This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft File: OSG38e7pDZnilCGKk4dTweotwmc.mft (raw, json) Hash identifier: B38ygPe8Va3M/HHhnhGj3jQtY3q3+X3hu6ZCPaJAMdY= Subject key identifier: C8:F8:3A:67:B7:76:7B:1F:12:63:56:71:24:24:AC:80:58:3A:90:F7 Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67 Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267 Certificate serial: 019AF24014FF8E671B3FF1169925142F20BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft Manifest number: 16F0 Signing time: Sat 06 Dec 2025 06:01:17 +0000 Manifest this update: Sat 06 Dec 2025 06:01:17 +0000 Manifest next update: Sun 07 Dec 2025 06:01:17 +0000 Files and hashes: 1: OSG38e7pDZnilCGKk4dTweotwmc.crl (hash: zu5OjSnrfTmsAU1TpInSujPoFWdaYJPUXdWTZjjVxog=) 2: oHES2kIQSwcnceUnSAnzOBK0UoA.roa (hash: R0HeMmAONLyIzPgR+arZikegwIRj9xGz1jODUH2wdeA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:14:ff:8e:67:1b:3f:f1:16:99:25:14:2f:20:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267 Validity Not Before: Dec 6 06:01:17 2025 GMT Not After : Dec 7 06:01:17 2025 GMT Subject: CN=c8f83a67b7767b1f126356712424ac80583a90f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:43:82:86:d0:ac:fb:9e:8e:d3:e0:2e:c7:fa: 8d:f9:f6:79:51:54:a1:6d:f0:5a:d5:53:9c:63:a7: 2b:dc:06:a9:1e:5a:42:2b:67:a1:fd:ef:6d:75:c5: 1c:d1:0b:e2:65:5c:87:82:b8:0c:6b:a5:05:3e:65: 48:cb:a0:8f:85:56:c6:bd:03:6e:f1:56:2c:9f:a8: 2e:e7:93:58:22:e9:48:35:de:08:25:71:9e:ca:cf: 23:5b:f7:e4:c0:a5:7a:ce:d3:2d:fd:51:e0:44:36: 24:78:df:17:14:b0:b1:99:f0:2e:6f:2a:ca:0b:c1: 73:df:04:79:ea:17:cd:07:29:5c:59:d0:2b:aa:a1: 96:d6:f2:17:a6:b6:4b:d9:e9:35:ed:23:20:5f:13: 12:79:ac:14:76:25:46:73:09:27:a0:e8:0d:75:6f: aa:db:ea:ac:f7:87:84:fa:70:99:3e:b9:45:d7:04: cd:10:73:2c:9c:ad:fb:74:9d:a2:b1:a3:45:b6:1c: 00:84:57:72:26:8d:98:1f:31:fc:31:35:2d:35:f1: 7f:5d:6d:59:7e:17:e8:98:04:92:11:2b:0e:a1:93: 8c:e4:af:00:ab:ca:58:8f:fe:05:74:ba:ab:2f:c3: 7a:12:b3:49:95:20:42:96:18:48:99:7b:e6:13:4f: 9f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:F8:3A:67:B7:76:7B:1F:12:63:56:71:24:24:AC:80:58:3A:90:F7 X509v3 Authority Key Identifier: keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:8f:39:aa:d9:98:c0:bb:74:43:8b:1b:41:6c:ea:5e:e0:da: 52:4b:c4:bf:07:41:b1:2a:21:cd:02:29:01:24:dd:d7:1b:9a: 1e:58:ac:5f:09:ed:3f:1e:f8:5c:d2:d1:6b:d2:fa:d8:f5:d7: 58:8c:b6:7f:bc:c4:86:92:28:3d:4c:51:89:b3:7d:40:92:42: 02:49:ab:61:ca:ee:fb:cb:a9:4f:1e:3a:10:04:2b:f6:17:c5: d7:db:09:de:76:39:1a:76:a2:03:ee:10:e5:8d:a8:2a:aa:61: 56:07:94:27:ff:6a:db:44:2e:71:47:6e:81:76:cd:5c:1a:41: ec:0f:23:8a:31:26:51:6e:77:77:58:27:57:34:d8:ba:3f:a5: 96:b0:8a:b5:c0:37:62:6f:76:a1:7c:95:24:be:a4:c4:58:d7: e1:81:fa:10:b6:ef:e2:f5:e4:3e:c2:4c:a7:e7:79:87:65:51: e2:79:a0:b6:60:c2:13:e7:29:00:7f:e4:a2:d1:3b:1c:d3:d4: 9b:97:b5:3a:c5:fa:02:68:5a:e4:6c:39:9b:08:75:a3:c6:01: d2:d5:6e:80:93:08:98:fd:dc:4f:74:67:e1:ce:a0:cf:fe:a4: 21:e6:b9:d5:83:45:3e:8e:09:54:d0:1c:56:19:d2:f7:ed:32: a7:c6:50:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQBT/jmcbP/EWmSUULyC9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy ZGMyNjcwHhcNMjUxMjA2MDYwMTE3WhcNMjUxMjA3MDYwMTE3WjAzMTEwLwYDVQQD EyhjOGY4M2E2N2I3NzY3YjFmMTI2MzU2NzEyNDI0YWM4MDU4M2E5MGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkOChtCs+56O0+Aux/qN+fZ5UVSh bfBa1VOcY6cr3AapHlpCK2eh/e9tdcUc0QviZVyHgrgMa6UFPmVIy6CPhVbGvQNu 8VYsn6gu55NYIulINd4IJXGeys8jW/fkwKV6ztMt/VHgRDYkeN8XFLCxmfAubyrK C8Fz3wR56hfNBylcWdArqqGW1vIXprZL2ek17SMgXxMSeawUdiVGcwknoOgNdW+q 2+qs94eE+nCZPrlF1wTNEHMsnK37dJ2isaNFthwAhFdyJo2YHzH8MTUtNfF/XW1Z fhfomASSESsOoZOM5K8Aq8pYj/4FdLqrL8N6ErNJlSBClhhImXvmE0+f5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMj4Ome3dnsfEmNWcSQkrIBYOpD3MB8GA1UdIwQY MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt MjQ0MWUxMGY2ZjhmLzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFI85qtmY wLt0Q4sbQWzqXuDaUkvEvwdBsSohzQIpASTd1xuaHlisXwntPx74XNLRa9L62PXX WIy2f7zEhpIoPUxRibN9QJJCAkmrYcru+8upTx46EAQr9hfF19sJ3nY5GnaiA+4Q 5Y2oKqphVgeUJ/9q20QucUdugXbNXBpB7A8jijEmUW53d1gnVzTYuj+llrCKtcA3 Ym92oXyVJL6kxFjX4YH6ELbv4vXkPsJMp+d5h2VR4nmgtmDCE+cpAH/kotE7HNPU m5e1OsX6Amha5Gw5mwh1o8YB0tVugJMImP3cT3Rn4c6gz/6kIea51YNFPo4JVNAc VhnS9+0yp8ZQgw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:16 2025 by rpki-client