This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft File: OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json) Hash identifier: TItn7ambe8SujDrmIjvNJ+jQ5EzWRA+qWGpIAc5cmr8= Subject key identifier: ED:82:FA:C3:D6:D5:D0:90:C5:80:0E:4F:2F:50:E4:4D:D5:59:80:80 Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34 Certificate issuer: /CN=385b7e94fa60db685171cf1369b1cefb6e20f334 Certificate serial: 019B30E8A40E93F81D23DCB10F4AC16C05DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft Manifest number: 06D5 Signing time: Thu 18 Dec 2025 10:01:51 +0000 Manifest this update: Thu 18 Dec 2025 10:01:51 +0000 Manifest next update: Fri 19 Dec 2025 10:01:51 +0000 Files and hashes: 1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: TVA5Pp/wwr9laztrojVk+RWlMMaUO/wUH/bz2PCMpJ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e8:a4:0e:93:f8:1d:23:dc:b1:0f:4a:c1:6c:05:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334 Validity Not Before: Dec 18 10:01:51 2025 GMT Not After : Dec 19 10:01:51 2025 GMT Subject: CN=ed82fac3d6d5d090c5800e4f2f50e44dd5598080 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d6:92:2b:de:e4:f0:e7:1a:cf:ad:a3:88:d8: 25:80:ae:01:ab:98:93:c3:80:be:e4:38:0e:b2:b2: c7:f4:69:35:19:d4:83:4c:22:31:0d:6c:84:12:50: e3:be:d0:fb:26:78:c5:0a:2f:c5:7d:eb:06:ba:88: e0:13:49:65:a8:0f:70:2c:13:4b:5d:0f:d8:43:a7: da:1b:6b:50:aa:4d:b9:d0:0e:93:a4:67:f9:9d:b5: da:ab:af:d4:85:18:7b:43:ad:a3:e1:a8:1a:ec:40: 01:12:92:f1:03:db:94:92:70:3b:49:d7:17:b9:90: ad:7f:eb:a4:11:e5:d1:21:cc:06:a2:5f:6d:a8:ac: bc:37:31:2e:7d:60:ba:5f:fe:71:1c:bc:d4:2b:d6: 0d:2a:95:c2:06:6d:d3:b2:dd:ba:ea:5e:0b:59:64: 58:fd:7f:e4:24:ac:d1:91:d7:a8:54:85:fb:92:3c: 47:dd:c6:cf:16:6d:be:63:27:f0:68:e9:b0:2e:f2: 90:17:be:99:5d:c4:bd:ed:e1:5e:5b:ad:81:55:7b: 77:2d:cc:6b:1e:1d:8a:a8:77:ba:23:ec:b5:2a:48: 87:2b:de:9a:48:7c:bc:4d:00:9c:e8:3e:b6:7b:b8: 2c:57:e3:06:e6:1e:65:54:8e:48:2d:1f:3d:91:80: fe:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:82:FA:C3:D6:D5:D0:90:C5:80:0E:4F:2F:50:E4:4D:D5:59:80:80 X509v3 Authority Key Identifier: keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:e4:fd:57:c6:ab:54:23:a4:b6:83:d3:22:a3:f4:b9:98:22: 61:ea:b3:fa:6d:82:c5:7d:44:68:a3:62:85:bd:51:46:f0:fc: 7b:03:1b:c4:74:8e:16:a0:39:53:ed:1d:1d:ab:a2:3f:79:82: 83:9a:7d:f2:78:51:d5:10:17:49:36:a2:85:07:58:4e:7c:c7: c8:87:52:f1:e7:18:9b:9e:0e:6b:af:6d:b5:35:a5:8e:97:3c: 13:30:41:74:91:36:85:8d:6d:d4:37:ce:24:7d:c8:8c:0e:ab: 47:b2:19:c2:5a:4d:00:09:8f:07:48:7a:a7:58:fe:4f:cb:33: 9b:ae:f4:ff:d2:fd:d1:04:5f:3e:b3:f1:19:07:9a:92:d4:b4: cb:28:56:5f:ca:75:aa:c1:56:c7:e8:6c:f7:58:ce:b8:e2:7d: d6:39:73:27:88:8a:49:ae:1b:84:dc:5f:74:22:fc:20:2b:1c: 41:41:de:98:31:12:03:af:a2:0b:b8:f1:cb:22:b3:3a:37:4e: af:bf:f6:a7:88:db:e3:aa:10:3f:48:da:78:98:71:f4:62:50: d7:6b:11:42:36:66:e5:e2:80:fe:88:42:7b:97:4d:8a:8e:07: 9e:92:40:48:9b:64:45:fd:82:f6:ba:f4:1c:e9:46:c0:b2:f4: cd:c3:86:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6KQOk/gdI9yxD0rBbAXdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy MGYzMzQwHhcNMjUxMjE4MTAwMTUxWhcNMjUxMjE5MTAwMTUxWjAzMTEwLwYDVQQD EyhlZDgyZmFjM2Q2ZDVkMDkwYzU4MDBlNGYyZjUwZTQ0ZGQ1NTk4MDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9aSK97k8Ocaz62jiNglgK4Bq5iT w4C+5DgOsrLH9Gk1GdSDTCIxDWyEElDjvtD7JnjFCi/FfesGuojgE0llqA9wLBNL XQ/YQ6faG2tQqk250A6TpGf5nbXaq6/UhRh7Q62j4aga7EABEpLxA9uUknA7SdcX uZCtf+ukEeXRIcwGol9tqKy8NzEufWC6X/5xHLzUK9YNKpXCBm3Tst266l4LWWRY /X/kJKzRkdeoVIX7kjxH3cbPFm2+YyfwaOmwLvKQF76ZXcS97eFeW62BVXt3Lcxr Hh2KqHe6I+y1KkiHK96aSHy8TQCc6D62e7gsV+MG5h5lVI5ILR89kYD+KQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2C+sPW1dCQxYAOTy9Q5E3VWYCAMB8GA1UdIwQY MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZuT9V8ar VCOktoPTIqP0uZgiYeqz+m2CxX1EaKNihb1RRvD8ewMbxHSOFqA5U+0dHauiP3mC g5p98nhR1RAXSTaihQdYTnzHyIdS8ecYm54Oa69ttTWljpc8EzBBdJE2hY1t1DfO JH3IjA6rR7IZwlpNAAmPB0h6p1j+T8szm670/9L90QRfPrPxGQeaktS0yyhWX8p1 qsFWx+hs91jOuOJ91jlzJ4iKSa4bhNxfdCL8ICscQUHemDESA6+iC7jxyyKzOjdO r7/2p4jb46oQP0jaeJhx9GJQ12sRQjZm5eKA/ohCe5dNio4HnpJASJtkRf2C9rr0 HOlGwLL0zcOGVA== -----END CERTIFICATE-----Generated at Thu Dec 18 11:53:54 2025 by rpki-client