This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft File: ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json) Hash identifier: Tm0nurUzLpwKfz/LXnt4bnzuW5617cWYnpK7pas748c= Subject key identifier: 89:75:A4:68:59:A5:B8:5E:07:FD:2D:2F:E9:37:7A:CB:5E:08:D5:B6 Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0 Certificate issuer: /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0 Certificate serial: 019AF2771E6026126D5A1E876D4BA74AE01E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft Manifest number: 13A8 Signing time: Sat 06 Dec 2025 07:01:24 +0000 Manifest this update: Sat 06 Dec 2025 07:01:24 +0000 Manifest next update: Sun 07 Dec 2025 07:01:24 +0000 Files and hashes: 1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: daCDnJasOy0auas0Hylm5lvHvZbaUAscQPj0jc3HUpA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:1e:60:26:12:6d:5a:1e:87:6d:4b:a7:4a:e0:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0 Validity Not Before: Dec 6 07:01:24 2025 GMT Not After : Dec 7 07:01:24 2025 GMT Subject: CN=8975a46859a5b85e07fd2d2fe9377acb5e08d5b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a1:f2:95:2c:d7:8a:b3:44:8a:7e:18:96:1a: 06:4d:51:ba:2d:5d:d0:44:31:82:5a:30:d4:d4:1f: e9:73:40:84:bf:4f:d2:63:4f:47:2c:6a:75:49:69: ea:c5:92:5a:c4:92:e1:f7:db:f4:1e:b1:51:a8:2a: 33:14:37:b0:ed:6c:3f:29:c1:01:32:4e:2e:c4:e5: fc:d7:a4:56:cf:ef:3d:25:53:cc:ad:de:00:16:8a: 4f:68:c2:48:99:74:24:e1:e5:02:31:69:c9:f2:ba: 95:0a:7b:45:79:db:72:b6:87:72:bc:57:c9:22:6a: 8b:5e:86:4a:62:d8:16:05:14:2c:21:1e:b1:c5:a9: 12:f1:86:36:00:f6:34:8e:0e:21:6b:31:ea:da:6f: 74:42:ec:03:65:b8:82:26:01:e8:55:bb:17:a9:78: b6:c5:77:f8:9a:57:3b:03:69:e5:58:bf:d9:d7:dd: f5:07:b2:dc:db:0d:f8:7b:65:f2:be:ab:78:94:67: 58:a0:0d:4e:72:39:ec:51:e5:07:5b:1f:eb:7e:f2: ad:51:e5:37:c8:b9:c8:57:56:60:db:2d:0f:cd:9a: aa:a9:b3:d8:a6:fe:cd:3d:96:fc:01:8c:eb:d9:d7: e3:54:00:10:56:a6:64:4e:4f:86:c8:7b:23:4d:4e: 39:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:75:A4:68:59:A5:B8:5E:07:FD:2D:2F:E9:37:7A:CB:5E:08:D5:B6 X509v3 Authority Key Identifier: keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:0f:2c:15:81:8e:60:5a:d3:16:54:ff:75:b2:4f:6e:7e:64: db:87:c1:e5:70:cc:79:42:d3:3b:02:f7:20:a7:ba:06:12:a4: 6e:83:7e:43:0f:a9:c8:6d:6a:5e:1d:f0:0c:01:fd:27:56:79: 2b:34:07:5d:2c:09:38:0c:c8:cf:e4:bd:27:65:73:62:3a:3f: 05:c6:de:57:56:ce:f9:02:46:d3:ce:f2:a8:6a:3d:c9:c9:93: f2:0b:9c:6d:42:7e:42:b1:11:e1:6e:3e:82:91:c1:9a:0a:fc: ff:88:07:10:a0:30:9d:b5:99:73:fb:0b:2b:ff:eb:06:1a:13: 42:35:64:8b:59:7b:89:48:60:ad:bb:7d:e0:26:5c:ba:2c:db: 8c:02:d7:7f:19:ea:18:86:77:67:43:1b:f0:3c:eb:3e:9d:ee: ac:13:bc:1d:8e:05:8d:f5:97:8b:b5:3f:28:01:27:20:61:d8: d8:54:6f:87:f4:8f:1f:d0:a4:04:68:07:6d:17:af:3f:70:44: 5e:f7:3b:54:ec:a9:90:ac:75:1c:8a:0e:0c:56:d6:4a:59:0b: b0:76:10:8b:49:ac:eb:fd:0e:b4:29:cd:b4:85:ce:a3:bd:bc: 67:39:a2:7e:9e:b7:95:28:0b:73:a5:8e:66:55:c6:2f:76:64: e7:bf:0f:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydx5gJhJtWh6HbUunSuAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2 ZDkzZTAwHhcNMjUxMjA2MDcwMTI0WhcNMjUxMjA3MDcwMTI0WjAzMTEwLwYDVQQD Eyg4OTc1YTQ2ODU5YTViODVlMDdmZDJkMmZlOTM3N2FjYjVlMDhkNWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKHylSzXirNEin4YlhoGTVG6LV3Q RDGCWjDU1B/pc0CEv0/SY09HLGp1SWnqxZJaxJLh99v0HrFRqCozFDew7Ww/KcEB Mk4uxOX816RWz+89JVPMrd4AFopPaMJImXQk4eUCMWnJ8rqVCntFedtytodyvFfJ ImqLXoZKYtgWBRQsIR6xxakS8YY2APY0jg4hazHq2m90QuwDZbiCJgHoVbsXqXi2 xXf4mlc7A2nlWL/Z1931B7Lc2w34e2Xyvqt4lGdYoA1OcjnsUeUHWx/rfvKtUeU3 yLnIV1Zg2y0PzZqqqbPYpv7NPZb8AYzr2dfjVAAQVqZkTk+GyHsjTU45UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIl1pGhZpbheB/0tL+k3esteCNW2MB8GA1UdIwQY MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2 LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATQ8sFYGO YFrTFlT/dbJPbn5k24fB5XDMeULTOwL3IKe6BhKkboN+Qw+pyG1qXh3wDAH9J1Z5 KzQHXSwJOAzIz+S9J2VzYjo/BcbeV1bO+QJG087yqGo9ycmT8gucbUJ+QrER4W4+ gpHBmgr8/4gHEKAwnbWZc/sLK//rBhoTQjVki1l7iUhgrbt94CZcuizbjALXfxnq GIZ3Z0Mb8DzrPp3urBO8HY4FjfWXi7U/KAEnIGHY2FRvh/SPH9CkBGgHbRevP3BE Xvc7VOypkKx1HIoODFbWSlkLsHYQi0ms6/0OtCnNtIXOo728Zzmifp63lSgLc6WO ZlXGL3Zk578PWQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:17:24 2025 by rpki-client