This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft File: OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft (raw, json) Hash identifier: MFavaNoap+LugS/84W7tafZZWpahlO+DvgE3NRrl/Z8= Subject key identifier: 53:FB:43:77:A0:5F:65:A8:FC:66:8F:D0:04:2E:E1:9A:EB:78:32:42 Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26 Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26 Certificate serial: 019B41A452CBAA92A5757754BE7A82928B9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft Manifest number: 12A1 Signing time: Sun 21 Dec 2025 16:00:46 +0000 Manifest this update: Sun 21 Dec 2025 16:00:46 +0000 Manifest next update: Mon 22 Dec 2025 16:00:46 +0000 Files and hashes: 1: 4iN5nDTRDVV1CTGuGlGWY0Ybm9Y.roa (hash: EMh2tz4i0xV1ZX0fHy8PWh0LdLWVBXB/z2TGKHCydUo=) 2: CBZTZIxMDDoFTLtkXWpJNkPAyZA.roa (hash: cXql8AeIQAC8BMZkK4SJLIjChz+/Hte6gi3o/bh7lrE=) 3: OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl (hash: noMMrLW9B2VRcodm4mJ8xDXswD+TSbJNLusyrBWmjNE=) 4: TyU9koBZ-FfwUjRzFMgXymhIcdc.roa (hash: PuygGCOb3s6Y5+fEOZlXXly4EGutd8BVkQrZLC3GUys=) 5: rYkWvcE_3GQZ3jkaDTUiqjj986g.roa (hash: FOkCN5CJZuWhjjVzqhCAbEwhLO4+xpDqIO3h/0CpxnA=) 6: xvMwGEntPrsPSijtn7qckfPF1Lw.roa (hash: cfgqt0GeV7LUHA50FIbHHM6KEXg5Xmqps/DGbUwBUAM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:52:cb:aa:92:a5:75:77:54:be:7a:82:92:8b:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26 Validity Not Before: Dec 21 16:00:46 2025 GMT Not After : Dec 22 16:00:46 2025 GMT Subject: CN=53fb4377a05f65a8fc668fd0042ee19aeb783242 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:6f:15:bb:5d:01:91:12:4f:f3:50:67:34:b3: 16:64:9d:fe:a9:90:e5:c1:72:df:c7:e4:5c:5e:2d: dd:e5:67:bd:f1:53:89:82:29:81:ac:29:5a:92:93: af:82:57:30:51:bb:00:93:63:6d:ba:a2:33:e6:0f: 0e:1c:97:29:ff:24:74:e3:72:12:64:d8:32:28:a2: e9:7d:8a:1b:ec:59:12:d6:05:72:4b:8f:a0:e6:e5: 51:6c:25:b9:41:84:a8:21:63:35:b8:34:f0:cf:c4: e3:48:db:e9:5e:87:bb:75:ba:be:4c:18:51:d3:2a: 67:60:72:ec:38:7e:0d:db:74:45:8f:b1:2c:d0:9e: 47:38:3b:0d:87:fc:19:0d:f6:0f:78:66:9a:e7:48: 21:a9:b1:da:75:4a:18:76:3d:44:28:a9:18:87:a5: 54:83:49:14:f4:ed:46:46:e7:e8:05:4c:2a:1a:d8: a4:4d:5c:d0:1f:c7:eb:f9:4d:ec:76:9c:7a:3f:fb: da:38:a3:c1:b6:66:90:18:ec:73:14:94:ce:da:1a: 43:a7:6b:97:dd:e7:de:6e:42:aa:21:f7:6a:8f:23: bc:7a:e4:4a:22:3f:52:47:1c:0a:56:8f:4c:27:c7: 