5b:5f:93:96: e1:a6:fc:de:8d:d4:68:1b:c7:16:df:4d:7f:18:2a: a0:8f:c2:c7:c4:06:4d:3c:2e:c2:71:7d:a1:1c:10: a5:7d:e2:31:77:35:c4:93:f3:4a:5d:70:87:3a:88: d6:7e:92:1c:a8:4f:1e:b4:35:20:b7:5a:3a:5d:4f: 68:dc:f1:22:ec:e8:5d:1d:1e:96:6f:99:fe:83:c1: 5c:0a:09:59:4e:a4:75:d0:a5:86:7b:ba:6a:29:97: 64:88:af:a1:e7:8d:0b:2d:52:92:d2:77:6f:08:fd: 59:52:45:48:2a:8c:ea:af:9c:d6:0d:99:da:c5:ce: c8:10:f0:2a:7e:44:1f:f3:ff:fe:02:a5:5c:f1:90: 01:59:79:f4:bc:ef:82:26:83:21:20:e1:6d:ae:47: 20:22:63:5a:24:1b:3b:a4:d9:75:1b:8a:ee:cf:1b: 12:77:9f:6f:37:57:b9:3d:a1:0b:3e:f8:d7:63:38: 7c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:1D:B1:E8:32:72:94:27:80:18:43:62:26:99:AA:7E:AE:2F:60:1B X509v3 Authority Key Identifier: keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:81:fc:72:eb:45:6a:1d:f7:71:85:08:07:43:11:7b:5d:9f: 44:33:9c:9c:cd:bd:3e:42:94:64:52:80:b0:6a:aa:95:39:22: 5d:3b:fa:4c:04:e0:e1:f7:36:fc:10:d4:4a:7d:fc:0d:8a:5b: 5c:9b:af:74:af:f1:6f:e3:98:a6:40:45:d0:f0:72:bd:85:e4: 75:27:bc:95:5b:a8:58:ba:dc:55:42:f2:20:be:1f:2c:b6:38: 94:38:2b:a6:7f:fc:7f:2e:70:b7:47:09:04:95:12:5f:6b:a6: f4:88:97:ca:01:59:64:a5:8a:dc:65:43:45:7f:c6:64:17:da: 6b:fe:00:f0:d5:40:d3:53:36:6e:0b:37:92:bf:9f:4a:1c:3e: 59:57:a3:1a:53:55:59:5d:e0:eb:86:69:ef:61:54:00:7b:b7: 20:42:12:d3:b0:e4:d4:f4:59:a9:a5:1a:99:24:62:88:b2:82: 7f:cf:03:6b:50:27:fb:ab:ff:a7:92:e5:32:6b:05:b3:72:0c: 3e:dc:f7:c7:f7:5b:af:71:de:0e:65:72:4f:e3:96:2d:eb:6e: 48:16:21:f9:60:f8:e9:aa:e6:ea:b2:ce:88:f4:d4:3b:03:42: c3:97:78:dc:49:fd:57:4c:5b:5a:5b:28:27:0c:30:9f:fa:a0: 2a:b8:68:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzihyU0UZrrEjob19yNznHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl MTg0OTkwHhcNMjUxMjA2MTIwMTQ1WhcNMjUxMjA3MTIwMTQ1WjAzMTEwLwYDVQQD EygwMzFkYjFlODMyNzI5NDI3ODAxODQzNjIyNjk5YWE3ZWFlMmY2MDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygn4oKfZjeylXq81pnbZ+ICKA5KZ YJMRdXru1wVfawNC6VeCJl7BJnD2rBgR3DSIhbSVVBlwU1dnxU8YTTICmj98tLcj /Ftfk5bhpvzejdRoG8cW301/GCqgj8LHxAZNPC7CcX2hHBClfeIxdzXEk/NKXXCH OojWfpIcqE8etDUgt1o6XU9o3PEi7OhdHR6Wb5n+g8FcCglZTqR10KWGe7pqKZdk iK+h540LLVKS0ndvCP1ZUkVIKozqr5zWDZnaxc7IEPAqfkQf8//+AqVc8ZABWXn0 vO+CJoMhIOFtrkcgImNaJBs7pNl1G4ruzxsSd59vN1e5PaELPvjXYzh8KwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAMdsegycpQngBhDYiaZqn6uL2AbMB8GA1UdIwQY MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt MGI2NDU5Nzc1YjY0LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0 LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeoH8cutF ah33cYUIB0MRe12fRDOcnM29PkKUZFKAsGqqlTkiXTv6TATg4fc2/BDUSn38DYpb XJuvdK/xb+OYpkBF0PByvYXkdSe8lVuoWLrcVULyIL4fLLY4lDgrpn/8fy5wt0cJ BJUSX2um9IiXygFZZKWK3GVDRX/GZBfaa/4A8NVA01M2bgs3kr+fShw+WVejGlNV WV3g64Zp72FUAHu3IEIS07Dk1PRZqaUamSRiiLKCf88Da1An+6v/p5LlMmsFs3IM Ptz3x/dbr3HeDmVyT+OWLetuSBYh+WD46arm6rLOiPTUOwNCw5d43En9V0xbWlso Jwwwn/qgKrhopw== -----END CERTIFICATE-----Generated at Sat Dec 6 18:53:28 2025 by rpki-client