This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json) Hash identifier: /jWKghQA4YZazhZMqYB/whNzdrxQbXWTW7D9qRjLEr0= Subject key identifier: BE:2C:31:8B:18:2F:3C:54:EC:64:51:9E:EE:0B:1A:CF:FA:44:F3:E2 Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78 Certificate serial: 019B59E407E38159401C7B61EBE749050CFF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft Manifest number: 11EA Signing time: Fri 26 Dec 2025 09:01:15 +0000 Manifest this update: Fri 26 Dec 2025 09:01:15 +0000 Manifest next update: Sat 27 Dec 2025 09:01:15 +0000 Files and hashes: 1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: blCioSsLjKUQlevC2Cbi1EKJ9lbXuFmTBUFrI1SshSs=) 2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:07:e3:81:59:40:1c:7b:61:eb:e7:49:05:0c:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78 Validity Not Before: Dec 26 09:01:15 2025 GMT Not After : Dec 27 09:01:15 2025 GMT Subject: CN=be2c318b182f3c54ec64519eee0b1acffa44f3e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:be:4e:85:99:1b:32:af:c6:85:b5:71:d8:17: 5f:ac:6a:df:68:a8:fe:4f:c5:5b:df:1c:7d:b0:c6: 86:3d:af:73:8c:0d:65:2c:0f:c1:9f:e8:f1:5b:7d: 2d:8f:b4:d7:ed:3d:5a:f8:d9:11:e4:79:46:3b:d0: 43:5b:38:35:50:33:cd:96:6f:e4:1b:b0:f7:90:1e: 6e:58:c3:cb:5d:82:31:63:ab:a9:b9:4e:29:08:6f: 0a:f0:64:b4:42:ac:72:77:2f:59:8a:57:66:a6:2c: a3:35:f4:76:f4:5d:bb:fa:b2:3e:60:e0:2f:d4:89: 07:e8:62:8f:75:16:9a:08:5e:a4:46:bf:7c:4f:b6: 53:46:11:b5:18:eb:32:2d:cd:60:12:69:f3:47:01: 6d:ae:d9:d5:97:1c:d6:cd:d9:ac:ae:0b:6e:ad:61: d7:85:86:5d:df:7a:08:f0:cc:85:25:df:c2:db:00: a3:70:a9:5f:e7:cd:45:00:0f:6b:ed:7e:96:4c:ea: 9f:45:50:5c:97:4a:94:5b:1a:52:8b:7b:97:03:6c: db:33:5e:78:fd:c3:23:97:63:95:30:33:ff:1c:1a: 54:ae:f3:9a:e2:57:b8:1f:af:64:e9:cc:f3:0f:4a: 39:82:02:5f:7b:1d:e4:83:76:80:e3:ae:70:c7:f0: 6e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:2C:31:8B:18:2F:3C:54:EC:64:51:9E:EE:0B:1A:CF:FA:44:F3:E2 X509v3 Authority Key Identifier: keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:31:ed:ed:2c:e4:44:bf:c9:9b:93:cf:b2:b5:3f:f0:47:db: 45:92:80:e5:b6:fd:be:5a:74:e0:e6:3c:b9:94:e5:01:35:03: 75:c6:59:a0:00:70:c0:d7:d6:6f:c1:b7:2a:de:09:35:b0:56: b4:20:96:86:33:51:52:e6:c5:26:3f:08:58:bc:e2:14:d0:ad: 28:6d:d0:8e:aa:01:d8:fe:8d:81:a0:21:e8:14:06:3c:99:b3: ec:ff:41:d8:14:09:4f:57:c4:d9:51:0a:bb:0a:a7:13:7e:32: 4e:68:2b:57:b2:e0:3b:b7:36:76:41:fd:10:f4:f5:77:62:6e: d0:58:57:96:37:46:97:07:d2:dd:8b:94:71:33:e8:96:a6:ab: e1:e4:e9:b6:94:1f:eb:19:91:81:1b:eb:dd:7c:40:bd:f4:c5: 18:2d:fb:67:bc:84:09:5f:30:ac:c3:62:5e:ac:7d:bf:3a:f1: 5f:7b:2c:21:ee:a9:37:bd:24:39:c2:01:58:2d:d3:70:31:04: c6:ac:2f:6a:1e:bb:85:fc:a7:84:05:e0:5c:df:09:8a:05:b9: b8:b8:fa:51:1a:d1:22:4d:07:6a:45:00:84:45:4b:e3:d1:24: e1:6a:a8:de:14:e7:56:b0:2b:ca:6e:06:b3:14:bf:4c:69:69: bb:7a:4e:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5AfjgVlAHHth6+dJBQz/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz ODlhNzgwHhcNMjUxMjI2MDkwMTE1WhcNMjUxMjI3MDkwMTE1WjAzMTEwLwYDVQQD EyhiZTJjMzE4YjE4MmYzYzU0ZWM2NDUxOWVlZTBiMWFjZmZhNDRmM2UyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu75OhZkbMq/GhbVx2BdfrGrfaKj+ T8Vb3xx9sMaGPa9zjA1lLA/Bn+jxW30tj7TX7T1a+NkR5HlGO9BDWzg1UDPNlm/k G7D3kB5uWMPLXYIxY6upuU4pCG8K8GS0Qqxydy9ZildmpiyjNfR29F27+rI+YOAv 1IkH6GKPdRaaCF6kRr98T7ZTRhG1GOsyLc1gEmnzRwFtrtnVlxzWzdmsrgturWHX hYZd33oI8MyFJd/C2wCjcKlf581FAA9r7X6WTOqfRVBcl0qUWxpSi3uXA2zbM154 /cMjl2OVMDP/HBpUrvOa4le4H69k6czzD0o5ggJfex3kg3aA465wx/BurQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL4sMYsYLzxU7GRRnu4LGs/6RPPiMB8GA1UdIwQY MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzHt7Szk RL/Jm5PPsrU/8EfbRZKA5bb9vlp04OY8uZTlATUDdcZZoABwwNfWb8G3Kt4JNbBW tCCWhjNRUubFJj8IWLziFNCtKG3QjqoB2P6NgaAh6BQGPJmz7P9B2BQJT1fE2VEK uwqnE34yTmgrV7LgO7c2dkH9EPT1d2Ju0FhXljdGlwfS3YuUcTPolqar4eTptpQf 6xmRgRvr3XxAvfTFGC37Z7yECV8wrMNiXqx9vzrxX3ssIe6pN70kOcIBWC3TcDEE xqwvah67hfynhAXgXN8JigW5uLj6URrRIk0HakUAhEVL49Ek4Wqo3hTnVrArym4G sxS/TGlpu3pOqA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:03 2025 by rpki-client