This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft File: oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json) Hash identifier: Op8iIAxdcSftTlQaaq8eSPtmTo4/nka2my+82gDDzMg= Subject key identifier: E3:09:DE:69:1E:32:96:EC:39:50:6A:E7:8A:19:3E:C6:E7:7E:13:96 Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd Certificate serial: 019AF1D20D420908261C5F075AB9A0FB7171 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft Manifest number: 0FAF Signing time: Sat 06 Dec 2025 04:01:06 +0000 Manifest this update: Sat 06 Dec 2025 04:01:06 +0000 Manifest next update: Sun 07 Dec 2025 04:01:06 +0000 Files and hashes: 1: 39kht1dMkPPkyzVEUtQczwfTvnI.roa (hash: nGaIvUiJ54BR8itFDRSZZFTb/ADjvMX1q4ZciY7jeK8=) 2: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=) 3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: bDy4lJJKgeZDqOOTmSHtURsOLgb4n8GCD6hTJAFx474=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:0d:42:09:08:26:1c:5f:07:5a:b9:a0:fb:71:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd Validity Not Before: Dec 6 04:01:06 2025 GMT Not After : Dec 7 04:01:06 2025 GMT Subject: CN=e309de691e3296ec39506ae78a193ec6e77e1396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fe:af:f0:0d:6d:3f:e5:25:ba:5e:9b:38:b1: 52:b1:31:e4:0c:58:a6:d8:6a:6a:34:80:38:d8:b4: 88:b7:82:1f:68:98:90:44:f5:fc:03:ee:7f:bd:fb: 32:18:2d:4a:28:ae:d5:b9:1c:e1:cf:a6:e7:b2:e7: ff:b7:c6:8c:09:7d:86:7f:6f:c8:7c:88:9c:f5:ce: 97:3a:49:a2:33:27:33:18:af:9e:d7:e2:46:04:e9: 94:25:9c:f3:cf:fe:0a:88:d5:74:68:fc:d4:4a:b7: 93:b0:5d:20:49:81:4f:eb:df:f5:08:4f:a8:b6:47: eb:60:4b:a3:77:ae:cc:95:99:62:11:d1:c7:4e:b0: 95:6e:92:aa:8c:8e:8e:31:73:4d:2c:50:8d:f2:68: 6a:28:1d:78:1d:13:d4:83:cc:e1:2d:d9:65:08:3c: fe:ec:c5:7c:7e:6f:70:e9:6e:dc:7d:46:ce:02:f1: fb:2a:5b:68:11:c1:98:0d:65:60:15:49:58:18:b4: b8:2e:05:6c:4f:12:ac:d0:6c:77:6f:66:d8:37:76: d5:9c:59:d9:b6:0a:c1:7d:06:3f:31:8a:17:5a:54: 94:e3:14:e5:01:ef:7f:8a:64:4e:2e:a8:2a:a2:a8: bd:42:56:70:af:db:74:5d:89:3f:94:7a:e0:f8:4a: 8f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:09:DE:69:1E:32:96:EC:39:50:6A:E7:8A:19:3E:C6:E7:7E:13:96 X509v3 Authority Key Identifier: keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:b5:59:d7:58:e0:eb:2a:61:e7:1a:ec:3c:b7:1b:79:7f:a5: f6:f7:47:0d:61:32:47:a0:2f:df:ab:0e:bf:e5:e6:1b:31:b2: 4c:2f:30:f3:60:95:1e:bb:d5:aa:61:54:4d:a5:45:fe:7e:d9: 36:df:b8:e1:b9:ad:6d:57:27:80:70:f4:12:f7:ae:9a:a3:ea: 99:4c:49:27:33:9c:64:65:54:c7:eb:40:23:6a:6f:f9:e9:d0: 74:bf:ac:83:22:e2:d0:99:74:8b:81:4f:04:0f:6b:0b:7a:4c: 7d:23:e7:47:59:3d:8f:39:ff:de:7d:d0:83:73:67:a2:fd:14: 07:c0:d2:17:84:e9:cd:04:12:e1:e7:10:f0:60:11:79:1c:98: 2b:57:e0:00:03:3e:29:35:c2:e1:42:a8:38:c7:34:e5:af:44: a1:46:df:9e:cc:17:fc:c2:8c:69:81:69:78:d9:b8:34:b6:41: 75:17:89:28:53:6b:b7:a5:91:e4:a1:9d:b1:cc:80:f4:d7:a5: 52:1e:c3:79:28:5c:9b:18:a5:0b:ec:66:11:c9:2f:6a:9e:8c: 45:73:66:36:c8:2a:22:c3:80:ba:2c:df:3e:91:a6:6a:ce:56: fb:ba:ea:d8:75:f3:cb:8b:65:c8:fa:88:0a:0a:72:4f:b9:fc: 98:ce:e7:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0g1CCQgmHF8HWrmg+3FxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz N2NhY2QwHhcNMjUxMjA2MDQwMTA2WhcNMjUxMjA3MDQwMTA2WjAzMTEwLwYDVQQD EyhlMzA5ZGU2OTFlMzI5NmVjMzk1MDZhZTc4YTE5M2VjNmU3N2UxMzk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP6v8A1tP+Ulul6bOLFSsTHkDFim 2GpqNIA42LSIt4IfaJiQRPX8A+5/vfsyGC1KKK7VuRzhz6bnsuf/t8aMCX2Gf2/I fIic9c6XOkmiMyczGK+e1+JGBOmUJZzzz/4KiNV0aPzUSreTsF0gSYFP69/1CE+o tkfrYEujd67MlZliEdHHTrCVbpKqjI6OMXNNLFCN8mhqKB14HRPUg8zhLdllCDz+ 7MV8fm9w6W7cfUbOAvH7KltoEcGYDWVgFUlYGLS4LgVsTxKs0Gx3b2bYN3bVnFnZ tgrBfQY/MYoXWlSU4xTlAe9/imROLqgqoqi9QlZwr9t0XYk/lHrg+EqPVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOMJ3mkeMpbsOVBq54oZPsbnfhOWMB8GA1UdIwQY MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4 LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACLVZ11jg 6yph5xrsPLcbeX+l9vdHDWEyR6Av36sOv+XmGzGyTC8w82CVHrvVqmFUTaVF/n7Z Nt+44bmtbVcngHD0EveumqPqmUxJJzOcZGVUx+tAI2pv+enQdL+sgyLi0Jl0i4FP BA9rC3pMfSPnR1k9jzn/3n3Qg3Nnov0UB8DSF4TpzQQS4ecQ8GAReRyYK1fgAAM+ KTXC4UKoOMc05a9EoUbfnswX/MKMaYFpeNm4NLZBdReJKFNrt6WR5KGdscyA9Nel Uh7DeShcmxilC+xmEckvap6MRXNmNsgqIsOAuizfPpGmas5W+7rq2HXzy4tlyPqI CgpyT7n8mM7ncQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:28 2025 by rpki-client