This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft File: OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft (raw, json) Hash identifier: D605IgFJ/zSyC1sbtOwvb7kqtmGfUTXcLFYUPoZaOa0= Subject key identifier: 74:A3:7D:7F:B4:AE:62:66:F9:38:88:04:BB:96:4E:EC:A9:69:C1:93 Authority key identifier: 39:34:88:67:DC:B2:95:6A:CA:65:D0:83:48:E4:40:D4:72:7A:37:43 Certificate issuer: /CN=39348867dcb2956aca65d08348e440d4727a3743 Certificate serial: 019B435C3E48AF14C7C38AD46A6DE1E8F43E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft Manifest number: 052F Signing time: Mon 22 Dec 2025 00:01:17 +0000 Manifest this update: Mon 22 Dec 2025 00:01:17 +0000 Manifest next update: Tue 23 Dec 2025 00:01:17 +0000 Files and hashes: 1: OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl (hash: cJFayuZl29jbRgMzNNV8AJ3xKzWKipAeH1llbOWceFU=) 2: c6YXeFcziXYV8oA7IxxFWWIl7jo.roa (hash: 772kO8FIL8B9L379YEWTLwC21iJYKEhsMHuMIDdHwY4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5c:3e:48:af:14:c7:c3:8a:d4:6a:6d:e1:e8:f4:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39348867dcb2956aca65d08348e440d4727a3743 Validity Not Before: Dec 22 00:01:17 2025 GMT Not After : Dec 23 00:01:17 2025 GMT Subject: CN=74a37d7fb4ae6266f9388804bb964eeca969c193 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:f0:2a:1b:81:41:cd:b2:94:f7:1a:e0:a6:7b: 21:36:cc:37:1d:9a:45:22:86:94:1b:30:9e:ef:b8: d2:9e:cb:c2:6d:d5:fb:ed:00:e7:d6:59:8c:ad:7e: 46:0b:82:b0:ef:06:50:7d:8f:89:ab:98:0f:0b:38: e5:11:45:40:a7:22:d0:23:18:a4:52:59:da:ec:a9: 51:ee:20:91:bd:ff:b0:32:89:b6:22:b5:f6:f5:fa: 85:52:b4:66:7e:df:83:d9:89:47:3d:82:41:af:5a: 1c:5b:17:1c:5f:44:7e:ec:45:8e:b0:31:a2:a4:15: 6c:0d:97:d9:50:4e:ca:97:57:0f:cf:eb:cb:6c:bb: 3b:07:4c:2d:42:eb:c6:20:9a:41:c0:84:ce:5f:6c: da:b9:1c:25:2c:55:3b:ea:01:e5:61:2f:c8:ec:59: 23:cf:8a:4f:57:81:a2:09:e7:15:4c:b6:70:12:bd: fa:94:fb:57:fa:7f:20:76:20:05:30:00:82:e3:69: a4:09:f6:77:bb:6c:6b:f7:15:0b:12:45:ec:b0:66: 7f:d5:30:32:c6:bc:26:82:b4:ec:96:55:3a:97:e7: 03:9e:89:54:97:36:7c:e3:6c:6b:ed:16:82:34:9b: 57:4d:d5:88:41:9e:e8:95:85:f3:86:8a:a2:8e:a0: a6:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:A3:7D:7F:B4:AE:62:66:F9:38:88:04:BB:96:4E:EC:A9:69:C1:93 X509v3 Authority Key Identifier: keyid:39:34:88:67:DC:B2:95:6A:CA:65:D0:83:48:E4:40:D4:72:7A:37:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTSIZ9yylWrKZdCDSORA1HJ6N0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1dffe1-c8ff-466b-9dc2-bfc6f48e96ab/1/OTSIZ9yylWrKZdCDSORA1HJ6N0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:f4:6a:e7:53:b9:c2:00:d9:f4:db:81:56:2d:e2:6e:23:76: 