This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft File: ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json) Hash identifier: PF0fxlRNC6l7S0NAwf3X3K19wQKT/7z1lxt5OIxCbag= Subject key identifier: 66:BE:55:14:62:DF:75:A4:B5:FD:C5:50:67:5E:7B:79:E8:97:51:CA Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85 Certificate issuer: /CN=3831f9aa50cefe825da5f90da67b303254a9db85 Certificate serial: 019B4F297FE83762F85CD436422DB0454910 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft Manifest number: 0BA1 Signing time: Wed 24 Dec 2025 07:01:18 +0000 Manifest this update: Wed 24 Dec 2025 07:01:18 +0000 Manifest next update: Thu 25 Dec 2025 07:01:18 +0000 Files and hashes: 1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: QKN4KyILM2RPSp75swh6E0p3REQ7MO8ECN6GQq353c8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 07:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:29:7f:e8:37:62:f8:5c:d4:36:42:2d:b0:45:49:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85 Validity Not Before: Dec 24 07:01:18 2025 GMT Not After : Dec 25 07:01:18 2025 GMT Subject: CN=66be551462df75a4b5fdc550675e7b79e89751ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:8b:65:ab:2a:3f:10:1c:59:e8:21:3a:0f:82: 33:04:91:43:1e:5e:dd:38:b5:a7:60:b4:cd:d5:6c: dd:7a:93:b6:b3:5e:2f:3d:5a:7b:30:51:08:61:c3: 4c:ea:c5:f4:05:6c:ab:2b:34:07:4e:ca:40:b2:b5: 4d:43:96:26:78:39:d0:0e:0e:10:1b:cd:35:da:a3: 5c:4f:d3:83:75:2b:e6:3d:87:30:09:12:c5:c1:8d: 97:47:41:83:2e:67:3d:27:9f:c8:f5:4c:91:91:a7: b8:86:1c:1e:df:6f:09:04:b7:b4:ea:a1:3f:c9:6c: ff:4b:87:4e:35:3a:97:a5:02:23:ca:d9:77:14:a5: 25:cb:9e:c6:cd:86:b6:9b:ac:87:de:a9:cd:e5:2b: 35:d5:71:0b:67:ec:86:59:25:98:4a:96:ba:1b:f7: b4:bf:75:a9:99:ec:47:ae:6d:22:cb:22:5a:64:37: e3:13:bb:dd:5a:36:92:f4:22:61:1f:f9:db:87:3d: ff:ff:c1:3c:a9:94:36:35:5e:8a:23:3c:a5:d1:4f: ee:68:26:42:cc:65:24:06:47:61:7c:4b:c9:ad:75: 96:f6:30:12:d8:90:55:27:d3:bd:e0:22:3f:c8:8a: fb:5c:62:92:5e:47:66:a4:05:28:6d:fa:7d:19:40: 03:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:BE:55:14:62:DF:75:A4:B5:FD:C5:50:67:5E:7B:79:E8:97:51:CA X509v3 Authority Key Identifier: keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:94:1a:ee:23:fc:f4:26:88:59:57:6d:04:b7:64:83:96:2a: ba:da:73:21:8e:48:27:0b:53:a2:0c:8c:25:31:c0:f4:56:0f: dd:b3:a4:4b:f4:31:a3:81:51:a3:c0:26:99:60:ae:97:a7:62: b5:2c:fe:80:ff:f4:3e:3d:ce:4d:01:8f:22:57:6c:e3:7b:5e: cb:f7:e2:ee:2c:a5:c3:d4:86:9a:c2:40:75:a4:df:7e:3d:c4: b2:2e:02:ae:d0:e4:bc:ae:91:18:e7:70:1e:32:d2:ae:3c:e2: ac:57:cf:1d:b0:77:66:ff:51:9d:42:17:d8:d6:ed:7b:b9:5b: 01:cd:c4:74:21:df:3d:ad:72:23:58:34:f9:5b:9b:f6:e6:32: 94:47:ef:41:a7:21:9e:14:06:46:0f:d1:6d:b2:38:27:b4:cb: 5e:c6:c4:6a:a1:1b:6d:27:a0:41:ee:d1:01:d1:a0:37:14:83: 06:59:ee:b1:1d:8b:ba:0e:e4:0a:63:3d:12:30:a5:89:92:37: cd:74:a3:ff:70:9e:ca:45:52:d9:ff:b2:b2:5a:51:3f:89:af: 77:ab:32:c7:99:7f:5c:b6:4b:b7:71:9b:42:09:1c:c5:f1:85: fd:93:15:a0:28:d9:ab:c8:52:e7:18:ae:d2:60:fe:2d:d4:07: 05:e4:37:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPKX/oN2L4XNQ2Qi2wRUkQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh OWRiODUwHhcNMjUxMjI0MDcwMTE4WhcNMjUxMjI1MDcwMTE4WjAzMTEwLwYDVQQD Eyg2NmJlNTUxNDYyZGY3NWE0YjVmZGM1NTA2NzVlN2I3OWU4OTc1MWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvotlqyo/EBxZ6CE6D4IzBJFDHl7d OLWnYLTN1WzdepO2s14vPVp7MFEIYcNM6sX0BWyrKzQHTspAsrVNQ5YmeDnQDg4Q G8012qNcT9ODdSvmPYcwCRLFwY2XR0GDLmc9J5/I9UyRkae4hhwe328JBLe06qE/ yWz/S4dONTqXpQIjytl3FKUly57GzYa2m6yH3qnN5Ss11XELZ+yGWSWYSpa6G/e0 v3WpmexHrm0iyyJaZDfjE7vdWjaS9CJhH/nbhz3//8E8qZQ2NV6KIzyl0U/uaCZC zGUkBkdhfEvJrXWW9jAS2JBVJ9O94CI/yIr7XGKSXkdmpAUobfp9GUADRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGa+VRRi33Wktf3FUGdee3nol1HKMB8GA1UdIwQY MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5Qa7iP8 9CaIWVdtBLdkg5YqutpzIY5IJwtTogyMJTHA9FYP3bOkS/Qxo4FRo8AmmWCul6di tSz+gP/0Pj3OTQGPIlds43tey/fi7iylw9SGmsJAdaTffj3Esi4CrtDkvK6RGOdw HjLSrjzirFfPHbB3Zv9RnUIX2Nbte7lbAc3EdCHfPa1yI1g0+Vub9uYylEfvQach nhQGRg/RbbI4J7TLXsbEaqEbbSegQe7RAdGgNxSDBlnusR2Lug7kCmM9EjCliZI3 zXSj/3CeykVS2f+yslpRP4mvd6syx5l/XLZLt3GbQgkcxfGF/ZMVoCjZq8hS5xiu 0mD+LdQHBeQ36g== -----END CERTIFICATE-----Generated at Wed Dec 24 11:26:38 2025 by rpki-client