This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft File: otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json) Hash identifier: V6Cln0JzRGxhc0xb8BIFo0L7xfEpDNSVtjQx9xZOAfQ= Subject key identifier: 54:64:92:C9:EC:7B:88:01:C3:97:87:20:87:42:E0:12:7C:9A:2A:BF Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE Certificate issuer: /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee Certificate serial: 019B3DFEC214073A192873D3E97010E6F163 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft Manifest number: 0362 Signing time: Sat 20 Dec 2025 23:01:04 +0000 Manifest this update: Sat 20 Dec 2025 23:01:04 +0000 Manifest next update: Sun 21 Dec 2025 23:01:04 +0000 Files and hashes: 1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: Cm6jtZuLfMdB7iDzCsI0pK6rH0jPWbTSkaevKKOTXYA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:c2:14:07:3a:19:28:73:d3:e9:70:10:e6:f1:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee Validity Not Before: Dec 20 23:01:04 2025 GMT Not After : Dec 21 23:01:04 2025 GMT Subject: CN=546492c9ec7b8801c39787208742e0127c9a2abf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:04:a0:80:d0:91:a2:a3:5f:87:39:d0:24:5a: 96:d0:e4:0f:06:f2:7c:79:4d:9f:6f:da:4e:12:0c: 9d:bf:c4:8f:63:f6:6f:bf:0a:d7:fc:00:70:11:c6: cf:a1:20:82:9b:a8:57:d3:82:6e:50:e9:31:df:9c: 26:a2:1b:85:6a:1a:c4:15:2a:79:29:fe:b4:7c:82: 8d:e4:ba:ca:d9:e6:66:6f:61:cb:19:bd:d5:2c:77: eb:ba:3f:5e:df:63:50:c9:a8:b3:98:02:4f:3b:7d: bb:41:ce:b0:cc:cb:e3:3f:1a:a9:85:27:f1:72:b3: f6:83:d2:e9:b5:a9:6b:83:84:fd:e1:3a:bd:e7:9b: 92:50:44:38:4f:0f:f4:43:48:a2:3f:e3:30:2d:99: 4a:f6:aa:82:a0:4c:27:7f:76:f9:45:86:f1:58:7a: 43:55:10:2f:2c:55:5e:6b:6c:70:55:c5:7d:81:1c: 3c:16:f0:aa:25:3e:fb:e9:d7:9e:56:fd:5a:55:e0: b3:01:68:ab:84:24:cb:9d:5a:ce:cd:99:72:f9:46: 2c:80:09:09:d8:10:0e:69:6f:d4:1b:1f:e5:c4:fa: 1c:f8:10:16:89:d1:54:8f:6e:d7:d9:54:67:89:f0: 3d:9e:ab:94:89:93:97:74:cf:97:64:22:19:06:b2: 27:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:64:92:C9:EC:7B:88:01:C3:97:87:20:87:42:E0:12:7C:9A:2A:BF X509v3 Authority Key Identifier: keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:23:e1:0b:eb:09:8b:af:7f:76:e4:75:93:c3:db:86:c8:53: bd:15:af:d9:87:4a:85:dd:05:12:18:77:c4:6d:2e:b7:e1:47: 0d:f1:21:f3:7c:82:0a:5a:53:63:56:ac:da:b1:53:56:84:ce: e4:66:3d:9b:b1:89:e6:46:1e:de:1b:16:8d:93:1b:a4:2e:65: 29:4b:31:e9:48:34:e2:55:53:e6:1c:cf:28:da:88:5f:06:32: d8:76:00:21:02:a8:f4:76:94:c7:03:89:5b:47:50:fb:c9:2b: bd:bb:5d:3d:e3:e3:41:97:d8:55:72:ca:8e:ce:ca:43:8b:4e: 8d:31:da:40:34:6f:3f:45:31:71:ce:95:d3:90:34:3f:81:3c: e5:67:a8:ed:61:5c:e8:af:59:35:fa:ea:02:dd:b0:28:53:5a: c8:89:94:da:7a:df:88:45:02:f8:a6:f2:ec:88:aa:0b:2d:be: c5:ea:a4:dc:62:1e:43:b0:c4:3f:7b:54:08:53:3a:7a:83:71: 03:0f:ed:d4:6a:b1:98:a4:64:b7:ab:85:ce:aa:f1:60:56:e5: 39:03:08:bf:4e:45:7c:e9:f3:21:6c:ee:0a:5e:c4:8e:65:36: 55:f2:a3:15:21:c7:9c:b0:10:c4:6f:8f:45:df:ca:73:1d:0a: 26:bc:dc:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/sIUBzoZKHPT6XAQ5vFjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj ZWFkZWUwHhcNMjUxMjIwMjMwMTA0WhcNMjUxMjIxMjMwMTA0WjAzMTEwLwYDVQQD Eyg1NDY0OTJjOWVjN2I4ODAxYzM5Nzg3MjA4NzQyZTAxMjdjOWEyYWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqASggNCRoqNfhznQJFqW0OQPBvJ8 eU2fb9pOEgydv8SPY/ZvvwrX/ABwEcbPoSCCm6hX04JuUOkx35wmohuFahrEFSp5 Kf60fIKN5LrK2eZmb2HLGb3VLHfruj9e32NQyaizmAJPO327Qc6wzMvjPxqphSfx crP2g9Lptalrg4T94Tq955uSUEQ4Tw/0Q0iiP+MwLZlK9qqCoEwnf3b5RYbxWHpD VRAvLFVea2xwVcV9gRw8FvCqJT776deeVv1aVeCzAWirhCTLnVrOzZly+UYsgAkJ 2BAOaW/UGx/lxPoc+BAWidFUj27X2VRnifA9nquUiZOXdM+XZCIZBrInNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRkksnse4gBw5eHIIdC4BJ8miq/MB8GA1UdIwQY MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2 LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSPhC+sJ i69/duR1k8PbhshTvRWv2YdKhd0FEhh3xG0ut+FHDfEh83yCClpTY1as2rFTVoTO 5GY9m7GJ5kYe3hsWjZMbpC5lKUsx6Ug04lVT5hzPKNqIXwYy2HYAIQKo9HaUxwOJ W0dQ+8krvbtdPePjQZfYVXLKjs7KQ4tOjTHaQDRvP0Uxcc6V05A0P4E85Weo7WFc 6K9ZNfrqAt2wKFNayImU2nrfiEUC+Kby7IiqCy2+xeqk3GIeQ7DEP3tUCFM6eoNx Aw/t1GqxmKRkt6uFzqrxYFblOQMIv05FfOnzIWzuCl7EjmU2VfKjFSHHnLAQxG+P Rd/Kcx0KJrzc7w== -----END CERTIFICATE-----Generated at Sun Dec 21 02:57:18 2025 by rpki-client