This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft File: obeZgyScHV-GGfE1xtbn43379WI.mft (raw, json) Hash identifier: RUj4V/L30PzTNS9uS0PLhavOl4Gk6LyOVCIruTRb7QA= Subject key identifier: 82:36:BE:70:87:C3:EE:62:FA:2F:99:04:42:6D:9E:23:ED:23:C8:25 Authority key identifier: A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62 Certificate issuer: /CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562 Certificate serial: 019AFCC4B1BC21E3EF98F17D024AB6D1BB66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft Manifest number: 0F6B Signing time: Mon 08 Dec 2025 07:02:20 +0000 Manifest this update: Mon 08 Dec 2025 07:02:20 +0000 Manifest next update: Tue 09 Dec 2025 07:02:20 +0000 Files and hashes: 1: obeZgyScHV-GGfE1xtbn43379WI.crl (hash: QnWkqOcs7ZWMToK9ZZTcmmk8lg7L6ObdJEDohdl6RtI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c4:b1:bc:21:e3:ef:98:f1:7d:02:4a:b6:d1:bb:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562 Validity Not Before: Dec 8 07:02:20 2025 GMT Not After : Dec 9 07:02:20 2025 GMT Subject: CN=8236be7087c3ee62fa2f9904426d9e23ed23c825 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4a:0a:a0:3f:3e:20:92:06:49:79:c3:cb:52: 04:e8:9c:01:63:1d:7d:f3:13:b8:1f:20:93:aa:cf: e7:19:4b:02:7a:20:4c:14:93:d1:b2:8d:1e:81:cc: 48:0b:fa:8a:b6:36:12:65:c9:77:f5:b0:02:aa:d5: 9b:c0:cf:5f:87:8e:46:7c:06:b4:cd:9b:47:1d:f9: b6:d3:fd:67:df:3e:08:d5:af:cc:a8:c2:f5:e6:39: df:61:9d:df:76:35:84:49:9b:5d:eb:b4:8b:d2:7d: 69:27:ed:e0:25:86:21:58:69:2d:51:c6:a3:e4:2d: 28:75:22:9c:84:e1:25:dd:8b:bc:16:56:91:f7:51: a2:6e:f6:38:8b:9a:65:65:85:a6:c1:86:a5:71:fc: 80:1f:a2:68:43:d7:fd:5c:49:d6:86:2d:44:94:65: 98:a7:ce:c7:76:83:f2:7f:31:43:44:73:1f:19:c5: 2e:52:17:09:f3:3d:d0:07:fe:63:69:ed:f7:79:87: d9:d0:3d:79:67:c3:cc:87:87:55:cf:cd:8e:51:d7: ca:97:b2:ee:24:dc:02:75:cb:bd:0f:f3:c7:60:4a: 04:17:3f:0f:84:24:ef:fe:2d:8e:05:c2:45:27:dd: b2:f5:e5:70:14:97:dc:ef:90:66:5c:e1:00:ee:1b: d3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:36:BE:70:87:C3:EE:62:FA:2F:99:04:42:6D:9E:23:ED:23:C8:25 X509v3 Authority Key Identifier: keyid:A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:72:9c:ec:db:1a:cc:cc:b1:b4:34:60:12:6f:56:99:20:34: c6:9c:68:e6:99:bb:f2:d1:77:ff:1e:61:bf:c1:2b:e9:19:27: a4:0e:45:65:ab:dc:79:02:6b:c6:64:2c:7c:0a:d5:7b:99:22: 3d:a9:46:64:70:75:76:04:78:fa:cb:67:67:f1:7e:4a:e4:10: 8a:18:70:3f:85:c3:93:32:a1:07:4e:02:0c:7a:38:ba:9e:2f: 11:a8:6f:5f:be:74:d0:af:48:7d:e1:a8:14:3e:00:7d:6f:21: d9:04:3b:5b:1a:33:d7:89:52:59:15:0d:75:8e:73:0d:07:b1: 61:5f:0d:72:f2:39:d6:d7:2f:34:01:33:ca:f2:85:0f:67:ba: b1:5e:0e:68:90:db:a3:0a:45:9d:35:d5:c3:fa:07:22:b5:36: b6:90:25:58:cb:35:69:ff:a4:74:2a:b6:b3:cb:63:3d:61:96: d4:41:d7:33:a7:b2:7b:67:60:88:f8:82:6d:15:6a:65:80:52: 35:19:c5:53:50:2c:ff:72:29:c6:72:cd:cc:4a:71:1a:05:43: 8f:7d:9c:9a:49:97:db:6e:23:5d:5d:c6:6c:24:8c:a8:5d:d9: 42:d6:c3:35:71:05:29:e4:16:1e:fe:17:23:ec:a3:f2:d6:32: e6:e2:32:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8xLG8IePvmPF9Akq20btmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExYjc5OTgzMjQ5YzFkNWY4NjE5ZjEzNWM2ZDZlN2UzN2Rm YmY1NjIwHhcNMjUxMjA4MDcwMjIwWhcNMjUxMjA5MDcwMjIwWjAzMTEwLwYDVQQD Eyg4MjM2YmU3MDg3YzNlZTYyZmEyZjk5MDQ0MjZkOWUyM2VkMjNjODI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEoKoD8+IJIGSXnDy1IE6JwBYx19 8xO4HyCTqs/nGUsCeiBMFJPRso0egcxIC/qKtjYSZcl39bACqtWbwM9fh45GfAa0 zZtHHfm20/1n3z4I1a/MqML15jnfYZ3fdjWESZtd67SL0n1pJ+3gJYYhWGktUcaj 5C0odSKchOEl3Yu8FlaR91GibvY4i5plZYWmwYalcfyAH6JoQ9f9XEnWhi1ElGWY p87HdoPyfzFDRHMfGcUuUhcJ8z3QB/5jae33eYfZ0D15Z8PMh4dVz82OUdfKl7Lu JNwCdcu9D/PHYEoEFz8PhCTv/i2OBcJFJ92y9eVwFJfc75BmXOEA7hvTDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFII2vnCHw+5i+i+ZBEJtniPtI8glMB8GA1UdIwQY MBaAFKG3mYMknB1fhhnxNcbW5+N9+/ViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYt YjMzOTE2YjlmODM5LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xMjJkODktOGU0My00MGMzLTljZWYtYjMzOTE2YjlmODM5 LzEvb2JlWmd5U2NIVi1HR2ZFMXh0Ym40MzM3OVdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYXKc7Nsa zMyxtDRgEm9WmSA0xpxo5pm78tF3/x5hv8Er6RknpA5FZavceQJrxmQsfArVe5ki PalGZHB1dgR4+stnZ/F+SuQQihhwP4XDkzKhB04CDHo4up4vEahvX7500K9IfeGo FD4AfW8h2QQ7Wxoz14lSWRUNdY5zDQexYV8NcvI51tcvNAEzyvKFD2e6sV4OaJDb owpFnTXVw/oHIrU2tpAlWMs1af+kdCq2s8tjPWGW1EHXM6eye2dgiPiCbRVqZYBS NRnFU1As/3IpxnLNzEpxGgVDj32cmkmX224jXV3GbCSMqF3ZQtbDNXEFKeQWHv4X I+yj8tYy5uIy8A== -----END CERTIFICATE-----Generated at Mon Dec 8 09:37:15 2025 by rpki-client