This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft File: otGlH74MLlJmesWiVSySo3nOre4.mft (raw, json) Hash identifier: 54pNUhlJJkWnyKeEdE2zBUzvXk5Ao6mEimNb87tSjSQ= Subject key identifier: 1C:3B:79:72:5E:0D:6E:76:C6:05:DC:47:D6:67:8B:53:A6:5A:B4:92 Authority key identifier: A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE Certificate issuer: /CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee Certificate serial: 019B5908664BA0BE3CB92F6B5E19760D5809 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft Manifest number: 0370 Signing time: Fri 26 Dec 2025 05:01:21 +0000 Manifest this update: Fri 26 Dec 2025 05:01:21 +0000 Manifest next update: Sat 27 Dec 2025 05:01:21 +0000 Files and hashes: 1: otGlH74MLlJmesWiVSySo3nOre4.crl (hash: y53PYqkK1fk2aVv02foVxau+BmaCmfWxsNUUBteH/WE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:66:4b:a0:be:3c:b9:2f:6b:5e:19:76:0d:58:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2d1a51fbe0c2e52667ac5a2552c92a379ceadee Validity Not Before: Dec 26 05:01:21 2025 GMT Not After : Dec 27 05:01:21 2025 GMT Subject: CN=1c3b79725e0d6e76c605dc47d6678b53a65ab492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0d:a3:36:fe:6a:80:22:40:1f:46:4c:e6:31: 67:50:15:92:c1:dd:e8:66:12:d2:ed:5d:0f:01:e5: 1a:5b:6e:9f:2b:c7:80:ba:4f:ee:f8:52:5d:7f:02: ba:86:51:a1:04:ce:df:cc:af:88:0f:2a:39:1a:e5: c3:c0:33:b4:8d:5c:49:01:17:cf:0f:e7:b5:e1:24: 82:97:5c:f9:0d:a8:c2:56:12:40:5b:6f:90:16:80: 7c:8a:63:3c:fc:a9:07:51:7c:6a:28:14:08:4c:69: 20:3a:53:c2:99:c3:15:7b:61:ab:5c:0d:50:10:46: 22:e3:c2:5d:1d:c5:77:bb:45:85:51:61:03:cd:65: ac:55:01:66:a8:d2:71:9a:29:28:b5:cc:01:e4:2e: 12:f0:ca:da:43:83:69:79:cb:1f:82:48:04:ef:c1: 5c:4f:14:c8:96:b6:e8:b5:f3:72:55:0c:bc:b6:0d: 90:47:d0:d9:cb:cf:e2:5b:96:64:d8:fa:7e:35:e4: b8:7c:dc:f0:fa:26:6a:4e:3b:26:10:c6:7d:b5:ac: 3a:84:8f:1b:e1:cb:3d:de:bd:e3:05:7f:36:f9:cf: 89:eb:a3:6e:9d:a9:b7:31:6c:ce:1f:a1:48:cf:de: 12:eb:56:52:fc:1a:41:22:c6:cd:b9:81:de:fd:66: 5e:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:3B:79:72:5E:0D:6E:76:C6:05:DC:47:D6:67:8B:53:A6:5A:B4:92 X509v3 Authority Key Identifier: keyid:A2:D1:A5:1F:BE:0C:2E:52:66:7A:C5:A2:55:2C:92:A3:79:CE:AD:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otGlH74MLlJmesWiVSySo3nOre4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c34e04-f7ac-41eb-a561-dde83151ba76/1/otGlH74MLlJmesWiVSySo3nOre4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:19:27:38:7d:6f:a9:3e:b5:16:b6:23:0f:41:c5:70:16:31: 