This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft File: Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json) Hash identifier: d+nIpKsh5i7G4vQzPl8EA6c+hlcnJu7hM0iZM2+IzT4= Subject key identifier: 3A:6D:02:97:D1:8F:FA:9A:39:EE:DF:BF:C4:B1:D9:17:25:F7:CB:89 Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A Certificate issuer: /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a Certificate serial: 019AF577D5A50AE0C35C0B39D90F761E4A94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 21:01:02 +0000 Manifest this update: Sat 06 Dec 2025 21:01:02 +0000 Manifest next update: Sun 07 Dec 2025 21:01:02 +0000 Files and hashes: 1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: F7X6v9UX+FT1gwjPQczAIRfeb4G5qH18yaX4LxFREPQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:d5:a5:0a:e0:c3:5c:0b:39:d9:0f:76:1e:4a:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a Validity Not Before: Dec 6 21:01:02 2025 GMT Not After : Dec 7 21:01:02 2025 GMT Subject: CN=3a6d0297d18ffa9a39eedfbfc4b1d91725f7cb89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:55:3b:aa:b0:95:95:41:80:49:53:56:9a:0e: d1:e2:15:8b:48:5b:87:f3:27:7d:5c:05:b8:90:69: f7:0f:87:e5:cb:5d:57:e3:d6:52:f4:47:15:4a:dd: f4:3e:f6:11:20:f5:39:00:e2:ee:35:b4:dd:1c:3e: c7:8d:2a:c8:d0:4b:5b:1f:68:13:2e:f4:36:ec:77: dd:85:17:5c:48:77:2b:ce:7b:af:0f:65:e2:2c:94: b4:68:45:b8:14:a3:59:c3:5b:14:23:7e:bc:71:bf: 82:6f:52:6a:d5:6b:06:e5:8b:46:c2:8c:47:cb:77: a8:a0:11:c3:25:aa:94:35:ca:2a:0e:b9:01:15:51: 8d:54:77:5a:7b:6e:30:c2:63:ed:e6:fc:20:9b:75: 90:10:4f:cb:88:7f:e4:60:48:31:d8:a3:04:84:47: a3:28:19:42:51:1b:72:13:51:03:c8:90:72:58:61: ce:cb:d5:c1:1f:71:6c:69:10:c2:11:67:97:f6:84: a4:63:96:00:a7:27:f4:41:13:c5:24:c4:31:12:eb: 08:ad:9f:54:47:35:c0:d1:05:e4:8b:a4:5f:aa:c0: c2:ac:57:dc:e9:c1:7f:f2:ad:aa:81:e3:b1:4d:26: b8:46:68:f7:8d:2a:b2:b9:9f:e9:a8:19:8c:63:c4: d2:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:6D:02:97:D1:8F:FA:9A:39:EE:DF:BF:C4:B1:D9:17:25:F7:CB:89 X509v3 Authority Key Identifier: keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:e3:de:f6:d6:0c:58:1d:f0:71:32:69:02:7f:66:6e:41:9f: 2a:58:46:e0:e8:71:19:c1:d0:d4:b8:ec:3e:16:e7:f4:f0:2c: eb:2b:9b:f2:e0:48:41:5f:96:38:84:c9:88:53:df:89:79:5a: 30:06:3e:26:ac:ef:cc:65:f6:2e:10:0b:a6:45:34:5d:da:87: 2f:98:24:75:71:06:65:33:34:56:01:6c:b9:f9:de:6a:ed:02: 34:a3:41:52:54:21:41:5e:58:f2:bf:9f:fd:43:de:4d:b3:b4: ff:56:5e:f9:4b:17:5f:93:21:7c:2a:27:e4:f3:91:c4:e0:c5: d0:06:d9:5e:4f:4d:4e:44:04:8c:80:28:53:0c:54:27:77:d3: 88:cf:b3:89:38:fc:af:1f:48:10:57:f0:46:e4:d0:61:37:44: dd:01:f8:ae:af:41:a7:40:8f:ab:d4:42:93:83:f0:18:a7:77: 7d:25:b9:ac:ba:30:68:43:8d:b6:6a:bb:1a:b0:18:d5:b0:50: 9f:fe:3a:4d:6c:18:49:11:e2:ff:57:d0:a8:42:b2:e3:8c:8c: 9d:36:e7:31:cf:26:c5:40:59:79:b0:00:c7:68:29:8d:a6:9b: 78:82:a2:4d:ec:6e:c1:6e:a8:2b:a2:05:fd:19:19:0e:7c:13: 23:ab:1f:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d9WlCuDDXAs52Q92HkqUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0 MTY0N2EwHhcNMjUxMjA2MjEwMTAyWhcNMjUxMjA3MjEwMTAyWjAzMTEwLwYDVQQD EygzYTZkMDI5N2QxOGZmYTlhMzllZWRmYmZjNGIxZDkxNzI1ZjdjYjg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFU7qrCVlUGASVNWmg7R4hWLSFuH 8yd9XAW4kGn3D4fly11X49ZS9EcVSt30PvYRIPU5AOLuNbTdHD7HjSrI0EtbH2gT LvQ27HfdhRdcSHcrznuvD2XiLJS0aEW4FKNZw1sUI368cb+Cb1Jq1WsG5YtGwoxH y3eooBHDJaqUNcoqDrkBFVGNVHdae24wwmPt5vwgm3WQEE/LiH/kYEgx2KMEhEej KBlCURtyE1EDyJByWGHOy9XBH3FsaRDCEWeX9oSkY5YApyf0QRPFJMQxEusIrZ9U RzXA0QXki6RfqsDCrFfc6cF/8q2qgeOxTSa4Rmj3jSqyuZ/pqBmMY8TSPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDptApfRj/qaOe7fv8Sx2Rcl98uJMB8GA1UdIwQY MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOPe9tYM WB3wcTJpAn9mbkGfKlhG4OhxGcHQ1LjsPhbn9PAs6yub8uBIQV+WOITJiFPfiXla MAY+JqzvzGX2LhALpkU0XdqHL5gkdXEGZTM0VgFsufneau0CNKNBUlQhQV5Y8r+f /UPeTbO0/1Ze+UsXX5MhfCon5PORxODF0AbZXk9NTkQEjIAoUwxUJ3fTiM+ziTj8 rx9IEFfwRuTQYTdE3QH4rq9Bp0CPq9RCk4PwGKd3fSW5rLowaEONtmq7GrAY1bBQ n/46TWwYSRHi/1fQqEKy44yMnTbnMc8mxUBZebAAx2gpjaabeIKiTexuwW6oK6IF /RkZDnwTI6sfLg== -----END CERTIFICATE-----Generated at Sat Dec 6 23:37:47 2025 by rpki-client