This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft File: Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json) Hash identifier: IlL6+4gbpewBsYUoLVDmY4Sg1EsW7doLVvvRGh0JyYo= Subject key identifier: 76:A2:98:CC:E5:C9:2E:0C:31:49:12:2A:28:C2:02:91:1D:F0:CA:D8 Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A Certificate issuer: /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a Certificate serial: 019B33443127F41027AA504AD1435733C408 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 21:01:05 +0000 Manifest this update: Thu 18 Dec 2025 21:01:05 +0000 Manifest next update: Fri 19 Dec 2025 21:01:05 +0000 Files and hashes: 1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: ukU+rFqK/wfM+G+2l9teUqBZYlvpT7ACql8LI1vW938=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:31:27:f4:10:27:aa:50:4a:d1:43:57:33:c4:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a Validity Not Before: Dec 18 21:01:05 2025 GMT Not After : Dec 19 21:01:05 2025 GMT Subject: CN=76a298cce5c92e0c3149122a28c202911df0cad8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:3d:50:b8:ff:bc:bb:5f:19:50:84:e5:47:57: ad:5b:9d:58:39:9a:c6:a2:5c:ee:83:bc:81:46:43: 03:f8:68:f0:0f:a3:93:fa:15:f6:91:a6:9d:18:4e: 82:7b:77:aa:09:1c:9f:16:f6:9c:40:59:cd:85:07: cb:69:bb:0e:04:16:e3:3d:54:14:c9:40:23:ad:ff: c3:5a:20:12:d5:a2:d7:62:fa:c3:6f:11:59:d0:65: 67:da:30:52:21:e8:98:6b:e3:0a:6b:65:39:3d:cd: 46:08:a4:c4:15:5a:a7:93:75:15:97:f4:ee:01:2f: 2a:a6:c7:1d:c4:3a:e6:bf:ab:3f:61:b0:d3:21:34: d2:2b:ff:25:56:75:bc:ab:1f:e9:a9:ef:9e:bb:b8: a2:1c:14:65:9f:94:34:61:bc:47:cd:48:83:eb:ad: 33:44:ec:09:58:3d:6d:00:d6:50:6b:0f:39:59:bb: c8:a6:ae:c9:33:dd:69:58:66:db:e4:ad:1c:33:30: 8d:30:8d:ab:b3:2f:e5:60:40:3a:94:5b:5e:91:db: bf:a5:cd:5e:2b:83:4b:c9:61:e9:50:c9:01:75:f4: dd:2e:6c:15:8a:4b:ff:c3:e6:6e:57:33:c2:c7:2a: 6a:93:34:04:45:3c:dc:a6:0a:5a:ab:9b:d7:6b:53: 75:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:A2:98:CC:E5:C9:2E:0C:31:49:12:2A:28:C2:02:91:1D:F0:CA:D8 X509v3 Authority Key Identifier: keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:c3:6f:00:bd:f6:9b:c4:51:14:1c:16:62:d2:80:96:c8:60: 40:6c:7b:e2:b3:ca:c6:cd:13:ea:79:7e:7e:00:3e:6e:77:b1: 21:c9:6a:66:da:20:a5:37:e0:c2:a8:4a:34:b3:64:e9:d5:44: 2e:62:1c:cc:3d:42:bd:99:c0:e4:a4:f3:cc:d6:39:f7:ca:3d: da:f2:26:ce:08:7e:c8:23:6b:d1:24:90:80:d4:63:ee:9f:6a: 86:74:29:4b:e0:a6:83:5b:8d:4e:fe:f6:ee:1c:4d:67:57:99: 10:74:d5:a8:e4:89:c8:73:06:ee:50:c8:ea:4f:8a:5f:5a:4d: 62:29:f2:98:36:aa:6b:77:f5:35:dd:5f:5c:bf:b0:93:b6:a0: 5a:42:c8:9a:c8:1b:4b:87:36:60:90:a9:07:5c:8d:aa:16:c2: f0:69:e6:71:c0:b4:07:b7:0a:56:7f:19:48:02:3c:a0:19:1d: ab:36:66:4a:96:8f:0c:5a:a3:d1:47:c1:ed:59:ae:e8:63:45: 80:b9:bf:f2:12:ce:48:13:62:ae:e6:49:be:55:01:d0:ff:af: ff:c3:2b:8d:bf:60:d9:c6:3b:b5:be:03:0c:28:a8:7b:e8:08: 7f:55:71:02:58:11:ae:a7:96:1b:a6:29:e6:a6:71:21:f3:a6: d0:50:f4:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRDEn9BAnqlBK0UNXM8QIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0 MTY0N2EwHhcNMjUxMjE4MjEwMTA1WhcNMjUxMjE5MjEwMTA1WjAzMTEwLwYDVQQD Eyg3NmEyOThjY2U1YzkyZTBjMzE0OTEyMmEyOGMyMDI5MTFkZjBjYWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj1QuP+8u18ZUITlR1etW51YOZrG olzug7yBRkMD+GjwD6OT+hX2kaadGE6Ce3eqCRyfFvacQFnNhQfLabsOBBbjPVQU yUAjrf/DWiAS1aLXYvrDbxFZ0GVn2jBSIeiYa+MKa2U5Pc1GCKTEFVqnk3UVl/Tu AS8qpscdxDrmv6s/YbDTITTSK/8lVnW8qx/pqe+eu7iiHBRln5Q0YbxHzUiD660z ROwJWD1tANZQaw85WbvIpq7JM91pWGbb5K0cMzCNMI2rsy/lYEA6lFtekdu/pc1e K4NLyWHpUMkBdfTdLmwVikv/w+ZuVzPCxypqkzQERTzcpgpaq5vXa1N1dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHaimMzlyS4MMUkSKijCApEd8MrYMB8GA1UdIwQY MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPcNvAL32 m8RRFBwWYtKAlshgQGx74rPKxs0T6nl+fgA+bnexIclqZtogpTfgwqhKNLNk6dVE LmIczD1CvZnA5KTzzNY598o92vImzgh+yCNr0SSQgNRj7p9qhnQpS+Cmg1uNTv72 7hxNZ1eZEHTVqOSJyHMG7lDI6k+KX1pNYinymDaqa3f1Nd1fXL+wk7agWkLImsgb S4c2YJCpB1yNqhbC8GnmccC0B7cKVn8ZSAI8oBkdqzZmSpaPDFqj0UfB7Vmu6GNF gLm/8hLOSBNiruZJvlUB0P+v/8Mrjb9g2cY7tb4DDCioe+gIf1VxAlgRrqeWG6Yp 5qZxIfOm0FD01A== -----END CERTIFICATE-----Generated at Thu Dec 18 23:11:17 2025 by rpki-client