This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft File: orO6gtodtcGUN6wzeDhG8vK_9GI.mft (raw, json) Hash identifier: upTUJVgW9uE6duL9fT1Z51d0gRZEdaXH2qIQZwjSJAs= Subject key identifier: C2:B4:C2:7F:49:38:8C:1C:AD:E4:9A:88:96:85:31:42:78:51:78:84 Authority key identifier: A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62 Certificate issuer: /CN=a2b3ba82da1db5c19437ac33783846f2f2bff462 Certificate serial: 019B32D5D4F01B4ADA180CAD9966852565E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft Manifest number: 0523 Signing time: Thu 18 Dec 2025 19:00:32 +0000 Manifest this update: Thu 18 Dec 2025 19:00:32 +0000 Manifest next update: Fri 19 Dec 2025 19:00:32 +0000 Files and hashes: 1: orO6gtodtcGUN6wzeDhG8vK_9GI.crl (hash: s6i3Sdd60Oj2WxSj/BdCCM9Mydk1JYOKF5Npih+M/d0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:d4:f0:1b:4a:da:18:0c:ad:99:66:85:25:65:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2b3ba82da1db5c19437ac33783846f2f2bff462 Validity Not Before: Dec 18 19:00:32 2025 GMT Not After : Dec 19 19:00:32 2025 GMT Subject: CN=c2b4c27f49388c1cade49a889685314278517884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:80:05:e7:38:93:1e:87:f8:25:b1:1b:4a:6e: 44:34:cf:76:c1:2a:a8:3e:fc:57:c5:f5:2a:53:b7: ee:9e:a9:5e:5a:13:27:c1:12:56:38:8a:ca:10:7f: 2e:95:b2:dd:71:b0:16:d8:fc:88:7a:65:e7:ea:fb: 3b:20:41:a7:54:ec:d9:08:3a:b6:ab:4e:21:c6:0f: f3:29:08:cf:eb:eb:5a:73:37:03:d7:7d:c9:25:23: 1d:71:6b:0f:e0:81:da:55:fd:08:81:e6:6e:1c:f0: 25:4e:ca:e4:5c:18:ad:6b:8f:f9:6c:b8:79:ba:21: 62:5f:82:87:93:e6:d2:ce:49:ea:8f:eb:a2:92:b7: 28:06:fb:22:02:da:a9:af:05:bb:19:a3:2f:41:4a: 2e:65:b9:70:8e:2e:05:49:e5:dc:a0:3c:83:e2:61: 61:39:28:bb:02:d1:59:4d:fa:6b:7b:83:73:b1:65: c8:40:c7:76:d9:a6:83:85:2f:3c:af:59:19:44:a9: 0f:88:74:40:41:32:81:fb:56:98:5b:03:16:98:62: e3:1f:e6:b8:42:5e:3e:a4:91:36:f4:ed:c9:be:fa: ff:fd:15:59:e4:eb:bb:63:94:aa:c9:3e:1d:2b:62: 12:24:0d:1b:38:73:0e:8c:fe:aa:30:15:06:34:4b: bd:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:B4:C2:7F:49:38:8C:1C:AD:E4:9A:88:96:85:31:42:78:51:78:84 X509v3 Authority Key Identifier: keyid:A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:a1:70:9f:28:23:f4:1a:30:0f:c7:f7:29:e0:96:73:c1:93: 86:41:e7:cd:ed:c6:90:45:2a:e9:f7:2e:44:33:74:93:8b:e4: 78:1c:d5:db:05:f1:6a:fd:31:27:88:f5:93:de:b7:fe:85:4e: 88:07:95:c2:0c:59:15:b3:22:07:73:3c:14:73:10:25:2d:02: 2e:5f:9c:68:c9:65:7e:5d:63:25:40:de:ea:0d:dc:cf:ad:1d: f0:70:db:48:9f:57:74:e3:f6:b8:e6:6f:fd:c0:11:30:47:70: b3:1f:b6:5b:17:f9:ff:36:2e:fe:cf:57:c3:95:bb:5c:cd:57: 30:0f:79:76:ed:30:d3:c0:4e:f2:5e:32:44:0b:a4:cd:12:5a: fc:d2:28:e0:00:e3:8e:c6:87:f3:d3:18:ba:e5:f2:9a:6b:c3: 12:82:0b:bc:9d:c4:f9:06:df:67:05:1e:bf:ff:6c:a6:0a:be: bb:f8:59:11:a4:95:31:e6:ea:78:2d:4c:94:76:cb:8e:15:6b: 75:c4:a3:68:48:b8:80:57:1f:ed:4f:a1:b2:51:a6:9a:2c:26: d1:c5:5f:c4:e5:40:65:94:b0:18:c6:db:f6:78:e6:ec:94:8f: 03:0f:a0:b5:8c:bf:e3:77:7b:89:1f:a9:1a:d6:1c:a6:27:6f: 86:c6:b4:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1dTwG0raGAytmWaFJWXmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYjNiYTgyZGExZGI1YzE5NDM3YWMzMzc4Mzg0NmYyZjJi ZmY0NjIwHhcNMjUxMjE4MTkwMDMyWhcNMjUxMjE5MTkwMDMyWjAzMTEwLwYDVQQD EyhjMmI0YzI3ZjQ5Mzg4YzFjYWRlNDlhODg5Njg1MzE0Mjc4NTE3ODg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYAF5ziTHof4JbEbSm5ENM92wSqo PvxXxfUqU7funqleWhMnwRJWOIrKEH8ulbLdcbAW2PyIemXn6vs7IEGnVOzZCDq2 q04hxg/zKQjP6+taczcD133JJSMdcWsP4IHaVf0IgeZuHPAlTsrkXBita4/5bLh5 uiFiX4KHk+bSzknqj+uikrcoBvsiAtqprwW7GaMvQUouZblwji4FSeXcoDyD4mFh OSi7AtFZTfpre4NzsWXIQMd22aaDhS88r1kZRKkPiHRAQTKB+1aYWwMWmGLjH+a4 Ql4+pJE29O3Jvvr//RVZ5Ou7Y5SqyT4dK2ISJA0bOHMOjP6qMBUGNEu9HQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMK0wn9JOIwcreSaiJaFMUJ4UXiEMB8GA1UdIwQY MBaAFKKzuoLaHbXBlDesM3g4RvLyv/RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUt Zjg5OGQyMDRlYjRlLzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUtZjg5OGQyMDRlYjRl LzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJKFwnygj 9BowD8f3KeCWc8GThkHnze3GkEUq6fcuRDN0k4vkeBzV2wXxav0xJ4j1k963/oVO iAeVwgxZFbMiB3M8FHMQJS0CLl+caMllfl1jJUDe6g3cz60d8HDbSJ9XdOP2uOZv /cARMEdwsx+2Wxf5/zYu/s9Xw5W7XM1XMA95du0w08BO8l4yRAukzRJa/NIo4ADj jsaH89MYuuXymmvDEoILvJ3E+QbfZwUev/9spgq+u/hZEaSVMebqeC1MlHbLjhVr dcSjaEi4gFcf7U+hslGmmiwm0cVfxOVAZZSwGMbb9njm7JSPAw+gtYy/43d7iR+p GtYcpidvhsa0QQ== -----END CERTIFICATE-----Generated at Thu Dec 18 23:26:16 2025 by rpki-client