95:17:5a:c3:dc:82:a8:b4:6c:52:b6:f6:d7:d1:aa: 9e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:FB:43:77:A0:5F:65:A8:FC:66:8F:D0:04:2E:E1:9A:EB:78:32:42 X509v3 Authority Key Identifier: keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:90:0c:5a:d5:8f:fe:06:d1:dc:fd:1d:6b:79:83:b7:74:50: 71:0f:ff:7c:59:28:bb:b7:39:0e:42:e0:e7:6a:11:b1:26:30: cb:93:a1:07:d6:06:2f:5d:98:60:d1:b4:d9:35:42:e6:a9:88: e3:de:ec:28:64:ab:0c:51:19:c5:0d:6a:8b:36:7f:44:74:53: a1:f0:68:85:d9:e4:4a:e3:69:fc:16:b6:b6:fc:c1:64:8a:44: 3e:ea:8f:0d:9e:61:4f:65:31:25:6c:53:79:52:23:b4:ab:68: 3b:25:7c:98:a8:3b:05:3f:8d:40:ca:e4:d4:fb:6d:02:ec:bc: 65:db:48:f8:cf:bb:07:7c:5c:88:ea:a7:9a:a8:84:38:a5:1b: 45:cf:c9:61:b8:72:a3:a1:29:96:41:12:1c:f2:ae:0d:50:bb: 63:ed:af:5c:23:c4:bf:4a:ea:e0:5a:11:1f:e0:fc:d9:11:d4: 28:ab:06:33:e1:34:01:ff:57:69:7e:6d:7f:01:46:f1:01:14: 3b:33:e2:31:f7:aa:14:78:63:e3:2d:24:a1:74:cf:d9:35:db: fa:42:cb:32:51:68:ec:ac:5a:ad:71:26:74:4f:ad:03:16:76: 78:b9:b8:88:63:5c:f4:f7:4f:38:c3:fb:a2:5d:6d:9e:78:84: 6a:b9:69:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpFLLqpKldXdUvnqCkoucMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj MzBhMjYwHhcNMjUxMjIxMTYwMDQ2WhcNMjUxMjIyMTYwMDQ2WjAzMTEwLwYDVQQD Eyg1M2ZiNDM3N2EwNWY2NWE4ZmM2NjhmZDAwNDJlZTE5YWViNzgzMjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW8Vu10BkRJP81BnNLMWZJ3+qZDl wXLfx+RcXi3d5We98VOJgimBrClakpOvglcwUbsAk2NtuqIz5g8OHJcp/yR043IS ZNgyKKLpfYob7FkS1gVyS4+g5uVRbCW5QYSoIWM1uDTwz8TjSNvpXoe7dbq+TBhR 0ypnYHLsOH4N23RFj7Es0J5HODsNh/wZDfYPeGaa50ghqbHadUoYdj1EKKkYh6VU g0kU9O1GRufoBUwqGtikTVzQH8fr+U3sdpx6P/vaOKPBtmaQGOxzFJTO2hpDp2uX 3efebkKqIfdqjyO8euRKIj9SRxwKVo9MJ8eVF1rD3IKotGxStvbX0aqejQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFP7Q3egX2Wo/GaP0AQu4ZrreDJCMB8GA1UdIwQY MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct NDY1MzhjYTUzODNjLzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpAMWtWP /gbR3P0da3mDt3RQcQ//fFkou7c5DkLg52oRsSYwy5OhB9YGL12YYNG02TVC5qmI 497sKGSrDFEZxQ1qizZ/RHRTofBohdnkSuNp/Ba2tvzBZIpEPuqPDZ5hT2UxJWxT eVIjtKtoOyV8mKg7BT+NQMrk1PttAuy8ZdtI+M+7B3xciOqnmqiEOKUbRc/JYbhy o6EplkESHPKuDVC7Y+2vXCPEv0rq4FoRH+D82RHUKKsGM+E0Af9XaX5tfwFG8QEU OzPiMfeqFHhj4y0koXTP2TXb+kLLMlFo7KxarXEmdE+tAxZ2eLm4iGNc9PdPOMP7 ol1tnniEarlpRA== -----END CERTIFICATE-----Generated at Sun Dec 21 19:50:12 2025 by rpki-client