This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json) Hash identifier: +Owq9LH4cWGbYY9kpWOQZPltsXsRVsgIl9qnQyWs8Y4= Subject key identifier: 9A:13:49:BB:16:DF:F3:E1:21:F2:36:B3:B8:8A:3C:8D:3A:FD:BC:F4 Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78 Certificate serial: 019B44A5BF6C90FCD3421535B645C2B2B2CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft Manifest number: 11DF Signing time: Mon 22 Dec 2025 06:01:11 +0000 Manifest this update: Mon 22 Dec 2025 06:01:11 +0000 Manifest next update: Tue 23 Dec 2025 06:01:11 +0000 Files and hashes: 1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: N3AQ6zQzciBXwdjgUi6wQqRlirzYPGqzfnYUWzIJgBA=) 2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:bf:6c:90:fc:d3:42:15:35:b6:45:c2:b2:b2:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78 Validity Not Before: Dec 22 06:01:11 2025 GMT Not After : Dec 23 06:01:11 2025 GMT Subject: CN=9a1349bb16dff3e121f236b3b88a3c8d3afdbcf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0b:00:3d:28:a9:c4:3a:9b:c5:59:dc:be:f4: 63:28:07:b5:b9:aa:c6:68:c2:57:d3:13:60:bb:06: 46:ec:e2:4c:f1:1e:40:df:4d:7a:4d:a6:fe:2a:9c: 0d:3e:cc:8a:ab:24:cd:61:44:01:4b:5d:18:ab:0a: c6:86:d1:de:31:98:dc:13:d2:64:c0:8e:2e:89:59: 66:5e:a1:a5:4e:76:4b:b5:42:f9:2c:02:d8:a2:68: 48:a3:94:66:10:22:b2:cd:ee:a4:7e:36:3a:bc:a9: 1f:44:6c:61:6e:15:aa:8e:e5:11:e4:2c:fc:5e:03: ce:cb:8a:8c:ef:7c:08:7c:d0:5e:55:7b:f7:b5:db: 9d:84:8b:51:93:c0:86:39:a4:ac:7c:de:85:47:7d: 15:8a:9a:3a:cc:a7:d9:b3:8a:4a:94:2c:27:24:b5: a7:47:95:43:b7:af:3a:26:20:64:6d:4b:a0:b0:23: ba:e0:99:05:62:4c:09:4b:46:54:fe:21:73:37:f7: f9:9b:1e:0a:06:56:17:b0:1c:27:e6:f7:7c:02:29: 32:a3:b5:8c:e9:76:64:08:02:c9:98:46:a7:11:08: 66:87:8d:b5:f3:e5:03:4d:ba:e1:e0:07:27:ff:3d: fc:a8:73:59:09:0f:28:b6:cd:9d:28:f9:e3:fe:97: 0a:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:13:49:BB:16:DF:F3:E1:21:F2:36:B3:B8:8A:3C:8D:3A:FD:BC:F4 X509v3 Authority Key Identifier: keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:8b:8c:ab:cc:ec:0f:b2:2c:60:d4:f1:a6:4e:cf:5c:44:43: 00:49:aa:d5:50:d9:d1:59:17:88:45:a7:a5:b7:6a:a8:46:b8: 5f:b2:6d:3a:05:17:ec:da:1b:65:27:77:ef:b6:5f:db:3b:7c: d9:d5:bb:71:55:67:d5:76:a6:f9:a7:76:b0:ec:67:97:6a:b4: 44:3e:34:5c:71:79:52:df:2a:6e:9f:d9:37:25:df:82:d2:f7: 7c:94:d8:fa:e9:f1:e2:93:fe:ff:71:0c:23:79:e3:96:32:75: 18:84:04:f3:e2:e3:1a:c5:0f:12:97:a4:fa:27:66:71:bd:d3: 15:0f:73:9c:06:e6:65:d7:09:52:ff:15:6a:cf:76:17:34:b6: 2d:f3:4d:34:43:4a:97:0a:06:0d:ff:a5:7d:31:98:cc:e4:d0: d3:36:7b:fe:10:d9:ed:56:3a:a3:2b:88:a9:c5:5b:3d:ad:8f: 7b:3c:a6:26:69:2f:f3:e6:12:a1:5d:d0:ac:58:ec:f5:46:80: 7b:a9:cf:e8:e1:11:22:41:10:7d:53:71:30:05:81:de:76:25: 36:eb:ad:b0:c8:99:96:60:53:f4:69:90:29:46:0d:42:fa:09: d8:b8:ad:0e:21:10:1b:7a:05:d5:f9:f6:d8:38:5c:1a:80:a1: 2a:c9:48:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpb9skPzTQhU1tkXCsrLLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz ODlhNzgwHhcNMjUxMjIyMDYwMTExWhcNMjUxMjIzMDYwMTExWjAzMTEwLwYDVQQD Eyg5YTEzNDliYjE2ZGZmM2UxMjFmMjM2YjNiODhhM2M4ZDNhZmRiY2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwsAPSipxDqbxVncvvRjKAe1uarG aMJX0xNguwZG7OJM8R5A3016Tab+KpwNPsyKqyTNYUQBS10YqwrGhtHeMZjcE9Jk wI4uiVlmXqGlTnZLtUL5LALYomhIo5RmECKyze6kfjY6vKkfRGxhbhWqjuUR5Cz8 XgPOy4qM73wIfNBeVXv3tdudhItRk8CGOaSsfN6FR30Vipo6zKfZs4pKlCwnJLWn R5VDt686JiBkbUugsCO64JkFYkwJS0ZU/iFzN/f5mx4KBlYXsBwn5vd8Aikyo7WM 6XZkCALJmEanEQhmh4218+UDTbrh4Acn/z38qHNZCQ8ots2dKPnj/pcKtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJoTSbsW3/PhIfI2s7iKPI06/bz0MB8GA1UdIwQY MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPIuMq8zs D7IsYNTxpk7PXERDAEmq1VDZ0VkXiEWnpbdqqEa4X7JtOgUX7NobZSd377Zf2zt8 2dW7cVVn1Xam+ad2sOxnl2q0RD40XHF5Ut8qbp/ZNyXfgtL3fJTY+unx4pP+/3EM I3njljJ1GIQE8+LjGsUPEpek+idmcb3TFQ9znAbmZdcJUv8Vas92FzS2LfNNNENK lwoGDf+lfTGYzOTQ0zZ7/hDZ7VY6oyuIqcVbPa2PezymJmkv8+YSoV3QrFjs9UaA e6nP6OERIkEQfVNxMAWB3nYlNuutsMiZlmBT9GmQKUYNQvoJ2LitDiEQG3oF1fn2 2DhcGoChKslItw== -----END CERTIFICATE-----Generated at Mon Dec 22 15:28:41 2025 by rpki-client