This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft File: OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json) Hash identifier: zx11iMyEduADWlRpDd+9pxL0Dr1SM777dEKdf5YXR+0= Subject key identifier: 37:E4:EB:8D:F5:85:89:7A:98:3A:40:4B:35:74:A9:9D:3E:5F:9A:25 Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34 Certificate issuer: /CN=385b7e94fa60db685171cf1369b1cefb6e20f334 Certificate serial: 019B59764E8DDEC5014A8A9D89E36C6F35AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft Manifest number: 06EA Signing time: Fri 26 Dec 2025 07:01:24 +0000 Manifest this update: Fri 26 Dec 2025 07:01:24 +0000 Manifest next update: Sat 27 Dec 2025 07:01:24 +0000 Files and hashes: 1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: ZNJTb6Nk5MXetWKoEFyNkfddyiOFerCuqoN2umbZx4U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:4e:8d:de:c5:01:4a:8a:9d:89:e3:6c:6f:35:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334 Validity Not Before: Dec 26 07:01:24 2025 GMT Not After : Dec 27 07:01:24 2025 GMT Subject: CN=37e4eb8df585897a983a404b3574a99d3e5f9a25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e0:94:0e:6d:4a:bb:c2:8e:fa:a5:8b:96:89: 8f:36:ad:c2:ee:7b:03:4c:b8:e7:13:8b:d4:37:c7: bd:ab:d1:8d:c4:91:88:4f:91:cc:8e:8b:86:80:de: 77:e8:3a:f6:8c:08:27:55:12:80:7d:a3:2e:bd:7a: 41:ad:b8:6e:09:87:d1:94:7f:40:24:23:45:6e:b2: ef:7f:43:54:d6:19:7b:4d:d6:a4:40:22:83:3f:db: 5b:d4:ab:5f:b1:49:66:61:72:54:1c:79:04:fa:02: 5e:86:f8:a6:45:eb:ce:fe:fb:34:15:87:2f:65:95: 48:97:1b:f0:39:fd:d3:9f:7c:8e:ef:d1:69:5e:01: 28:55:3c:a5:cb:22:94:e0:d8:1a:0d:12:95:04:dd: 84:d8:05:df:cd:f1:4e:f5:01:9e:c3:ef:48:8e:0f: 4f:d4:06:45:63:9c:c4:3d:b5:bc:ef:61:47:5d:05: ee:63:af:79:4d:b7:33:eb:56:41:e5:ba:ca:5f:58: 4c:c6:fa:1f:05:0f:25:12:a0:ec:18:61:95:23:40: d6:97:2d:d4:9a:cb:b4:c8:81:49:62:37:0e:37:eb: 95:57:36:b9:f3:56:b1:26:35:29:23:bf:dd:45:9d: 29:6c:7a:6a:83:38:4d:61:f8:7b:40:a9:2b:93:9f: 83:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:E4:EB:8D:F5:85:89:7A:98:3A:40:4B:35:74:A9:9D:3E:5F:9A:25 X509v3 Authority Key Identifier: keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:67:23:40:4a:41:15:46:96:96:a5:d3:3a:00:23:81:67:6a: cf:e9:ef:19:d0:5d:7f:17:ca:f2:bc:81:dd:4a:5c:2a:d4:79: 29:cc:2a:ca:70:24:4a:a7:93:0d:08:de:dc:61:3d:e3:8f:dd: a9:14:40:6b:1e:66:e3:fa:05:d2:44:56:a6:d0:f7:d8:27:50: 91:a6:f2:90:f8:7f:c0:f1:c4:42:65:9b:f4:4d:dc:75:de:f8: 35:8e:8a:6b:7f:08:a8:14:be:30:51:b0:16:c9:14:d4:09:83: 71:5a:25:bd:0d:94:f4:1c:ac:63:43:b6:93:ef:07:6a:d7:90: 6f:2d:99:db:b7:00:fd:de:7f:8a:b1:67:f2:46:29:c2:f1:6a: fd:60:da:2d:cb:2b:21:47:d0:93:76:98:7e:90:0a:f0:4e:7d: f6:99:df:43:f3:0e:4e:77:4d:ae:5b:c6:e3:26:40:e2:e6:df: 04:e7:ce:d0:86:d4:91:c9:76:e7:91:f2:35:05:73:8e:42:87: 6a:96:b9:a8:4b:a8:c1:d6:1a:bf:55:c6:4c:e7:ca:26:2d:06: e3:86:c0:63:74:75:fb:1b:2f:7f:32:02:17:05:6e:64:92:d3: 3f:91:15:69:4f:1f:9c:d1:92:d2:df:8f:f0:ee:42:f6:e2:2d: f8:90:42:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdk6N3sUBSoqdieNsbzWsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy MGYzMzQwHhcNMjUxMjI2MDcwMTI0WhcNMjUxMjI3MDcwMTI0WjAzMTEwLwYDVQQD EygzN2U0ZWI4ZGY1ODU4OTdhOTgzYTQwNGIzNTc0YTk5ZDNlNWY5YTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOCUDm1Ku8KO+qWLlomPNq3C7nsD TLjnE4vUN8e9q9GNxJGIT5HMjouGgN536Dr2jAgnVRKAfaMuvXpBrbhuCYfRlH9A JCNFbrLvf0NU1hl7TdakQCKDP9tb1KtfsUlmYXJUHHkE+gJehvimRevO/vs0FYcv ZZVIlxvwOf3Tn3yO79FpXgEoVTylyyKU4NgaDRKVBN2E2AXfzfFO9QGew+9Ijg9P 1AZFY5zEPbW872FHXQXuY695Tbcz61ZB5brKX1hMxvofBQ8lEqDsGGGVI0DWly3U msu0yIFJYjcON+uVVza581axJjUpI7/dRZ0pbHpqgzhNYfh7QKkrk5+DtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDfk6431hYl6mDpASzV0qZ0+X5olMB8GA1UdIwQY MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2cjQEpB FUaWlqXTOgAjgWdqz+nvGdBdfxfK8ryB3UpcKtR5KcwqynAkSqeTDQje3GE944/d qRRAax5m4/oF0kRWptD32CdQkabykPh/wPHEQmWb9E3cdd74NY6Ka38IqBS+MFGw FskU1AmDcVolvQ2U9BysY0O2k+8HateQby2Z27cA/d5/irFn8kYpwvFq/WDaLcsr IUfQk3aYfpAK8E599pnfQ/MOTndNrlvG4yZA4ubfBOfO0IbUkcl255HyNQVzjkKH apa5qEuowdYav1XGTOfKJi0G44bAY3R1+xsvfzICFwVuZJLTP5EVaU8fnNGS0t+P 8O5C9uIt+JBChQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:51 2025 by rpki-client