This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft File: oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json) Hash identifier: DfQUiefDoxKBQwlR/a5IiJPPclTlzSfz71ebuAViFA8= Subject key identifier: 3E:05:80:39:1C:B4:73:A3:02:3D:FB:0D:D4:F2:2D:C5:2A:2B:FF:75 Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10 Certificate issuer: /CN=a223d15344c02a551e63f831c604f80dbec4ba10 Certificate serial: 019AF50AAFF66D58DCBCDF6D92547F3DE8D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft Manifest number: 0BB8 Signing time: Sat 06 Dec 2025 19:01:49 +0000 Manifest this update: Sat 06 Dec 2025 19:01:49 +0000 Manifest next update: Sun 07 Dec 2025 19:01:49 +0000 Files and hashes: 1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: kaH4wW6TlrmYmcXpj5L7cBqOAjGX5JqzN5f1y84/734=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:af:f6:6d:58:dc:bc:df:6d:92:54:7f:3d:e8:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10 Validity Not Before: Dec 6 19:01:49 2025 GMT Not After : Dec 7 19:01:49 2025 GMT Subject: CN=3e0580391cb473a3023dfb0dd4f22dc52a2bff75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:61:04:6e:77:af:01:27:fc:f7:d7:71:15:92: 8d:ac:50:77:ae:d2:71:77:8a:21:05:4c:c6:86:a1: 29:6a:49:40:74:6f:74:21:72:73:04:84:d3:0c:f0: 2a:4a:38:d7:0b:fa:e1:e7:37:38:00:8d:0e:f1:54: c2:f2:db:ac:0e:72:d4:8c:ea:bf:5d:18:8e:61:e2: 96:91:43:f5:b4:1f:2c:00:0d:08:74:77:ec:64:4a: 12:e1:78:da:f5:99:d5:ba:c2:5c:38:72:6d:05:fa: 1a:75:51:da:6d:f3:8d:dc:3a:05:ed:8e:25:be:00: c7:3a:7e:4b:03:fb:59:23:ae:db:26:c1:05:3a:08: 98:15:9c:2b:02:d0:db:4e:44:63:cf:14:c2:d6:96: 65:a0:39:44:a5:4d:72:7e:f5:f9:bf:5c:73:4e:91: 9d:68:d9:7b:0c:a8:cd:51:97:05:4e:ae:34:d9:ae: 5b:8b:12:92:10:4b:6d:11:9b:c1:f1:9d:e4:4f:63: a5:2c:a1:0a:f2:43:6b:28:e7:6c:c3:95:c3:34:b6: 15:4e:d7:c2:28:c5:81:68:29:f4:ca:46:13:ee:75: 3b:a5:3e:7e:b6:d8:a0:24:f3:7f:60:70:fa:41:44: 7d:85:be:69:8d:cc:ab:15:b8:a0:5b:15:b9:2b:c4: cd:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:05:80:39:1C:B4:73:A3:02:3D:FB:0D:D4:F2:2D:C5:2A:2B:FF:75 X509v3 Authority Key Identifier: keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:05:6b:42:5e:db:24:36:41:ad:9b:25:4c:c4:be:3e:03:25: e0:1e:49:b6:84:77:6f:f3:36:1f:56:bd:30:aa:1b:e1:40:fa: 84:a0:95:6d:15:db:97:2f:85:c9:60:93:5e:ee:19:5d:42:a8: 73:b4:22:2d:48:c4:18:75:e3:11:b4:bf:97:18:89:79:68:db: c2:84:0d:90:1e:44:9c:bf:d0:c0:1e:d3:9c:b3:32:cb:f7:22: 19:3b:13:ea:12:c1:e0:e8:7e:ae:8f:02:c0:9c:2b:a5:fa:20: eb:11:35:aa:ec:e1:c6:a4:82:61:3d:04:13:aa:6f:9d:89:9e: aa:4f:4c:9d:2a:fd:46:a3:c4:2d:c5:71:08:ba:5e:ae:24:dd: 83:30:21:93:18:5c:60:e4:82:19:13:52:1b:0e:8e:fe:78:b1: 09:4c:2b:bd:c3:95:8f:7b:ac:ff:31:2b:e9:23:9f:36:7e:4f: b0:f0:36:d7:13:85:bf:bb:e0:91:52:49:66:89:1e:3d:15:6b: 45:44:d5:6e:1a:1b:46:42:69:01:03:7e:59:03:90:af:33:7a: d8:4e:7b:7b:11:fc:b8:1d:2b:84:d4:00:f5:7d:a4:24:02:1c: bc:65:de:08:be:b0:29:6e:8a:63:53:ac:1c:49:fe:cd:29:ca: 97:32:12:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cq/2bVjcvN9tklR/PejTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj NGJhMTAwHhcNMjUxMjA2MTkwMTQ5WhcNMjUxMjA3MTkwMTQ5WjAzMTEwLwYDVQQD EygzZTA1ODAzOTFjYjQ3M2EzMDIzZGZiMGRkNGYyMmRjNTJhMmJmZjc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2EEbnevASf899dxFZKNrFB3rtJx d4ohBUzGhqEpaklAdG90IXJzBITTDPAqSjjXC/rh5zc4AI0O8VTC8tusDnLUjOq/ XRiOYeKWkUP1tB8sAA0IdHfsZEoS4Xja9ZnVusJcOHJtBfoadVHabfON3DoF7Y4l vgDHOn5LA/tZI67bJsEFOgiYFZwrAtDbTkRjzxTC1pZloDlEpU1yfvX5v1xzTpGd aNl7DKjNUZcFTq402a5bixKSEEttEZvB8Z3kT2OlLKEK8kNrKOdsw5XDNLYVTtfC KMWBaCn0ykYT7nU7pT5+ttigJPN/YHD6QUR9hb5pjcyrFbigWxW5K8TNNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD4FgDkctHOjAj37DdTyLcUqK/91MB8GA1UdIwQY MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4 LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQVrQl7b JDZBrZslTMS+PgMl4B5JtoR3b/M2H1a9MKob4UD6hKCVbRXbly+FyWCTXu4ZXUKo c7QiLUjEGHXjEbS/lxiJeWjbwoQNkB5EnL/QwB7TnLMyy/ciGTsT6hLB4Oh+ro8C wJwrpfog6xE1quzhxqSCYT0EE6pvnYmeqk9MnSr9RqPELcVxCLperiTdgzAhkxhc YOSCGRNSGw6O/nixCUwrvcOVj3us/zEr6SOfNn5PsPA21xOFv7vgkVJJZokePRVr RUTVbhobRkJpAQN+WQOQrzN62E57exH8uB0rhNQA9X2kJAIcvGXeCL6wKW6KY1Os HEn+zSnKlzISow== -----END CERTIFICATE-----Generated at Sat Dec 6 21:04:53 2025 by rpki-client