This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft File: orzYisPgLP-tPADeRrXaM2vWRwI.mft (raw, json) Hash identifier: X7HrJRCBc89g6PMH+lvCukfvkG7mMtVw/0PD7jwGUsE= Subject key identifier: 17:4B:9B:10:AC:D7:E4:94:57:C5:37:D3:FF:37:07:E4:9D:C2:5F:3A Authority key identifier: A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02 Certificate issuer: /CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702 Certificate serial: 019B1FF4B3ACC086898427D68CFB88F26A10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft Manifest number: 1487 Signing time: Mon 15 Dec 2025 03:01:28 +0000 Manifest this update: Mon 15 Dec 2025 03:01:28 +0000 Manifest next update: Tue 16 Dec 2025 03:01:28 +0000 Files and hashes: 1: dTRvsxL2APKWCpGceVS2hPx0HUQ.roa (hash: ckDUOzUXSrfuvc3RkTd1UBfCmEYB7nDoNopZ1OYU3es=) 2: orzYisPgLP-tPADeRrXaM2vWRwI.crl (hash: MZUZOnQZSiN4HWX2kQCWSQXk0PrfXvCa5FbGI1tTcaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.crl rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:b3:ac:c0:86:89:84:27:d6:8c:fb:88:f2:6a:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702 Validity Not Before: Dec 15 03:01:28 2025 GMT Not After : Dec 16 03:01:28 2025 GMT Subject: CN=174b9b10acd7e49457c537d3ff3707e49dc25f3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f0:dd:3d:17:59:70:17:2c:80:60:18:7e:df: d9:c1:e6:0d:4a:5b:1e:b7:41:7a:c5:14:d8:60:4d: 7d:8e:a9:90:7c:57:60:fb:a1:94:8f:5d:99:26:f8: a8:ef:c9:00:99:de:dd:de:84:f5:a2:15:96:5f:c1: 31:9d:85:2c:d7:37:cd:d4:4f:13:a3:2f:29:83:9c: 7f:4e:d1:a3:cf:5c:62:ac:a6:86:a9:ba:57:5e:9e: 4a:f6:79:d4:f2:f7:79:e4:de:85:41:48:a3:97:40: 8a:a2:95:d1:02:02:f5:0a:64:7c:f7:d3:3b:ee:e1: 36:04:82:81:bc:dc:19:d8:1f:52:a3:a7:40:6c:43: 0f:9c:9d:39:a8:5b:e6:e7:03:3b:fc:af:09:cc:93: 57:82:7e:cd:44:20:35:c5:e6:41:e9:7c:99:fb:11: ea:9c:8e:a2:8c:1d:29:92:97:ec:60:09:d1:a3:d2: 03:79:07:5f:75:58:4a:84:e1:a5:20:fc:a5:4f:1a: 13:e9:86:42:86:61:6c:36:55:6a:38:f1:48:e0:49: 10:b2:ed:ac:25:cc:9c:24:3c:4c:da:d0:fd:c8:6f: b1:46:61:97:32:74:a0:12:0e:47:82:00:22:fb:3e: 65:c0:1f:79:91:0e:04:e3:16:07:c9:73:10:52:d1: 7f:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:4B:9B:10:AC:D7:E4:94:57:C5:37:D3:FF:37:07:E4:9D:C2:5F:3A X509v3 Authority Key Identifier: keyid:A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:a7:9b:ae:c6:41:4c:a4:af:79:da:cc:13:c1:ae:c4:b4:e2: 9a:5d:25:4e:b4:2c:2d:ed:01:2a:f8:ed:6f:12:09:be:08:d1: 91:b1:2c:3f:bd:d4:b8:8a:a4:b2:7f:3c:51:3d:00:87:6e:22: ab:36:ac:f4:44:cb:79:f2:45:12:d1:e6:0e:8b:a0:40:6f:69: cd:be:6f:82:86:16:b5:14:5d:c0:bd:66:94:65:be:39:23:67: ee:4a:8a:2f:0b:34:b2:6f:fd:ff:26:9e:6e:30:7f:d0:91:80: 16:1a:c4:ac:90:5b:d8:e5:4b:4e:7f:c8:33:ca:a8:a8:f1:72: 22:55:21:67:4a:89:7c:21:9d:7f:20:b7:43:96:32:6f:bc:60: e1:a8:cf:00:2a:e9:6a:fc:54:5a:c7:f1:78:9f:15:c7:ae:ee: b6:6e:09:89:23:b0:91:e9:97:ba:5f:44:bb:6c:22:66:0c:03: 27:8e:75:35:b8:c9:58:17:0d:d1:b2:ed:50:ea:df:dc:15:fd: 28:42:bf:d7:ce:ca:e9:2b:a1:c1:46:7d:ab:1c:02:30:4d:05: 7d:5c:4f:41:d3:df:90:89:96:e2:eb:93:fc:30:a6:69:72:39: d7:ad:d9:32:b6:aa:54:8a:b0:4d:2c:7a:79:e1:96:40:81:91: d3:21:0d:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9LOswIaJhCfWjPuI8moQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYmNkODhhYzNlMDJjZmZhZDNjMDBkZTQ2YjVkYTMzNmJk NjQ3MDIwHhcNMjUxMjE1MDMwMTI4WhcNMjUxMjE2MDMwMTI4WjAzMTEwLwYDVQQD EygxNzRiOWIxMGFjZDdlNDk0NTdjNTM3ZDNmZjM3MDdlNDlkYzI1ZjNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvDdPRdZcBcsgGAYft/ZweYNSlse t0F6xRTYYE19jqmQfFdg+6GUj12ZJvio78kAmd7d3oT1ohWWX8ExnYUs1zfN1E8T oy8pg5x/TtGjz1xirKaGqbpXXp5K9nnU8vd55N6FQUijl0CKopXRAgL1CmR899M7 7uE2BIKBvNwZ2B9So6dAbEMPnJ05qFvm5wM7/K8JzJNXgn7NRCA1xeZB6XyZ+xHq nI6ijB0pkpfsYAnRo9IDeQdfdVhKhOGlIPylTxoT6YZChmFsNlVqOPFI4EkQsu2s JcycJDxM2tD9yG+xRmGXMnSgEg5HggAi+z5lwB95kQ4E4xYHyXMQUtF/vwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBdLmxCs1+SUV8U30/83B+Sdwl86MB8GA1UdIwQY MBaAFKK82IrD4Cz/rTwA3ka12jNr1kcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUt YWFiODYyODYxYTA5LzEvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUtYWFiODYyODYxYTA5 LzEvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6ebrsZB TKSvedrME8GuxLTiml0lTrQsLe0BKvjtbxIJvgjRkbEsP73UuIqksn88UT0Ah24i qzas9ETLefJFEtHmDougQG9pzb5vgoYWtRRdwL1mlGW+OSNn7kqKLws0sm/9/yae bjB/0JGAFhrErJBb2OVLTn/IM8qoqPFyIlUhZ0qJfCGdfyC3Q5Yyb7xg4ajPACrp avxUWsfxeJ8Vx67utm4JiSOwkemXul9Eu2wiZgwDJ451NbjJWBcN0bLtUOrf3BX9 KEK/187K6SuhwUZ9qxwCME0FfVxPQdPfkImW4uuT/DCmaXI5163ZMraqVIqwTSx6 eeGWQIGR0yENxg== -----END CERTIFICATE-----Generated at Mon Dec 15 06:45:27 2025 by rpki-client