This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft File: OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft (raw, json) Hash identifier: Fk3SDCqnB7BFsxbK4JLT09RKVx8yZL9hbXHIlcr/aJA= Subject key identifier: 56:C6:DC:9F:A7:A0:7C:5E:43:C5:81:32:40:61:25:1A:A6:61:F5:B7 Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26 Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26 Certificate serial: 019B3BD92D72EB0D39B4E03F587525F8C05C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft Manifest number: 129E Signing time: Sat 20 Dec 2025 13:00:47 +0000 Manifest this update: Sat 20 Dec 2025 13:00:47 +0000 Manifest next update: Sun 21 Dec 2025 13:00:47 +0000 Files and hashes: 1: 4iN5nDTRDVV1CTGuGlGWY0Ybm9Y.roa (hash: EMh2tz4i0xV1ZX0fHy8PWh0LdLWVBXB/z2TGKHCydUo=) 2: CBZTZIxMDDoFTLtkXWpJNkPAyZA.roa (hash: cXql8AeIQAC8BMZkK4SJLIjChz+/Hte6gi3o/bh7lrE=) 3: OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl (hash: I+xHFCdkq0/+/fHFttcJoVvf3WOLHSYRsgUv6tLmPCk=) 4: TyU9koBZ-FfwUjRzFMgXymhIcdc.roa (hash: PuygGCOb3s6Y5+fEOZlXXly4EGutd8BVkQrZLC3GUys=) 5: rYkWvcE_3GQZ3jkaDTUiqjj986g.roa (hash: FOkCN5CJZuWhjjVzqhCAbEwhLO4+xpDqIO3h/0CpxnA=) 6: xvMwGEntPrsPSijtn7qckfPF1Lw.roa (hash: cfgqt0GeV7LUHA50FIbHHM6KEXg5Xmqps/DGbUwBUAM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:2d:72:eb:0d:39:b4:e0:3f:58:75:25:f8:c0:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26 Validity Not Before: Dec 20 13:00:47 2025 GMT Not After : Dec 21 13:00:47 2025 GMT Subject: CN=56c6dc9fa7a07c5e43c581324061251aa661f5b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:25:af:b9:39:d4:1a:01:5e:38:dc:0b:50:11: 4b:82:3b:60:d4:87:c2:a7:f0:84:33:22:9b:96:3d: 03:6d:15:d1:d1:17:ca:43:4d:53:cc:09:01:10:ad: 6e:51:4c:12:f4:5c:e8:14:06:4a:41:51:7e:5a:c9: 41:74:01:b2:5a:c9:79:5e:97:9d:47:77:91:ec:0f: 18:41:55:bb:ed:e2:f0:98:a8:60:0b:d8:7f:d9:30: 5f:63:b8:81:61:3f:e3:72:2b:1d:8e:18:bd:22:da: e9:10:94:26:d9:f4:43:d1:86:a0:7c:3f:cf:ac:10: e8:89:dc:51:dc:71:b7:0e:0b:b2:38:02:36:ec:14: 81:41:e8:1f:a8:19:07:a1:d3:b0:cf:57:83:fd:b9: 47:35:a2:da:71:0f:7c:f7:5d:b2:0d:00:65:09:a6: 3e:eb:4c:e3:e7:e2:64:bd:e6:ca:2e:b4:5b:97:ec: 0c:eb:73:6f:b0:17:a1:d3:42:83:7f:d4:c4:82:b6: 02:82:5a:fa:e8:71:74:f6:f8:54:66:f3:5d:b1:4f: 13:bf:d9:dc:70:ef:82:12:61:e4:22:9a:dc:68:fd: 91:08:c9:b9:ad:0f:c3:22:dc:cb:1c:22:1e:55:e9: