This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft File: O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json) Hash identifier: yBmn0PodsWe4/86CC4H/aKLICoPKXnmtl+cL8HmKpbo= Subject key identifier: AC:EF:6F:17:7D:25:20:B6:F9:8C:48:6A:3F:2F:19:AD:75:80:C3:17 Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86 Certificate issuer: /CN=3b84523c3932e2d198046234b962e0dc51abf586 Certificate serial: 019AF12D8603A523A6757C19E22FC20DE6E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 01:01:23 +0000 Manifest this update: Sat 06 Dec 2025 01:01:23 +0000 Manifest next update: Sun 07 Dec 2025 01:01:23 +0000 Files and hashes: 1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: rGtk1ACKhYN5Y2CG71iAo7/jsnuIFkBFcIrYMNLiFIs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:86:03:a5:23:a6:75:7c:19:e2:2f:c2:0d:e6:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586 Validity Not Before: Dec 6 01:01:23 2025 GMT Not After : Dec 7 01:01:23 2025 GMT Subject: CN=acef6f177d2520b6f98c486a3f2f19ad7580c317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b2:cc:0a:4a:16:95:c0:c4:f3:d1:73:e3:5c: 94:61:e8:f3:a5:2d:69:d0:bb:b1:9a:a5:cb:8a:41: fa:69:86:41:22:24:62:c7:62:64:08:54:68:ed:27: ac:17:27:96:6b:fa:1e:7a:8d:40:b9:8a:5c:a5:20: 12:90:f7:71:ca:b0:eb:2e:63:ec:61:fd:52:63:6e: c6:8a:9d:47:57:c5:4c:92:82:59:4f:68:a6:21:3b: 4c:a3:51:6f:d0:32:e4:4b:dd:5b:e5:88:39:12:42: 6e:58:f0:7b:71:df:ad:94:f5:53:a7:ac:05:73:77: 01:86:ec:bb:cb:c9:b9:d5:34:c1:03:91:91:14:c4: 85:9c:33:78:87:1a:4b:b8:b4:f8:21:57:0e:b6:f4: bc:50:2b:d9:55:2c:7f:84:d0:5c:27:29:db:58:7c: e5:9b:18:45:c3:25:05:40:17:7f:b8:63:ce:93:af: cc:c8:f7:b0:48:18:93:f1:96:ed:2e:43:37:b3:5d: 20:10:b6:32:dd:54:29:16:38:88:f1:ed:a6:81:cc: d5:9b:5d:19:fc:3b:83:1a:7c:4b:2a:65:f5:75:23: 28:ec:ea:d9:81:ab:aa:6b:c7:cf:2c:ab:52:a1:9a: a0:ce:b9:77:03:1e:fe:66:5b:e4:55:e0:c4:cb:bd: 06:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:EF:6F:17:7D:25:20:B6:F9:8C:48:6A:3F:2F:19:AD:75:80:C3:17 X509v3 Authority Key Identifier: keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:28:61:8b:93:ce:07:3e:34:1e:26:ea:0d:9b:87:77:6b:2b: e5:83:d5:6d:2f:18:73:45:9f:8d:b6:ff:85:ca:7b:6b:cf:f5: b4:a7:e6:26:47:95:b4:cc:fc:a7:49:05:58:9a:dc:00:60:0f: 13:df:c3:b7:a5:b7:f6:7e:ad:bd:5c:dd:3b:e2:12:25:ee:ff: e8:a6:8b:39:39:dd:f9:03:15:f5:a3:8f:f4:d7:ca:4f:77:88: 71:70:38:39:d4:0f:4f:5b:25:94:e5:1d:80:77:e1:5b:3b:3a: 51:ac:09:a4:e7:5e:5a:aa:18:f5:0b:27:89:57:5b:2f:f7:b4: 52:1d:c9:a4:7a:97:95:cb:67:74:87:3a:4d:2c:c9:1b:56:58: 41:23:d4:be:af:e9:e9:2f:92:75:b6:0b:5b:86:7d:32:7d:9e: 13:b4:36:4f:b5:20:cb:fc:6c:2a:ae:bf:ac:dd:53:d5:cc:5b: 2f:6d:d6:41:09:27:ac:11:3e:ac:e2:5c:38:39:78:9f:72:a3: c2:03:72:fa:85:eb:0d:7b:46:f1:38:03:0e:9b:b8:78:63:34: 2a:89:12:20:48:2d:80:a8:dd:0e:f6:e0:91:8f:43:e4:e9:cf: 08:85:a5:a3:ca:f3:79:70:92:fd:12:f7:15:0b:40:10:10:22: 8d:a8:55:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYYDpSOmdXwZ4i/CDebkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh YmY1ODYwHhcNMjUxMjA2MDEwMTIzWhcNMjUxMjA3MDEwMTIzWjAzMTEwLwYDVQQD EyhhY2VmNmYxNzdkMjUyMGI2Zjk4YzQ4NmEzZjJmMTlhZDc1ODBjMzE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7LMCkoWlcDE89Fz41yUYejzpS1p 0LuxmqXLikH6aYZBIiRix2JkCFRo7SesFyeWa/oeeo1AuYpcpSASkPdxyrDrLmPs Yf1SY27Gip1HV8VMkoJZT2imITtMo1Fv0DLkS91b5Yg5EkJuWPB7cd+tlPVTp6wF c3cBhuy7y8m51TTBA5GRFMSFnDN4hxpLuLT4IVcOtvS8UCvZVSx/hNBcJynbWHzl mxhFwyUFQBd/uGPOk6/MyPewSBiT8ZbtLkM3s10gELYy3VQpFjiI8e2mgczVm10Z /DuDGnxLKmX1dSMo7OrZgauqa8fPLKtSoZqgzrl3Ax7+ZlvkVeDEy70G+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKzvbxd9JSC2+YxIaj8vGa11gMMXMB8GA1UdIwQY MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEChhi5PO Bz40HibqDZuHd2sr5YPVbS8Yc0Wfjbb/hcp7a8/1tKfmJkeVtMz8p0kFWJrcAGAP E9/Dt6W39n6tvVzdO+ISJe7/6KaLOTnd+QMV9aOP9NfKT3eIcXA4OdQPT1sllOUd gHfhWzs6UawJpOdeWqoY9QsniVdbL/e0Uh3JpHqXlctndIc6TSzJG1ZYQSPUvq/p 6S+SdbYLW4Z9Mn2eE7Q2T7Ugy/xsKq6/rN1T1cxbL23WQQknrBE+rOJcODl4n3Kj wgNy+oXrDXtG8TgDDpu4eGM0KokSIEgtgKjdDvbgkY9D5OnPCIWlo8rzeXCS/RL3 FQtAEBAijahVWg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:09:02 2025 by rpki-client