This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft File: kOphmXVeYwDwQCwqCO1DegpzAB4.mft (raw, json) Hash identifier: PZ/zw6Om4awPj+/VIg7xDRMLIzaOPM/ApFlOB/FQl6s= Subject key identifier: 0B:15:5C:61:37:E4:77:1E:7C:C3:25:40:62:59:97:A9:3D:D3:3D:76 Authority key identifier: 90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E Certificate issuer: /CN=90ea6199755e6300f0402c2a08ed437a0a73001e Certificate serial: 019AF19B7B4AC0953463930C7EBE6BBE58B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 03:01:29 +0000 Manifest this update: Sat 06 Dec 2025 03:01:29 +0000 Manifest next update: Sun 07 Dec 2025 03:01:29 +0000 Files and hashes: 1: kOphmXVeYwDwQCwqCO1DegpzAB4.crl (hash: 6S++JQSuHTw/pk7ykLZByTaZKf5pTzjHnW2AD6CqWFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:7b:4a:c0:95:34:63:93:0c:7e:be:6b:be:58:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90ea6199755e6300f0402c2a08ed437a0a73001e Validity Not Before: Dec 6 03:01:29 2025 GMT Not After : Dec 7 03:01:29 2025 GMT Subject: CN=0b155c6137e4771e7cc32540625997a93dd33d76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:42:c7:f2:d6:67:6d:de:63:6a:88:0b:84:7a: 95:62:0a:5f:b9:71:0e:67:95:2d:42:65:06:3f:c7: aa:3e:07:33:f3:2c:fc:ca:30:3b:7c:13:93:89:92: 90:7d:2e:ea:db:3a:92:92:19:42:19:12:79:00:65: 08:84:e1:ed:7b:e0:88:8f:47:71:9d:02:a1:2f:09: 5b:62:16:c2:9b:9f:b3:fc:8d:c1:ef:12:9b:d5:67: fe:4b:77:6c:df:0b:2e:bb:58:51:b5:6c:34:36:2e: 45:3f:89:7b:74:e5:ad:26:87:25:4c:94:d6:50:7d: 5e:39:0e:84:98:0c:f3:1c:a0:90:d3:b7:99:38:02: d9:82:5a:2f:53:40:0e:e3:a3:b6:1f:f2:cd:97:72: a1:50:21:fa:08:6c:62:b9:de:d4:3b:54:79:e7:8a: fc:b6:49:87:b0:7a:84:d9:2c:61:59:d6:7e:2c:96: 6c:50:3b:89:80:27:69:a9:e6:30:cd:c7:f3:95:b4: 85:5f:90:b3:e8:a9:97:1e:0d:c9:50:12:08:55:f3: 60:c0:c8:f2:81:a2:f8:96:02:b0:36:9e:4a:54:7d: bb:4e:f0:38:31:19:53:9f:ee:42:45:31:4a:38:5a: 2a:30:e1:f6:1c:13:4c:f9:46:33:71:d4:4e:40:e9: 45:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:15:5C:61:37:E4:77:1E:7C:C3:25:40:62:59:97:A9:3D:D3:3D:76 X509v3 Authority Key Identifier: keyid:90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:6b:5a:ed:eb:3c:6e:e9:98:7c:28:39:66:05:5a:a9:02:1a: 30:9c:14:d6:57:5e:ba:e8:4d:2b:e5:45:e3:8a:ad:a0:da:f3: e2:97:11:93:69:0a:d4:4a:cf:8e:19:f1:c4:08:1b:10:4d:24: 2b:cf:71:4f:0e:9f:3d:c5:61:6e:f9:39:c5:49:d9:1a:7d:53: 10:a1:ba:c2:0c:f9:90:d6:38:a5:f1:16:1c:13:a0:ae:58:66: d2:6a:d1:a3:6c:8c:1e:9e:d8:95:b9:06:b0:40:70:e2:c9:e2: 06:24:e3:39:c8:8f:63:44:28:89:a2:f2:97:dd:79:47:f2:55: 28:1c:7a:e7:0e:1f:ea:cc:66:4c:53:51:09:6d:aa:e7:b3:59: 69:2e:be:fa:0c:00:67:06:75:70:c4:d5:82:90:be:09:97:36: 28:e7:4f:8e:a1:19:b3:4c:5c:e8:28:47:8e:4f:b2:32:d6:43: 30:8f:1e:fd:b3:fa:5c:1d:24:1f:78:55:bc:4c:93:9c:09:8f: 74:83:ff:87:5c:ba:7f:7d:d0:a3:d5:32:88:d1:17:9b:21:2d: 15:30:bc:ff:bc:b2:00:68:8c:3e:7b:7d:df:72:7a:3d:2e:af: 17:c0:f5:e5:41:c1:51:25:ca:49:13:45:46:b1:e8:e7:37:50: d4:cb:26:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm3tKwJU0Y5MMfr5rvliwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZWE2MTk5NzU1ZTYzMDBmMDQwMmMyYTA4ZWQ0MzdhMGE3 MzAwMWUwHhcNMjUxMjA2MDMwMTI5WhcNMjUxMjA3MDMwMTI5WjAzMTEwLwYDVQQD EygwYjE1NWM2MTM3ZTQ3NzFlN2NjMzI1NDA2MjU5OTdhOTNkZDMzZDc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0LH8tZnbd5jaogLhHqVYgpfuXEO Z5UtQmUGP8eqPgcz8yz8yjA7fBOTiZKQfS7q2zqSkhlCGRJ5AGUIhOHte+CIj0dx nQKhLwlbYhbCm5+z/I3B7xKb1Wf+S3ds3wsuu1hRtWw0Ni5FP4l7dOWtJoclTJTW UH1eOQ6EmAzzHKCQ07eZOALZglovU0AO46O2H/LNl3KhUCH6CGxiud7UO1R554r8 tkmHsHqE2SxhWdZ+LJZsUDuJgCdpqeYwzcfzlbSFX5Cz6KmXHg3JUBIIVfNgwMjy gaL4lgKwNp5KVH27TvA4MRlTn+5CRTFKOFoqMOH2HBNM+UYzcdROQOlFfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAsVXGE35HcefMMlQGJZl6k90z12MB8GA1UdIwQY MBaAFJDqYZl1XmMA8EAsKgjtQ3oKcwAeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZDJhOGYtY2Y5MC00NmZiLTgyNTkt YzM5ODA4ZDAzYTE4LzEva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi82ZDJhOGYtY2Y5MC00NmZiLTgyNTktYzM5ODA4ZDAzYTE4 LzEva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFmta7es8 bumYfCg5ZgVaqQIaMJwU1ldeuuhNK+VF44qtoNrz4pcRk2kK1ErPjhnxxAgbEE0k K89xTw6fPcVhbvk5xUnZGn1TEKG6wgz5kNY4pfEWHBOgrlhm0mrRo2yMHp7YlbkG sEBw4sniBiTjOciPY0QoiaLyl915R/JVKBx65w4f6sxmTFNRCW2q57NZaS6++gwA ZwZ1cMTVgpC+CZc2KOdPjqEZs0xc6ChHjk+yMtZDMI8e/bP6XB0kH3hVvEyTnAmP dIP/h1y6f33Qo9UyiNEXmyEtFTC8/7yyAGiMPnt933J6PS6vF8D15UHBUSXKSRNF RrHo5zdQ1MsmTg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:07:49 2025 by rpki-client