ca:88:fc:19:fe:eb:dc:cf:16:a3:2a:97:d9:ce:d4: ba:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:C6:DC:9F:A7:A0:7C:5E:43:C5:81:32:40:61:25:1A:A6:61:F5:B7 X509v3 Authority Key Identifier: keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:67:ed:4c:03:60:31:e6:82:b9:ab:87:a3:f8:8c:d9:45:8d: f2:e0:ed:ab:c0:64:74:52:83:14:63:56:fa:78:28:cb:c2:1f: 3b:00:d8:f2:10:29:9e:25:4d:ab:2b:78:78:42:d6:18:00:32: 49:fc:57:fc:ab:86:e7:b0:70:6a:95:25:ce:c1:7b:7e:9f:27: a8:ea:c3:da:05:7d:90:72:4d:24:c2:14:1b:ff:05:e8:1e:2d: b4:83:fa:ba:50:68:c2:33:97:54:7d:ac:89:a1:14:e7:8d:5a: a0:90:14:5c:47:28:c7:be:24:e5:7d:ea:9d:f1:76:27:4c:7e: ee:0d:93:7a:74:ab:d2:db:da:56:17:2c:25:2e:14:31:67:03: 54:9a:76:95:b6:ad:b3:d8:1e:99:ac:5b:ad:82:2e:df:9d:f2: b2:2a:72:a9:86:82:83:0f:79:24:c8:49:3d:e3:55:8a:46:ee: 8f:a8:e3:75:8e:7e:7a:a3:8b:ae:65:b6:a4:2f:4c:1f:98:1b: c1:05:ee:05:58:1f:64:a2:7b:d0:12:99:a4:7a:3c:78:6e:16: b9:6c:f0:54:a0:fc:5e:5a:66:4d:55:2d:74:8d:c5:ae:36:72: 91:17:a9:ab:c8:f0:0e:b4:23:68:81:eb:d9:ef:5d:81:de:3b: e9:d4:a5:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72S1y6w05tOA/WHUl+MBcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj MzBhMjYwHhcNMjUxMjIwMTMwMDQ3WhcNMjUxMjIxMTMwMDQ3WjAzMTEwLwYDVQQD Eyg1NmM2ZGM5ZmE3YTA3YzVlNDNjNTgxMzI0MDYxMjUxYWE2NjFmNWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCWvuTnUGgFeONwLUBFLgjtg1IfC p/CEMyKblj0DbRXR0RfKQ01TzAkBEK1uUUwS9FzoFAZKQVF+WslBdAGyWsl5Xped R3eR7A8YQVW77eLwmKhgC9h/2TBfY7iBYT/jcisdjhi9ItrpEJQm2fRD0YagfD/P rBDoidxR3HG3DguyOAI27BSBQegfqBkHodOwz1eD/blHNaLacQ98912yDQBlCaY+ 60zj5+JkvebKLrRbl+wM63NvsBeh00KDf9TEgrYCglr66HF09vhUZvNdsU8Tv9nc cO+CEmHkIprcaP2RCMm5rQ/DItzLHCIeVenKiPwZ/uvczxajKpfZztS6SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFbG3J+noHxeQ8WBMkBhJRqmYfW3MB8GA1UdIwQY MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct NDY1MzhjYTUzODNjLzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGftTANg MeaCuauHo/iM2UWN8uDtq8BkdFKDFGNW+ngoy8IfOwDY8hApniVNqyt4eELWGAAy SfxX/KuG57BwapUlzsF7fp8nqOrD2gV9kHJNJMIUG/8F6B4ttIP6ulBowjOXVH2s iaEU541aoJAUXEcox74k5X3qnfF2J0x+7g2TenSr0tvaVhcsJS4UMWcDVJp2lbat s9gemaxbrYIu353ysipyqYaCgw95JMhJPeNVikbuj6jjdY5+eqOLrmW2pC9MH5gb wQXuBVgfZKJ70BKZpHo8eG4WuWzwVKD8XlpmTVUtdI3FrjZykRepq8jwDrQjaIHr 2e9dgd476dSlGg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:55:13 2025 by rpki-client