This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft File: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json) Hash identifier: LiwoKEXyndmTfVP581DS7DmeGkmuwgNgAJ+GhgjK0Fk= Subject key identifier: F2:14:07:83:0E:E7:2C:28:8A:F0:F0:2A:47:58:DC:DA:B7:A8:63:5B Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 Certificate issuer: /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Certificate serial: 019AF50A979F80CA99CD698CE0108C5F1F6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft Manifest number: 0B6F Signing time: Sat 06 Dec 2025 19:01:43 +0000 Manifest this update: Sat 06 Dec 2025 19:01:43 +0000 Manifest next update: Sun 07 Dec 2025 19:01:43 +0000 Files and hashes: 1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: QX4ehCJ2c5SxE2tpCUzGXiyyL1CMoZUUf1Idf+jQEfg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:97:9f:80:ca:99:cd:69:8c:e0:10:8c:5f:1f:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33 Validity Not Before: Dec 6 19:01:43 2025 GMT Not After : Dec 7 19:01:43 2025 GMT Subject: CN=f21407830ee72c288af0f02a4758dcdab7a8635b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:89:00:10:0d:3e:eb:11:bc:1b:07:34:31:5e: 11:c7:1c:e1:94:f8:09:e9:01:e4:92:1d:bf:32:b6: ed:67:23:72:41:4e:4c:de:c7:36:60:5a:64:4e:67: 91:58:86:7e:e6:19:d4:52:8f:80:82:8a:06:6a:99: 46:10:65:ba:64:36:7e:57:64:d3:68:68:11:5a:9e: a0:18:db:ee:95:1d:93:1c:74:eb:fb:a4:75:83:d8: 0e:3e:15:a0:f6:42:a5:f4:a6:95:c5:53:a9:9c:b2: e2:3b:d3:83:4c:d3:8b:4f:7a:16:d5:f7:27:f6:28: ca:db:63:06:2f:41:ff:ea:de:e4:45:54:20:a4:85: d8:dd:44:95:5b:e6:06:31:aa:49:d2:61:35:25:fc: 32:a4:dd:50:ae:1d:02:ec:51:60:76:f3:9b:13:4b: 00:35:4b:f7:dd:f6:fb:07:26:79:56:b6:5f:5a:45: c1:68:0a:e3:d5:94:74:5f:c8:67:3f:99:e3:24:e6: 18:6d:9d:5b:70:36:c5:c4:92:c9:1c:f0:2f:55:23: 63:a9:dd:ab:df:4a:b5:f6:e5:c5:23:53:06:d1:e6: 16:b6:d9:bf:16:13:34:53:6d:d8:77:c3:14:84:fb: 36:c6:11:a1:44:6c:88:5e:89:74:58:0b:33:f4:f2: 16:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:14:07:83:0E:E7:2C:28:8A:F0:F0:2A:47:58:DC:DA:B7:A8:63:5B X509v3 Authority Key Identifier: keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d5:37:b3:ab:6e:ad:d9:3e:14:25:b8:35:55:ee:06:1b:b5:3a: fb:1c:4b:8c:6b:d6:c8:f8:81:00:55:2a:41:14:31:6f:73:ef: af:c2:55:88:35:f7:3b:b2:0d:12:d5:7d:58:53:21:08:b8:85: e9:38:81:51:c2:90:e8:88:f0:50:6c:9b:fc:54:b2:66:05:99: e4:dd:fd:e7:c2:bd:09:57:81:01:ba:bd:6d:19:a1:9f:bf:29: 46:37:26:52:0e:00:8a:58:65:5c:7d:41:00:0b:40:d9:ce:04: 1c:72:69:2e:27:ff:38:c9:af:88:5d:0a:a3:3b:54:bc:8a:27: 35:42:95:06:26:da:db:90:72:7a:1a:ed:93:91:dc:a1:73:d1: 79:18:ec:38:37:84:04:82:a5:42:5a:05:90:a0:17:94:02:87: c1:9c:24:ad:56:41:67:d8:b8:82:3a:7a:ab:8b:03:95:e5:17: 2d:6f:4b:31:50:6b:2f:69:77:01:3d:e9:59:09:43:a4:5c:99: 36:af:c1:3c:65:e1:e6:49:9f:a5:b1:5a:47:b9:20:90:83:2a: aa:31:90:50:ac:a2:fa:40:ad:b8:dd:da:00:67:4b:dd:b7:56: cd:b3:f9:c6:50:11:d5:a1:33:d8:52:73:40:4a:45:c1:6d:c4: 0e:4c:e4:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CpefgMqZzWmM4BCMXx9vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh MmJiMzMwHhcNMjUxMjA2MTkwMTQzWhcNMjUxMjA3MTkwMTQzWjAzMTEwLwYDVQQD EyhmMjE0MDc4MzBlZTcyYzI4OGFmMGYwMmE0NzU4ZGNkYWI3YTg2MzViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArokAEA0+6xG8Gwc0MV4RxxzhlPgJ 6QHkkh2/MrbtZyNyQU5M3sc2YFpkTmeRWIZ+5hnUUo+AgooGaplGEGW6ZDZ+V2TT aGgRWp6gGNvulR2THHTr+6R1g9gOPhWg9kKl9KaVxVOpnLLiO9ODTNOLT3oW1fcn 9ijK22MGL0H/6t7kRVQgpIXY3USVW+YGMapJ0mE1JfwypN1Qrh0C7FFgdvObE0sA NUv33fb7ByZ5VrZfWkXBaArj1ZR0X8hnP5njJOYYbZ1bcDbFxJLJHPAvVSNjqd2r 30q19uXFI1MG0eYWttm/FhM0U23Yd8MUhPs2xhGhRGyIXol0WAsz9PIW3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPIUB4MO5ywoivDwKkdY3Nq3qGNbMB8GA1UdIwQY MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1Tezq26t 2T4UJbg1Ve4GG7U6+xxLjGvWyPiBAFUqQRQxb3Pvr8JViDX3O7INEtV9WFMhCLiF 6TiBUcKQ6IjwUGyb/FSyZgWZ5N3958K9CVeBAbq9bRmhn78pRjcmUg4AilhlXH1B AAtA2c4EHHJpLif/OMmviF0KoztUvIonNUKVBiba25Byehrtk5HcoXPReRjsODeE BIKlQloFkKAXlAKHwZwkrVZBZ9i4gjp6q4sDleUXLW9LMVBrL2l3AT3pWQlDpFyZ Nq/BPGXh5kmfpbFaR7kgkIMqqjGQUKyi+kCtuN3aAGdL3bdWzbP5xlAR1aEz2FJz QEpFwW3EDkzk8Q== -----END CERTIFICATE-----Generated at Sun Dec 7 00:05:39 2025 by rpki-client