This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft File: 1ots-3IKfJKhgMphS9sO2h8evp0.mft (raw, json) Hash identifier: zeofkIcqqyIdrVdfbkDajaMfibkGJHwaCUfcrr0Kn1w= Subject key identifier: A3:92:98:38:3E:71:D9:10:2E:FB:0D:F8:DA:12:EF:C8:A3:38:46:DF Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D Certificate issuer: /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d Certificate serial: 019B51F3578DFFFFDFF2BB0E096DBB09AC86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft Manifest number: 0D92 Signing time: Wed 24 Dec 2025 20:01:00 +0000 Manifest this update: Wed 24 Dec 2025 20:01:00 +0000 Manifest next update: Thu 25 Dec 2025 20:01:00 +0000 Files and hashes: 1: 1ots-3IKfJKhgMphS9sO2h8evp0.crl (hash: I5OzAAa6Abv9D+3luYk/dpSzYebTL4as67gC+4R3UpM=) 2: iN4kY7sCfzKOl-coUiFvOhD6wg4.roa (hash: ZI3B1VaDQ0JfOlPoqiW79rOHU3ymg8mbnEbUM636Uvw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:f3:57:8d:ff:ff:df:f2:bb:0e:09:6d:bb:09:ac:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d Validity Not Before: Dec 24 20:01:00 2025 GMT Not After : Dec 25 20:01:00 2025 GMT Subject: CN=a39298383e71d9102efb0df8da12efc8a33846df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d1:82:29:42:ee:bd:16:ae:21:4c:22:7e:29: 66:aa:ff:1d:6e:8e:89:fd:6d:74:ca:4c:09:35:7b: dd:d2:36:b7:60:ec:72:64:fa:8f:50:89:46:47:0d: 69:cf:a6:67:79:aa:66:2d:78:ce:c0:cf:ef:f9:09: 8a:79:a0:24:d1:9b:17:9e:f7:dd:4e:46:6a:02:13: 82:23:5c:8f:fa:18:d1:5c:dc:e6:4c:2e:0a:63:b8: 4d:f5:d5:29:9a:0e:79:43:33:c9:b7:36:6e:cb:25: 18:24:44:33:34:3a:60:5c:4c:ce:90:63:d4:c2:6a: b4:03:0a:df:65:b1:87:de:e4:10:56:9d:d3:9d:3a: f8:fd:12:6d:e3:31:d5:bf:a3:4f:a7:64:9a:52:7b: bf:de:ce:e4:e5:00:81:dc:43:ff:98:e6:c5:79:f9: f9:14:0d:fa:c7:6c:06:36:b5:7f:d8:5d:d5:2b:c6: d7:65:94:33:2a:e4:6a:b4:15:c9:09:29:36:0b:13: 28:65:7f:89:e9:55:55:cd:af:0e:d4:6e:fc:19:6d: 5c:98:8a:cd:9c:88:08:ee:b5:06:1c:21:dd:00:1e: 0d:ce:45:24:3b:1f:d3:9b:e7:4f:e9:57:40:db:bf: 81:87:0c:46:a6:9d:1e:7d:d5:65:5a:51:59:a3:53: ef:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:92:98:38:3E:71:D9:10:2E:FB:0D:F8:DA:12:EF:C8:A3:38:46:DF X509v3 Authority Key Identifier: keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:ab:f7:cf:1c:74:23:6e:e4:9d:ba:84:33:fb:6d:c6:3b:b5: 22:33:07:47:7b:4a:4a:6a:54:92:f0:92:14:e0:0b:8f:39:9e: b0:2f:b1:18:04:65:13:87:ac:76:49:71:49:e0:ca:f8:be:6e: 21:67:93:41:b5:9d:a6:3d:ce:ff:1a:27:85:38:1e:3e:f4:9e: 10:12:8d:d2:bf:d0:68:b1:77:e7:7f:0b:4e:e4:2d:f4:41:02: 21:78:5d:3b:1a:b4:a2:49:e5:a1:48:34:5f:7f:7f:a4:36:a0: 8f:37:35:53:6c:28:53:15:3b:26:06:e6:67:c0:f3:6f:f7:bb: 02:bc:c1:c5:a2:62:44:b2:75:de:6c:b1:bb:85:3b:61:be:09: 7b:56:7e:49:69:b9:3b:0c:5e:d4:1b:e6:ab:a6:8f:2e:68:8c: 81:8e:85:db:8a:1c:dc:10:5e:84:b3:b4:3b:b4:21:e6:29:c5: bf:23:6d:25:1d:b8:e8:b4:ed:c6:95:ec:6f:5a:f3:8a:ba:a8: b3:8c:00:a8:38:b3:79:b2:56:45:6e:b7:09:ef:4e:02:4d:22: ce:7e:07:b2:0c:ff:8c:e6:bb:e5:f4:a5:8a:01:4a:bb:a5:4f: 8e:e5:d5:76:c0:6e:ad:da:c0:d0:c2:ba:b4:e1:c0:07:77:e0: 02:49:de:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtR81eN///f8rsOCW27CayGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx ZWJlOWQwHhcNMjUxMjI0MjAwMTAwWhcNMjUxMjI1MjAwMTAwWjAzMTEwLwYDVQQD EyhhMzkyOTgzODNlNzFkOTEwMmVmYjBkZjhkYTEyZWZjOGEzMzg0NmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNGCKULuvRauIUwifilmqv8dbo6J /W10ykwJNXvd0ja3YOxyZPqPUIlGRw1pz6ZneapmLXjOwM/v+QmKeaAk0ZsXnvfd TkZqAhOCI1yP+hjRXNzmTC4KY7hN9dUpmg55QzPJtzZuyyUYJEQzNDpgXEzOkGPU wmq0AwrfZbGH3uQQVp3TnTr4/RJt4zHVv6NPp2SaUnu/3s7k5QCB3EP/mObFefn5 FA36x2wGNrV/2F3VK8bXZZQzKuRqtBXJCSk2CxMoZX+J6VVVza8O1G78GW1cmIrN nIgI7rUGHCHdAB4NzkUkOx/Tm+dP6VdA27+BhwxGpp0efdVlWlFZo1PvGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKOSmDg+cdkQLvsN+NoS78ijOEbfMB8GA1UdIwQY MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt MzNlMzE5YTQ1NGVmLzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKv3zxx0 I27knbqEM/ttxju1IjMHR3tKSmpUkvCSFOALjzmesC+xGARlE4esdklxSeDK+L5u IWeTQbWdpj3O/xonhTgePvSeEBKN0r/QaLF3538LTuQt9EECIXhdOxq0oknloUg0 X39/pDagjzc1U2woUxU7JgbmZ8Dzb/e7ArzBxaJiRLJ13myxu4U7Yb4Je1Z+SWm5 Owxe1Bvmq6aPLmiMgY6F24oc3BBehLO0O7Qh5inFvyNtJR246LTtxpXsb1rzirqo s4wAqDizebJWRW63Ce9OAk0izn4Hsgz/jOa75fSligFKu6VPjuXVdsBurdrA0MK6 tOHAB3fgAkneOw== -----END CERTIFICATE-----Generated at Thu Dec 25 02:39:19 2025 by rpki-client