This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft File: OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft (raw, json) Hash identifier: e8nA91Qxaq0B7bvUyWYPXLAquVYPBP8qTL2HCz+vLMQ= Subject key identifier: 66:06:E6:FF:AF:17:EC:00:F1:E1:21:F4:6D:6E:C0:E3:F7:54:A2:05 Authority key identifier: 3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D Certificate issuer: /CN=3abc6247ee0caec365a8022f5f8c6feccca5710d Certificate serial: 019B68E915A207688BE7CFC3F4F1C3F8D018 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft Manifest number: 107D Signing time: Mon 29 Dec 2025 07:01:04 +0000 Manifest this update: Mon 29 Dec 2025 07:01:04 +0000 Manifest next update: Tue 30 Dec 2025 07:01:04 +0000 Files and hashes: 1: OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl (hash: u8PacYCCJPV9HQ/zGQjMkZJmtXXFizBRfZ45E5u2gy4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 07:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e9:15:a2:07:68:8b:e7:cf:c3:f4:f1:c3:f8:d0:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3abc6247ee0caec365a8022f5f8c6feccca5710d Validity Not Before: Dec 29 07:01:04 2025 GMT Not After : Dec 30 07:01:04 2025 GMT Subject: CN=6606e6ffaf17ec00f1e121f46d6ec0e3f754a205 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:78:f3:d5:06:46:77:6e:91:21:22:8b:e4:50: 16:72:ca:de:8d:00:20:85:98:4a:ae:c7:7f:a1:ad: de:bf:33:aa:b7:94:e9:b0:b1:59:fd:81:f3:a5:e8: a0:f8:21:b9:4d:c1:1f:36:fe:9f:34:e2:3e:cc:a9: 45:ac:d8:e0:4e:23:1f:f2:81:54:f0:60:29:c4:fa: 31:9e:7d:58:cd:d1:b6:81:78:f0:17:e2:76:37:ef: 90:aa:f0:a0:9f:50:37:f3:f7:48:56:86:31:e5:8a: a9:11:bf:da:5d:fd:02:bb:0f:d5:26:db:58:11:a6: 6b:a1:b5:bb:b3:7d:d9:44:d3:fa:ce:4b:50:b4:85: e5:9a:f4:8f:6b:b1:2d:cc:7c:d3:e4:5a:59:ba:2f: 59:95:8b:88:5f:66:e2:b1:c2:a3:15:e0:b2:ab:90: b3:36:ba:ab:f8:99:e7:c2:0e:73:cc:bd:f8:87:43: 29:17:59:c6:ac:52:4c:d9:d5:65:e3:97:48:7c:82: 2b:43:f5:ba:36:d5:67:70:9d:68:fe:7c:db:88:92: de:ea:28:51:92:06:c2:ab:80:71:7d:99:41:c3:09: ce:7b:6f:7b:a6:3c:a6:5a:ff:60:81:8b:ef:a3:19: 17:f9:b3:21:89:71:4c:87:69:1c:ab:7b:c0:83:2e: 7d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:06:E6:FF:AF:17:EC:00:F1:E1:21:F4:6D:6E:C0:E3:F7:54:A2:05 X509v3 Authority Key Identifier: keyid:3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:d1:fc:1b:29:a8:ba:28:59:45:2f:26:53:2d:48:50:7a:ba: 1b:60:a4:6d:54:fb:d8:59:62:f4:74:03:05:21:05:e3:12:f7: 18:2e:da:6f:d1:7a:75:db:f0:09:da:8e:93:21:ec:69:e8:78: af:03:60:f5:44:37:bf:d1:4d:db:54:eb:7f:19:1f:fc:57:5d: ca:4a:73:da:b5:3c:0f:cb:76:56:93:a2:52:f5:23:e6:6e:aa: 65:72:50:2f:97:1b:c5:b2:49:93:2e:67:d1:f9:8a:9c:fb:ec: 66:96:6f:5d:08:8f:f3:82:7a:57:c6:58:a5:f1:4b:13:64:49: a7:e1:11:96:2e:65:64:b9:26:6b:0d:54:6d:d7:ad:58:a6:98: f2:a3:60:33:59:59:49:7a:61:bf:a3:30:87:11:83:7a:ad:b9: 7b:94:19:cd:0d:2a:81:f5:cd:0d:06:36:b1:97:99:63:f8:60: 09:3c:f7:86:90:42:6e:4e:72:6f:e4:cb:ee:34:ba:e7:16:a5: 49:86:22:b5:be:e0:0c:44:ac:2e:17:01:32:6a:ee:c6:49:7e: 0e:54:23:b5:5d:9e:d0:50:a5:f3:ce:c3:85:46:1c:1b:62:fa: ef:78:8b:4d:2c:36:c5:f3:81:da:70:dc:a4:2a:ac:69:67:36: c7:ca:54:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6RWiB2iL58/D9PHD+NAYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhYmM2MjQ3ZWUwY2FlYzM2NWE4MDIyZjVmOGM2ZmVjY2Nh NTcxMGQwHhcNMjUxMjI5MDcwMTA0WhcNMjUxMjMwMDcwMTA0WjAzMTEwLwYDVQQD Eyg2NjA2ZTZmZmFmMTdlYzAwZjFlMTIxZjQ2ZDZlYzBlM2Y3NTRhMjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHjz1QZGd26RISKL5FAWcsrejQAg hZhKrsd/oa3evzOqt5TpsLFZ/YHzpeig+CG5TcEfNv6fNOI+zKlFrNjgTiMf8oFU 8GApxPoxnn1YzdG2gXjwF+J2N++QqvCgn1A38/dIVoYx5YqpEb/aXf0Cuw/VJttY EaZrobW7s33ZRNP6zktQtIXlmvSPa7EtzHzT5FpZui9ZlYuIX2biscKjFeCyq5Cz Nrqr+Jnnwg5zzL34h0MpF1nGrFJM2dVl45dIfIIrQ/W6NtVncJ1o/nzbiJLe6ihR kgbCq4BxfZlBwwnOe297pjymWv9ggYvvoxkX+bMhiXFMh2kcq3vAgy59OQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGYG5v+vF+wA8eEh9G1uwOP3VKIFMB8GA1UdIwQY MBaAFDq8YkfuDK7DZagCL1+Mb+zMpXENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWIt YjhjZjY0OWRlMzJjLzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWItYjhjZjY0OWRlMzJj LzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNH8Gymo uihZRS8mUy1IUHq6G2CkbVT72Fli9HQDBSEF4xL3GC7ab9F6ddvwCdqOkyHsaeh4 rwNg9UQ3v9FN21Trfxkf/Fddykpz2rU8D8t2VpOiUvUj5m6qZXJQL5cbxbJJky5n 0fmKnPvsZpZvXQiP84J6V8ZYpfFLE2RJp+ERli5lZLkmaw1UbdetWKaY8qNgM1lZ SXphv6MwhxGDeq25e5QZzQ0qgfXNDQY2sZeZY/hgCTz3hpBCbk5yb+TL7jS65xal SYYitb7gDESsLhcBMmruxkl+DlQjtV2e0FCl887DhUYcG2L673iLTSw2xfOB2nDc pCqsaWc2x8pU9w== -----END CERTIFICATE-----Generated at Mon Dec 29 14:54:04 2025 by rpki-client