This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.mft (raw, json) Hash identifier: lJx2c0xuLWBKLH44UlitOSxUN0D0h8JMiBrwSk7t/AI= Subject key identifier: ED:93:3A:8B:18:C2:DC:99:AB:F2:A5:5E:CE:00:7B:F0:3A:E3:CD:ED Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52 Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52 Certificate serial: 019B552B2DD0A72B68239675F132831CB8E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft Manifest number: 1795 Signing time: Thu 25 Dec 2025 11:00:51 +0000 Manifest this update: Thu 25 Dec 2025 11:00:51 +0000 Manifest next update: Fri 26 Dec 2025 11:00:51 +0000 Files and hashes: 1: _OTzlnKb9HjmNlSYIfb2lw2JP1I.crl (hash: lgXfD83WBT6Y/NlCtaxw0a3BmdvezNb+gDoO5TP7ymI=) 2: adNqeNQUFWI4IAHxy1r153UdECA.roa (hash: xLvUeb8ak+yii4A1TZl7dHrog2mgx9j4/AxydjM8K8Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:2b:2d:d0:a7:2b:68:23:96:75:f1:32:83:1c:b8:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52 Validity Not Before: Dec 25 11:00:51 2025 GMT Not After : Dec 26 11:00:51 2025 GMT Subject: CN=ed933a8b18c2dc99abf2a55ece007bf03ae3cded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:cc:87:f8:44:ae:88:c1:f3:06:23:f2:60:37: 06:41:72:e6:04:d9:2e:eb:61:53:96:49:4c:33:a2: 1b:5c:fc:f2:d5:e9:1f:e6:d9:f5:b9:4f:bf:d0:13: 2c:11:6a:35:68:14:9e:15:2f:57:f0:c1:6d:01:7e: c3:6b:26:4e:e1:1b:76:f4:ab:a4:de:25:0d:93:cf: 4b:68:1a:1c:d3:f4:43:51:c3:15:d3:61:4b:ed:5f: e5:4b:e2:1e:09:6e:c4:7d:f4:9c:82:4c:df:65:cb: 1f:a3:a1:8d:bb:70:e2:14:93:5d:cd:cc:9c:aa:4b: 5c:3d:72:49:e0:a4:39:13:8f:28:b9:50:bf:71:d9: 99:5b:19:a7:9f:c3:8b:5a:81:ea:2b:eb:84:aa:3f: 8a:21:d1:4f:7a:d0:3c:cd:df:b4:90:a4:a1:9c:0d: b7:ba:88:f6:85:d6:bb:e5:3e:5d:31:9b:af:04:c6: 07:78:f0:92:51:9a:58:5a:9d:7a:f6:95:10:da:52: 21:ee:0e:a6:a0:cd:cd:c2:61:50:3d:c6:79:46:dc: c7:1e:a8:2e:63:23:b5:73:69:4b:ab:e1:7f:12:be: 16:60:87:48:a8:64:75:b4:cf:02:f8:55:55:ad:34: f5:b7:84:55:6b:92:0b:07:17:7c:5a:b5:e1:44:ec: 82:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:93:3A:8B:18:C2:DC:99:AB:F2:A5:5E:CE:00:7B:F0:3A:E3:CD:ED X509v3 Authority Key Identifier: keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:b0:cd:25:db:80:00:31:a4:72:1f:b9:cb:49:80:37:27:dd: 4d:21:02:1c:d4:7e:a7:91:5b:63:30:26:d3:c6:83:8c:b5:ce: ce:db:58:9b:f6:a9:e9:ec:dd:d4:60:ff:74:6f:ed:da:54:e3: 6c:73:88:01:bd:9c:c0:e0:ec:61:9e:25:5b:0b:fc:8d:de:81: e0:10:f6:4f:10:0c:5b:cf:c0:35:e7:87:3b:a2:72:31:18:78: de:5b:b8:10:75:b4:42:02:fb:a6:e7:4a:b5:84:b3:be:04:de: 10:97:8a:aa:6f:e1:ca:12:c0:b2:5a:ea:6e:ef:1e:2a:d4:3d: df:c2:de:c6:b7:d6:0d:d0:c2:c6:d0:65:3e:ec:35:01:6f:75: 87:0a:8d:08:0c:32:7e:0d:5e:24:82:20:3f:57:51:d4:2f:3b: e5:fc:d5:6b:e2:06:85:ec:10:fa:7d:da:3f:e4:b7:3d:b8:68: 70:f0:9d:3b:bd:53:48:75:6d:6a:59:d4:89:b7:ed:58:02:52: e8:eb:f0:8d:01:ea:cf:9f:a7:62:d7:35:fc:53:d6:df:52:fd: a6:4d:53:25:53:a3:7c:ac:41:fb:05:61:81:90:f2:ac:58:22: a5:db:3f:0d:fe:13:a9:aa:28:59:d0:f4:bf:8d:3f:cf:79:fb: c9:4f:54:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVKy3QpytoI5Z18TKDHLjoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4 OTNmNTIwHhcNMjUxMjI1MTEwMDUxWhcNMjUxMjI2MTEwMDUxWjAzMTEwLwYDVQQD EyhlZDkzM2E4YjE4YzJkYzk5YWJmMmE1NWVjZTAwN2JmMDNhZTNjZGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscyH+ESuiMHzBiPyYDcGQXLmBNku 62FTlklMM6IbXPzy1ekf5tn1uU+/0BMsEWo1aBSeFS9X8MFtAX7DayZO4Rt29Kuk 3iUNk89LaBoc0/RDUcMV02FL7V/lS+IeCW7EffScgkzfZcsfo6GNu3DiFJNdzcyc qktcPXJJ4KQ5E48ouVC/cdmZWxmnn8OLWoHqK+uEqj+KIdFPetA8zd+0kKShnA23 uoj2hda75T5dMZuvBMYHePCSUZpYWp169pUQ2lIh7g6moM3NwmFQPcZ5RtzHHqgu YyO1c2lLq+F/Er4WYIdIqGR1tM8C+FVVrTT1t4RVa5ILBxd8WrXhROyCbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2TOosYwtyZq/KlXs4Ae/A6483tMB8GA1UdIwQY MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt OGM3MGRlOWU5YjlkLzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7DNJduA ADGkch+5y0mANyfdTSECHNR+p5FbYzAm08aDjLXOzttYm/ap6ezd1GD/dG/t2lTj bHOIAb2cwODsYZ4lWwv8jd6B4BD2TxAMW8/ANeeHO6JyMRh43lu4EHW0QgL7pudK tYSzvgTeEJeKqm/hyhLAslrqbu8eKtQ938LexrfWDdDCxtBlPuw1AW91hwqNCAwy fg1eJIIgP1dR1C875fzVa+IGhewQ+n3aP+S3PbhocPCdO71TSHVtalnUibftWAJS 6OvwjQHqz5+nYtc1/FPW31L9pk1TJVOjfKxB+wVhgZDyrFgipds/Df4TqaooWdD0 v40/z3n7yU9UKQ== -----END CERTIFICATE-----Generated at Thu Dec 25 14:02:17 2025 by rpki-client