This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json) Hash identifier: K1jkjF5Fp0hyoHfu/m202Tn1pk6/JNaA1cna0CDhJHA= Subject key identifier: A6:2F:72:CA:FC:DC:7F:BA:4E:37:64:3C:0E:6B:D6:46:C8:3C:35:6E Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d Certificate serial: 019B465CE4188BB50351D3B594CC4CB59B6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft Manifest number: 0D8C Signing time: Mon 22 Dec 2025 14:00:51 +0000 Manifest this update: Mon 22 Dec 2025 14:00:51 +0000 Manifest next update: Tue 23 Dec 2025 14:00:51 +0000 Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: 069LCjHfbqYb66QhQlZKNOOPC5tX3IeT+E1lPzy3/8A=) 2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:5c:e4:18:8b:b5:03:51:d3:b5:94:cc:4c:b5:9b:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d Validity Not Before: Dec 22 14:00:51 2025 GMT Not After : Dec 23 14:00:51 2025 GMT Subject: CN=a62f72cafcdc7fba4e37643c0e6bd646c83c356e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:2f:2d:2e:09:8f:6f:f3:bb:a3:4f:82:d8:a7: a5:2f:a3:f7:ea:b7:d4:c9:5a:60:c8:d3:51:56:f1: f4:43:96:d7:53:58:67:67:3b:22:f0:6e:8d:f8:f6: 61:e6:4d:92:69:19:91:24:7b:01:fa:3e:ea:01:ca: 3c:f7:b7:12:c5:54:a0:d3:c8:67:f9:35:77:d9:4e: 59:4e:60:3a:2c:68:a2:ec:dd:25:73:0d:6f:d5:39: 97:cf:01:58:1c:1d:37:46:10:95:92:32:0f:11:35: 7c:51:0d:21:4d:9f:63:ec:0b:1c:77:20:5f:b4:97: 18:06:80:ee:a8:81:fa:a9:d9:94:1c:49:0a:d9:9c: 5b:d5:b0:42:98:8c:f3:ac:9a:1f:7d:ba:0b:42:e3: 1f:1c:2f:b3:4c:9e:43:bf:20:62:dc:ca:38:cd:00: 8f:21:b8:57:0e:82:15:b7:81:80:7d:ec:f3:2a:f4: 15:49:8e:67:e8:53:47:06:5a:e3:76:b8:fc:86:18: c2:16:ca:d8:7b:ce:f9:a1:70:58:11:c7:93:55:49: 5c:58:2e:82:ba:f3:45:11:53:da:01:19:4a:23:14: ea:44:f3:9d:01:5c:82:da:28:fd:ba:25:13:95:c7: 8a:1c:90:dc:2f:6b:4d:13:df:6b:d3:66:e1:0c:20: 18:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:2F:72:CA:FC:DC:7F:BA:4E:37:64:3C:0E:6B:D6:46:C8:3C:35:6E X509v3 Authority Key Identifier: keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:44:e0:7c:49:bd:db:6f:17:8a:b3:36:fe:7e:c7:14:77:c2: dd:d7:63:03:4b:80:45:33:e1:45:9e:60:e6:7d:95:f7:ba:03: 54:5f:ac:6f:9a:4c:36:30:7c:2e:e7:bf:40:46:c3:c6:96:f7: 88:c7:14:ea:41:db:eb:c2:1c:52:db:bf:5d:e2:6a:8b:f9:3e: 82:f3:c3:49:ba:6b:19:aa:cb:56:a8:0a:ba:71:68:a7:97:08: f3:cc:d7:c2:cf:1b:42:fd:e0:f6:1c:6a:df:c2:62:e2:c5:8d: bd:da:d8:90:d9:8c:7e:d5:6e:dc:4c:86:ca:f7:b7:7c:4f:72: 00:8c:91:19:49:ea:e3:47:8f:d3:da:97:71:23:7e:9d:4f:b2: e0:7d:22:ef:60:93:e4:28:a7:10:23:9d:ff:c3:ac:59:e8:bc: 7f:b8:66:f8:04:94:3a:91:8b:63:41:cf:63:81:73:a7:5a:df: be:c1:15:f3:1f:7c:24:09:fb:90:74:5d:d2:7e:91:9d:2d:00: dd:ad:bd:7d:de:d9:bd:53:02:f1:3f:7a:5d:58:20:2c:9d:9f: c6:16:29:12:17:c4:d2:54:8a:5d:64:48:bd:b2:d9:49:a5:b5: d7:3c:34:a0:ba:2f:98:7c:40:8c:46:bb:2c:b6:57:ef:c4:d4: f8:88:d6:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGXOQYi7UDUdO1lMxMtZttMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx ZWJlOWQwHhcNMjUxMjIyMTQwMDUxWhcNMjUxMjIzMTQwMDUxWjAzMTEwLwYDVQQD EyhhNjJmNzJjYWZjZGM3ZmJhNGUzNzY0M2MwZTZiZDY0NmM4M2MzNTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy8tLgmPb/O7o0+C2KelL6P36rfU yVpgyNNRVvH0Q5bXU1hnZzsi8G6N+PZh5k2SaRmRJHsB+j7qAco897cSxVSg08hn +TV32U5ZTmA6LGii7N0lcw1v1TmXzwFYHB03RhCVkjIPETV8UQ0hTZ9j7AscdyBf tJcYBoDuqIH6qdmUHEkK2Zxb1bBCmIzzrJoffboLQuMfHC+zTJ5DvyBi3Mo4zQCP IbhXDoIVt4GAfezzKvQVSY5n6FNHBlrjdrj8hhjCFsrYe875oXBYEceTVUlcWC6C uvNFEVPaARlKIxTqRPOdAVyC2ij9uiUTlceKHJDcL2tNE99r02bhDCAYEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKYvcsr83H+6TjdkPA5r1kbIPDVuMB8GA1UdIwQY MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeUTgfEm9 228XirM2/n7HFHfC3ddjA0uARTPhRZ5g5n2V97oDVF+sb5pMNjB8Lue/QEbDxpb3 iMcU6kHb68IcUtu/XeJqi/k+gvPDSbprGarLVqgKunFop5cI88zXws8bQv3g9hxq 38Ji4sWNvdrYkNmMftVu3EyGyve3fE9yAIyRGUnq40eP09qXcSN+nU+y4H0i72CT 5CinECOd/8OsWei8f7hm+ASUOpGLY0HPY4Fzp1rfvsEV8x98JAn7kHRd0n6RnS0A 3a29fd7ZvVMC8T96XVggLJ2fxhYpEhfE0lSKXWRIvbLZSaW11zw0oLovmHxAjEa7 LLZX78TU+IjWAA== -----END CERTIFICATE-----Generated at Mon Dec 22 15:43:46 2025 by rpki-client