This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft File: ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json) Hash identifier: GpL5NIKveYEsTl6dnX4GAKzqzfGNk92wzTX6e93IbKA= Subject key identifier: A9:AE:AD:80:15:B9:70:7B:B8:91:F4:BF:90:51:3D:19:60:38:5A:95 Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C Certificate issuer: /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Certificate serial: 019AF42DEFB047A63524CBBFE18D24F94DC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft Manifest number: 0595 Signing time: Sat 06 Dec 2025 15:00:42 +0000 Manifest this update: Sat 06 Dec 2025 15:00:42 +0000 Manifest next update: Sun 07 Dec 2025 15:00:42 +0000 Files and hashes: 1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: m2GaqRX6Y4fBldJzKCDTLvG8i8m6YzZSCESmS2v6ZKM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2d:ef:b0:47:a6:35:24:cb:bf:e1:8d:24:f9:4d:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Validity Not Before: Dec 6 15:00:42 2025 GMT Not After : Dec 7 15:00:42 2025 GMT Subject: CN=a9aead8015b9707bb891f4bf90513d1960385a95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9a:21:02:8f:00:c3:f1:12:8d:4f:af:45:5c: f3:09:74:2a:31:66:53:a1:6d:45:3d:3c:ba:d7:a2: 26:0d:3e:b2:14:1e:44:ee:cf:81:59:5a:35:55:f2: 7d:25:93:64:7c:1f:85:af:c2:e0:8f:bc:c7:0d:25: 0c:2a:95:fd:51:33:87:e8:37:0f:bd:95:ec:c6:08: 18:36:c4:bb:14:af:50:59:3e:4e:2d:fe:f7:d6:58: 1f:9a:08:9b:f1:46:0b:8d:8d:3d:14:cf:a2:16:db: 3e:74:26:bb:54:20:4a:3f:52:6e:48:5b:9d:72:33: 22:ae:12:d3:39:79:21:0f:85:3f:7d:2a:6b:c6:43: f6:a8:45:2d:7e:d4:82:ea:62:e6:19:a3:8b:4a:da: 56:ec:82:da:8c:31:32:e1:03:d9:79:30:5e:1b:36: ca:f3:6d:c8:93:31:33:18:7a:80:4f:70:00:0b:49: 25:68:7e:82:db:52:72:cf:99:42:b9:46:db:c4:db: 4c:a3:88:b5:d2:2c:40:30:18:09:92:7f:7f:d5:d0: 62:53:2f:9a:aa:03:6f:14:de:71:d3:56:38:d5:4c: 8b:15:45:55:11:00:c2:0e:01:08:33:b6:8c:e0:09: 7c:cb:2d:c3:77:41:cd:60:37:7f:1b:c0:95:b2:1c: 54:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:AE:AD:80:15:B9:70:7B:B8:91:F4:BF:90:51:3D:19:60:38:5A:95 X509v3 Authority Key Identifier: keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:2b:65:59:c3:d4:9a:3e:3b:27:da:ad:b5:71:01:77:17:de: 64:6a:39:08:e9:60:0a:8b:70:2b:ff:e5:ff:22:0b:5b:4c:a2: 54:48:5b:20:05:71:fc:ef:2f:dc:17:a1:4c:07:9f:e7:5c:2c: 8e:16:9f:a2:6a:42:cd:86:ea:b1:0c:c1:6a:dd:8e:07:42:31: 78:02:6e:4c:ef:91:bd:1c:74:30:35:9a:b8:2d:66:49:4d:68: 6f:55:cc:21:43:3f:4c:24:14:b1:81:56:82:a3:73:49:6e:63: 9b:95:15:de:ae:3f:52:f6:4e:0e:4e:e6:58:bf:38:fb:38:f4: e5:aa:20:bc:9e:d3:8a:d4:82:04:7a:ef:4e:92:2f:a4:45:04: c8:1e:f1:df:cc:8d:83:67:b6:a2:92:fc:79:4c:9f:86:0b:4c: 41:0b:af:98:f3:35:12:c5:06:52:0f:8c:64:eb:13:04:d5:67: 30:fe:32:dd:93:c0:8d:97:ae:61:63:f6:09:16:2e:1f:16:78: 95:9c:d6:0e:59:bc:11:cf:04:89:7c:61:66:eb:29:9d:ac:23: 11:4b:7b:23:bc:97:4c:81:12:71:e3:53:21:30:e9:9d:7e:bd: 90:d8:fe:cd:02:82:9f:df:9b:99:48:bf:38:ec:e2:2a:e5:c0: 08:74:2a:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Le+wR6Y1JMu/4Y0k+U3EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm ZjUwOWMwHhcNMjUxMjA2MTUwMDQyWhcNMjUxMjA3MTUwMDQyWjAzMTEwLwYDVQQD EyhhOWFlYWQ4MDE1Yjk3MDdiYjg5MWY0YmY5MDUxM2QxOTYwMzg1YTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJohAo8Aw/ESjU+vRVzzCXQqMWZT oW1FPTy616ImDT6yFB5E7s+BWVo1VfJ9JZNkfB+Fr8Lgj7zHDSUMKpX9UTOH6DcP vZXsxggYNsS7FK9QWT5OLf731lgfmgib8UYLjY09FM+iFts+dCa7VCBKP1JuSFud cjMirhLTOXkhD4U/fSprxkP2qEUtftSC6mLmGaOLStpW7ILajDEy4QPZeTBeGzbK 823IkzEzGHqAT3AAC0klaH6C21Jyz5lCuUbbxNtMo4i10ixAMBgJkn9/1dBiUy+a qgNvFN5x01Y41UyLFUVVEQDCDgEIM7aM4Al8yy3Dd0HNYDd/G8CVshxU6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmurYAVuXB7uJH0v5BRPRlgOFqVMB8GA1UdIwQY MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgytlWcPU mj47J9qttXEBdxfeZGo5COlgCotwK//l/yILW0yiVEhbIAVx/O8v3BehTAef51ws jhafompCzYbqsQzBat2OB0IxeAJuTO+RvRx0MDWauC1mSU1ob1XMIUM/TCQUsYFW gqNzSW5jm5UV3q4/UvZODk7mWL84+zj05aogvJ7TitSCBHrvTpIvpEUEyB7x38yN g2e2opL8eUyfhgtMQQuvmPM1EsUGUg+MZOsTBNVnMP4y3ZPAjZeuYWP2CRYuHxZ4 lZzWDlm8Ec8EiXxhZuspnawjEUt7I7yXTIESceNTITDpnX69kNj+zQKCn9+bmUi/ OOziKuXACHQqrw== -----END CERTIFICATE-----Generated at Sat Dec 6 18:38:26 2025 by rpki-client