07:8f:62:34:76:a8:11:f7:96:a1:76:c9:c3:89:2b:6a:e1:2d: 05:e4:63:6c:4a:9b:8a:1c:e9:1a:1b:66:93:7d:8d:9b:26:ba: db:0d:41:b5:3f:b0:bb:f4:db:fe:c9:7b:cb:c1:71:78:a6:e8: 2a:de:54:80:fd:d5:d7:d6:43:3d:30:30:1d:63:fe:0a:b9:d5: 5f:94:31:8b:14:32:89:2e:be:fa:ab:95:b3:25:99:3a:9b:e2: 91:48:66:ba:7e:4a:45:77:29:6b:67:2f:44:3e:a0:06:75:4a: e0:82:6b:01:d9:0c:18:62:de:93:f4:3e:c9:f4:94:8a:25:3a: 3a:6b:70:1a:39:5b:2f:68:1a:f0:7e:88:bc:22:7d:a4:1f:e6: 04:d4:a3:b1:0d:c9:80:18:5b:a0:fb:19:1f:db:4d:e8:9d:d7: e9:fb:83:d1:92:ca:fa:33:c5:41:22:fc:40:7a:31:03:47:dd: b2:bc:2b:ab:79:37:a8:e0:f3:f0:62:6f:ca:56:ab:cf:98:95: cf:e7:0e:2d:a8:cf:2f:33:ae:ce:f6:43:44:0f:ce:a8:cf:5f: 2d:34:8c:a3:cb:7f:1d:c1:4a:16:52:17:df:4c:8a:c9:10:1a: eb:a2:12:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCGZLoL48uS9rXhl2DVgJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZDFhNTFmYmUwYzJlNTI2NjdhYzVhMjU1MmM5MmEzNzlj ZWFkZWUwHhcNMjUxMjI2MDUwMTIxWhcNMjUxMjI3MDUwMTIxWjAzMTEwLwYDVQQD EygxYzNiNzk3MjVlMGQ2ZTc2YzYwNWRjNDdkNjY3OGI1M2E2NWFiNDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ2jNv5qgCJAH0ZM5jFnUBWSwd3o ZhLS7V0PAeUaW26fK8eAuk/u+FJdfwK6hlGhBM7fzK+IDyo5GuXDwDO0jVxJARfP D+e14SSCl1z5DajCVhJAW2+QFoB8imM8/KkHUXxqKBQITGkgOlPCmcMVe2GrXA1Q EEYi48JdHcV3u0WFUWEDzWWsVQFmqNJxmikotcwB5C4S8MraQ4NpecsfgkgE78Fc TxTIlrbotfNyVQy8tg2QR9DZy8/iW5Zk2Pp+NeS4fNzw+iZqTjsmEMZ9taw6hI8b 4cs93r3jBX82+c+J66Nunam3MWzOH6FIz94S61ZS/BpBIsbNuYHe/WZeUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBw7eXJeDW52xgXcR9Zni1OmWrSSMB8GA1UdIwQY MBaAFKLRpR++DC5SZnrFolUskqN5zq3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEt ZGRlODMxNTFiYTc2LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jMzRlMDQtZjdhYy00MWViLWE1NjEtZGRlODMxNTFiYTc2 LzEvb3RHbEg3NE1MbEptZXNXaVZTeVNvM25PcmU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkxknOH1v qT61FrYjD0HFcBYxB49iNHaoEfeWoXbJw4krauEtBeRjbEqbihzpGhtmk32Nmya6 2w1BtT+wu/Tb/sl7y8FxeKboKt5UgP3V19ZDPTAwHWP+CrnVX5QxixQyiS6++quV syWZOpvikUhmun5KRXcpa2cvRD6gBnVK4IJrAdkMGGLek/Q+yfSUiiU6OmtwGjlb L2ga8H6IvCJ9pB/mBNSjsQ3JgBhboPsZH9tN6J3X6fuD0ZLK+jPFQSL8QHoxA0fd srwrq3k3qODz8GJvylarz5iVz+cOLajPLzOuzvZDRA/OqM9fLTSMo8t/HcFKFlIX 30yKyRAa66IScA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:51 2025 by rpki-client