This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft File: D5otI3SqascUtfim7duA3GlnnMY.mft (raw, json) Hash identifier: CpO3zb4Nv1yyNu7kr6f49JeqNsCDJ4auvSQ7NZ/avZU= Subject key identifier: 7E:35:55:FD:E3:56:A6:D4:B1:EC:E8:F1:6E:28:54:D1:3C:76:66:A0 Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Certificate serial: 019B36B43C6FE50B4B18C10C4A44103ABBF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft Manifest number: 0DE9 Signing time: Fri 19 Dec 2025 13:02:20 +0000 Manifest this update: Fri 19 Dec 2025 13:02:20 +0000 Manifest next update: Sat 20 Dec 2025 13:02:20 +0000 Files and hashes: 1: D5otI3SqascUtfim7duA3GlnnMY.crl (hash: 1QEkXNoM8666IyqzQYJIYZMI0x9Ow6AcE4OgyOzKRfI=) 2: RNk_0Bt2Bdlaf0Pdd2eUPaMyW8E.roa (hash: m6J+0888VMRpST0J5iXwVh9t9K8LOLn/EV2xZ10pPjg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 13:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b4:3c:6f:e5:0b:4b:18:c1:0c:4a:44:10:3a:bb:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Validity Not Before: Dec 19 13:02:20 2025 GMT Not After : Dec 20 13:02:20 2025 GMT Subject: CN=7e3555fde356a6d4b1ece8f16e2854d13c7666a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:71:75:08:5c:83:48:ea:7c:65:1c:b1:97:1c: bf:59:c1:cf:a9:db:91:2c:ef:d0:18:cd:35:8e:6c: c3:46:97:54:e4:63:a5:1d:d8:6c:f1:b8:bf:67:92: 09:de:aa:36:4a:71:7f:7a:91:7a:42:fb:42:cc:79: 7e:f8:4a:71:3c:db:d8:b5:31:af:55:7a:30:b9:a6: b2:eb:29:45:75:20:c9:95:33:cc:4a:0b:c5:3f:9e: 64:ab:d6:eb:08:27:b7:3b:b4:1e:99:8b:7b:c4:13: 89:f0:ba:c5:8e:7a:ad:fa:cb:42:75:2e:33:54:ff: 48:75:84:d5:9e:db:f9:51:12:3d:d3:b5:72:c5:26: a5:2b:6c:c5:79:a5:62:67:84:ab:32:e9:df:74:a1: ee:8e:7a:2c:9c:31:61:7b:b2:79:44:93:09:90:15: d2:f4:5a:e6:f1:fc:fe:a7:63:43:24:82:05:1e:3f: 41:c8:58:07:92:f1:44:6a:90:33:03:e0:0f:a6:19: 9b:b8:4e:51:46:7f:2c:c3:c7:38:43:c7:19:8b:64: 07:42:55:92:f8:90:27:90:ae:f7:f9:9e:69:cd:66: 29:43:eb:0a:f6:85:2e:ad:f6:c7:13:ea:2c:33:2d: d5:20:cd:4a:26:3b:b9:d5:12:24:23:f8:5c:d1:54: 54:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:35:55:FD:E3:56:A6:D4:B1:EC:E8:F1:6E:28:54:D1:3C:76:66:A0 X509v3 Authority Key Identifier: keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:05:ed:51:8a:e1:8c:b1:cd:c0:63:f0:a0:8f:c6:6e:41:34: 3f:55:a0:5d:d7:97:73:da:51:2b:4a:17:d5:25:0c:59:8b:58: 0a:67:3d:ce:92:95:eb:ce:59:d3:34:55:c5:cb:2a:5e:9f:de: c8:81:47:b2:e2:fd:1b:fc:57:c5:fc:fc:a4:0b:23:68:37:e9: b5:29:0f:a0:13:ff:86:bf:f9:2e:78:ec:35:e9:bf:2f:57:9d: 28:d3:59:71:e4:a8:f3:49:ec:40:7c:2b:b2:bc:0d:08:5a:72: 93:ae:39:20:f0:35:f1:01:82:ec:fb:d7:86:aa:68:df:bb:db: 9a:5e:1e:f0:ff:c7:b7:c6:cd:a5:9f:3b:a5:51:f1:20:d2:40: de:11:7e:d0:88:c1:d5:51:fa:c0:b5:3d:e9:e7:28:c1:50:40: db:6a:75:0a:c5:7e:87:31:e9:43:fe:8e:ba:ba:12:25:47:64: e8:27:d1:bb:ca:16:ac:f4:b2:19:09:fe:0a:e8:9c:53:19:d0: 3f:5b:1f:2e:fb:24:9e:f1:9f:d6:cb:2d:a4:79:f3:46:3c:03: 83:c6:86:9e:9b:4e:14:29:6c:4c:8b:f0:c8:ae:eb:1b:48:6c: 48:ae:30:5c:59:25:2f:c2:34:92:47:3b:ec:2a:15:e6:13:f4: 2b:cd:c8:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2tDxv5QtLGMEMSkQQOrv0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2 NzljYzYwHhcNMjUxMjE5MTMwMjIwWhcNMjUxMjIwMTMwMjIwWjAzMTEwLwYDVQQD Eyg3ZTM1NTVmZGUzNTZhNmQ0YjFlY2U4ZjE2ZTI4NTRkMTNjNzY2NmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43F1CFyDSOp8ZRyxlxy/WcHPqduR LO/QGM01jmzDRpdU5GOlHdhs8bi/Z5IJ3qo2SnF/epF6QvtCzHl++EpxPNvYtTGv VXowuaay6ylFdSDJlTPMSgvFP55kq9brCCe3O7QemYt7xBOJ8LrFjnqt+stCdS4z VP9IdYTVntv5URI907VyxSalK2zFeaViZ4SrMunfdKHujnosnDFhe7J5RJMJkBXS 9Frm8fz+p2NDJIIFHj9ByFgHkvFEapAzA+APphmbuE5RRn8sw8c4Q8cZi2QHQlWS +JAnkK73+Z5pzWYpQ+sK9oUurfbHE+osMy3VIM1KJju51RIkI/hc0VRUWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH41Vf3jVqbUsezo8W4oVNE8dmagMB8GA1UdIwQY MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt NmQ5NzE5OTJjMzQ5LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5 LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwXtUYrh jLHNwGPwoI/GbkE0P1WgXdeXc9pRK0oX1SUMWYtYCmc9zpKV685Z0zRVxcsqXp/e yIFHsuL9G/xXxfz8pAsjaDfptSkPoBP/hr/5LnjsNem/L1edKNNZceSo80nsQHwr srwNCFpyk645IPA18QGC7PvXhqpo37vbml4e8P/Ht8bNpZ87pVHxINJA3hF+0IjB 1VH6wLU96ecowVBA22p1CsV+hzHpQ/6OuroSJUdk6CfRu8oWrPSyGQn+CuicUxnQ P1sfLvsknvGf1sstpHnzRjwDg8aGnptOFClsTIvwyK7rG0hsSK4wXFklL8I0kkc7 7CoV5hP0K83Izw== -----END CERTIFICATE-----Generated at Fri Dec 19 22:48:15 2025 by rpki-client