1d:f3:16:26:09:51:60:40:93:30:72:94:88:00:d0:51:c2:47: ab:4c:78:97:a6:a4:80:87:15:11:d8:d0:4c:4c:b0:4b:3a:b2: 30:12:c3:19:e2:c1:8b:e3:7a:4c:a4:fd:f9:31:f8:a7:e5:a2: 8d:0e:b6:7f:a7:d7:0d:2c:05:75:e8:5e:cb:d4:d9:92:e3:67: 29:d2:18:a7:94:f7:af:6b:15:5a:f7:69:0a:34:d3:e3:e3:12: 01:54:47:71:3f:b9:07:46:3b:d2:74:cf:9a:9d:26:4e:8a:86: bc:06:c3:66:60:0e:92:73:2a:45:18:ef:36:1b:93:b1:4e:eb: 8a:c8:49:d6:97:66:22:a2:85:59:44:c8:8f:f4:f3:a3:52:ef: cc:74:9b:0b:e6:87:75:7c:47:32:4e:d9:2b:3b:ac:61:b3:a2: 32:e4:aa:de:73:77:c8:db:51:9b:76:66:0b:77:a2:1f:e4:19: 58:e4:d7:22:be:28:53:c5:0a:ab:53:5b:b1:18:fd:ea:ab:dc: 48:f9:be:50:97:15:e3:1d:9f:20:d5:38:6c:83:4e:09:4b:cd: ea:6f:2c:ab:5b:89:c0:0a:c3:77:57:6c:07:fe:b5:6e:af:08: 16:9b:5c:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDXD5IrxTHw4rUam3h6PQ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzQ4ODY3ZGNiMjk1NmFjYTY1ZDA4MzQ4ZTQ0MGQ0NzI3 YTM3NDMwHhcNMjUxMjIyMDAwMTE3WhcNMjUxMjIzMDAwMTE3WjAzMTEwLwYDVQQD Eyg3NGEzN2Q3ZmI0YWU2MjY2ZjkzODg4MDRiYjk2NGVlY2E5NjljMTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPAqG4FBzbKU9xrgpnshNsw3HZpF IoaUGzCe77jSnsvCbdX77QDn1lmMrX5GC4Kw7wZQfY+Jq5gPCzjlEUVApyLQIxik Ulna7KlR7iCRvf+wMom2IrX29fqFUrRmft+D2YlHPYJBr1ocWxccX0R+7EWOsDGi pBVsDZfZUE7Kl1cPz+vLbLs7B0wtQuvGIJpBwITOX2zauRwlLFU76gHlYS/I7Fkj z4pPV4GiCecVTLZwEr36lPtX+n8gdiAFMACC42mkCfZ3u2xr9xULEkXssGZ/1TAy xrwmgrTsllU6l+cDnolUlzZ842xr7RaCNJtXTdWIQZ7olYXzhoqijqCmsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSjfX+0rmJm+TiIBLuWTuypacGTMB8GA1UdIwQY MBaAFDk0iGfcspVqymXQg0jkQNRyejdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8xZGZmZTEtYzhmZi00NjZiLTlkYzIt YmZjNmY0OGU5NmFiLzEvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8xZGZmZTEtYzhmZi00NjZiLTlkYzItYmZjNmY0OGU5NmFi LzEvT1RTSVo5eXlsV3JLWmRDRFNPUkExSEo2TjBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEPRq51O5 wgDZ9NuBVi3ibiN2HfMWJglRYECTMHKUiADQUcJHq0x4l6akgIcVEdjQTEywSzqy MBLDGeLBi+N6TKT9+TH4p+WijQ62f6fXDSwFdehey9TZkuNnKdIYp5T3r2sVWvdp CjTT4+MSAVRHcT+5B0Y70nTPmp0mToqGvAbDZmAOknMqRRjvNhuTsU7rishJ1pdm IqKFWUTIj/Tzo1LvzHSbC+aHdXxHMk7ZKzusYbOiMuSq3nN3yNtRm3ZmC3eiH+QZ WOTXIr4oU8UKq1NbsRj96qvcSPm+UJcV4x2fINU4bINOCUvN6m8sq1uJwArDd1ds B/61bq8IFptcFw== -----END CERTIFICATE-----Generated at Mon Dec 22 06:27:12 2025 by rpki-client