This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft File: OTba8DdWuvg7pPONvl1oy5us7_k.mft (raw, json) Hash identifier: 0qbAohNSjZIK/nUHJ6VqGaFSBw9NMvBPY93vGrW5Wno= Subject key identifier: A5:1F:DD:DF:EC:FC:76:F7:7A:40:39:9A:99:59:B0:46:0B:1D:AC:8E Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Certificate serial: 019B3AFD9CD6BB141D7A9E8E3BA095487E7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft Manifest number: 0941 Signing time: Sat 20 Dec 2025 09:00:57 +0000 Manifest this update: Sat 20 Dec 2025 09:00:57 +0000 Manifest next update: Sun 21 Dec 2025 09:00:57 +0000 Files and hashes: 1: 1ZMKCjtoyUotW5zL6d-I3qOaSBE.roa (hash: 5gJp0s5iC22SH9q8M0EDrUjpQSDzsUFawVisJiKFG6A=) 2: D2x90Hp-gN9ES-WMtaRxOkRU7zk.roa (hash: l/qjD5THnTNjpjg3s7YHV5e23ifKj7BiMe0FzY2nCgo=) 3: OTba8DdWuvg7pPONvl1oy5us7_k.crl (hash: 5bJekgyniEwlUHqRh0U2oH35TkdLTgMWF3/tSaey2WI=) 4: XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa (hash: Dwx9RqPqD8/O5XTxZSeNq9SNO+JNCNDt1UlVOS13grg=) 5: hbNzX9sb-OFJ3CONrcdLuZ55uyU.roa (hash: NFMtgtynDHta0KlGWRazjZvBYm+8qkNagl80fkK/Tdk=) 6: y5t9VCG86iK6aUs1XnSlJL9WwkU.roa (hash: AeobAv5BcqpSnLadsMWLSvPDtqBRihCI6v5wMAmYfok=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:9c:d6:bb:14:1d:7a:9e:8e:3b:a0:95:48:7e:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Validity Not Before: Dec 20 09:00:57 2025 GMT Not After : Dec 21 09:00:57 2025 GMT Subject: CN=a51fdddfecfc76f77a40399a9959b0460b1dac8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:53:20:43:aa:9e:53:25:2e:87:f9:39:a4:87: a3:ee:bb:ec:8a:54:bd:d5:44:03:07:c5:7d:54:3f: 2b:17:14:84:37:14:b7:f1:2d:a7:11:83:60:31:ef: 01:bd:28:28:3c:26:4e:6c:7c:14:f4:70:83:4a:e4: 01:d0:1c:84:7a:61:0d:29:c4:71:30:d8:41:61:84: 41:f6:6b:00:fb:f9:08:f8:73:85:b1:90:41:0b:85: d1:4e:f8:0c:1c:9a:fd:7d:bf:28:b9:c5:01:12:7b: 50:2d:9a:df:d5:3e:67:88:9a:92:a7:7f:0f:26:29: 29:69:79:b7:7e:6c:dc:4a:77:b8:74:99:77:6b:a9: b7:49:2a:1e:1e:41:7f:c2:98:39:c9:da:b4:f8:c8: b3:25:fa:a4:eb:19:a9:00:95:aa:1c:a7:26:9c:8b: 26:9b:98:f1:36:fa:38:b4:37:8d:ca:68:b2:d1:86: fc:af:39:7b:2a:c0:53:77:f3:6f:25:e0:17:1a:ff: 56:9e:38:f3:c3:ad:4c:29:9b:25:14:75:df:f5:39: 50:d2:03:e7:ef:00:78:28:51:f3:6d:43:6c:ed:9f: 2e:1a:d7:54:bb:56:4a:f2:a1:53:8e:15:19:7b:e1: 8c:12:cd:e9:8e:0d:a0:d6:84:09:80:d8:ff:2a:84: 96:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:1F:DD:DF:EC:FC:76:F7:7A:40:39:9A:99:59:B0:46:0B:1D:AC:8E X509v3 Authority Key Identifier: keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:a1:50:09:62:88:cd:4d:00:cb:4a:34:be:fb:bd:22:00:c0: 17:e7:25:6e:27:e6:13:e4:ad:76:fd:b1:e1:08:8b:e6:df:93: b8:da:b7:f1:34:47:ae:74:68:cd:62:e7:4b:a4:44:54:8b:aa: 70:a2:6d:83:9d:73:fd:64:88:be:0f:5d:93:13:a4:43:f2:df: 29:b3:70:73:44:3f:03:3b:da:df:1b:20:e9:13:21:0e:0b:02: 71:c1:7e:1c:56:c7:49:4a:51:a9:24:c3:ea:5f:41:08:78:2d: 44:cc:06:9b:8f:f1:01:ee:11:43:b0:9d:50:e4:10:1b:b1:53: bc:c1:fd:6f:c7:c9:c5:83:9d:17:a4:e1:7e:86:af:ab:b8:93: f8:97:9b:16:b9:e3:0f:e9:a5:36:3b:7b:4e:a3:60:13:56:06: 20:07:cd:d9:94:61:86:6d:74:af:b2:9c:35:8a:32:b4:66:c2: 5a:f0:f3:6b:59:22:f2:a3:02:6a:28:0d:79:c3:4e:8f:a4:8b: 00:21:4a:27:4b:9a:4b:aa:37:12:1c:fd:c3:2f:cf:79:9a:16: 41:8b:88:49:31:de:21:b0:87:51:49:4a:c7:8a:08:2c:ba:28: e3:60:81:3f:d7:bc:7a:69:a2:33:a3:f5:24:6c:54:60:a9:e6: 63:3c:fc:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/ZzWuxQdep6OO6CVSH5+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh Y2VmZjkwHhcNMjUxMjIwMDkwMDU3WhcNMjUxMjIxMDkwMDU3WjAzMTEwLwYDVQQD EyhhNTFmZGRkZmVjZmM3NmY3N2E0MDM5OWE5OTU5YjA0NjBiMWRhYzhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFMgQ6qeUyUuh/k5pIej7rvsilS9 1UQDB8V9VD8rFxSENxS38S2nEYNgMe8BvSgoPCZObHwU9HCDSuQB0ByEemENKcRx MNhBYYRB9msA+/kI+HOFsZBBC4XRTvgMHJr9fb8oucUBEntQLZrf1T5niJqSp38P JikpaXm3fmzcSne4dJl3a6m3SSoeHkF/wpg5ydq0+MizJfqk6xmpAJWqHKcmnIsm m5jxNvo4tDeNymiy0Yb8rzl7KsBTd/NvJeAXGv9Wnjjzw61MKZslFHXf9TlQ0gPn 7wB4KFHzbUNs7Z8uGtdUu1ZK8qFTjhUZe+GMEs3pjg2g1oQJgNj/KoSW4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUf3d/s/Hb3ekA5mplZsEYLHayOMB8GA1UdIwQY MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt Zjk1ZjY2ZDYwNTVjLzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiaFQCWKI zU0Ay0o0vvu9IgDAF+clbifmE+Stdv2x4QiL5t+TuNq38TRHrnRozWLnS6REVIuq cKJtg51z/WSIvg9dkxOkQ/LfKbNwc0Q/Azva3xsg6RMhDgsCccF+HFbHSUpRqSTD 6l9BCHgtRMwGm4/xAe4RQ7CdUOQQG7FTvMH9b8fJxYOdF6Thfoavq7iT+JebFrnj D+mlNjt7TqNgE1YGIAfN2ZRhhm10r7KcNYoytGbCWvDza1ki8qMCaigNecNOj6SL ACFKJ0uaS6o3Ehz9wy/PeZoWQYuISTHeIbCHUUlKx4oILLoo42CBP9e8emmiM6P1 JGxUYKnmYzz8Vw== -----END CERTIFICATE-----Generated at Sat Dec 20 11:41:45 2025 by rpki-client