This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft File: D5otI3SqascUtfim7duA3GlnnMY.mft (raw, json) Hash identifier: QZKxtB6MbuniOjXDCR+aBzXTyxsNucsVy5y4lT58qO4= Subject key identifier: E7:FF:EE:07:40:1E:87:A7:B2:34:9B:87:96:F6:A3:50:C9:8E:42:74 Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Certificate serial: 019B101400CBAF0F024C2E4021A6F8EC994C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft Manifest number: 0DD5 Signing time: Fri 12 Dec 2025 01:01:44 +0000 Manifest this update: Fri 12 Dec 2025 01:01:44 +0000 Manifest next update: Sat 13 Dec 2025 01:01:44 +0000 Files and hashes: 1: D5otI3SqascUtfim7duA3GlnnMY.crl (hash: jJ98yNZNqWi5APjQwHuOPcuulQlRo5vEKmbNllksJB8=) 2: RNk_0Bt2Bdlaf0Pdd2eUPaMyW8E.roa (hash: m6J+0888VMRpST0J5iXwVh9t9K8LOLn/EV2xZ10pPjg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:14:00:cb:af:0f:02:4c:2e:40:21:a6:f8:ec:99:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Validity Not Before: Dec 12 01:01:44 2025 GMT Not After : Dec 13 01:01:44 2025 GMT Subject: CN=e7ffee07401e87a7b2349b8796f6a350c98e4274 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d8:5f:dc:8e:17:b1:d4:7c:4b:f8:28:62:5d: 88:57:1a:83:8c:ef:86:2f:dd:d0:2c:ae:4b:f8:87: de:22:aa:aa:8c:4c:72:88:b6:93:74:72:2f:4e:d5: 80:be:4a:b6:7b:49:cb:f9:d6:e8:ce:c0:a8:8e:fe: 26:81:59:ac:35:01:38:3e:89:f5:63:fd:c1:64:38: 25:2e:e0:ca:26:b2:77:51:5b:c9:7f:c2:4c:2a:2a: 9d:c4:9a:15:13:c1:a0:f5:36:a0:8c:76:cf:ac:72: 13:ae:90:79:6e:84:e5:78:52:be:54:f0:64:dc:c7: 69:e5:58:66:23:8f:4b:80:c1:97:04:63:eb:c2:73: ac:cb:fe:16:2e:ff:94:24:3d:e7:76:d7:ac:2b:d8: e3:cf:fb:08:92:bc:94:9c:bc:2a:3d:f4:f1:a7:c2: 18:8a:0b:f0:04:97:e5:b6:10:aa:38:d2:58:c6:78: 67:9f:2d:fe:da:fd:39:33:04:46:02:75:de:80:8e: 96:32:0c:0d:e8:3c:1c:25:7c:0e:8a:f9:f9:05:e0: 2d:a9:9d:77:8b:4a:90:85:6d:03:ee:29:cd:79:c1: 04:30:f7:30:ed:d3:ce:40:e8:9f:e3:5f:a9:f6:5f: 41:1a:7b:a8:07:c1:88:03:6d:f9:bd:ee:35:54:67: 52:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:FF:EE:07:40:1E:87:A7:B2:34:9B:87:96:F6:A3:50:C9:8E:42:74 X509v3 Authority Key Identifier: keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:dc:3c:ca:ab:8b:aa:d7:46:ef:8a:c3:50:76:cb:48:d7:fb: 97:f5:77:49:b7:2e:23:5d:f9:6a:51:dd:e2:d6:ba:c5:b6:d6: ab:c6:2d:19:83:9c:f5:aa:8d:8e:91:43:42:c6:a4:5c:2a:ca: 50:fa:e3:7d:8c:af:ee:1e:64:32:38:18:3d:20:f2:40:d8:4c: 75:83:b1:21:07:d5:cd:c5:e3:60:c9:00:40:26:51:93:d5:8e: c2:b3:ce:d7:49:25:1f:28:26:22:2e:0b:51:8f:2a:34:1e:1c: 65:c1:7f:26:0a:30:7c:75:d4:37:02:04:63:08:9b:ae:72:68: ff:72:00:52:a5:95:14:cc:5d:10:3d:13:0b:cd:5d:b3:20:23: 64:28:26:d2:51:d0:c1:3c:c2:13:69:49:2a:b2:0e:06:ab:4b: f0:43:e5:64:2c:90:95:e8:b8:d1:3e:14:f2:c2:89:48:ab:90: 15:08:9a:cd:18:9b:fb:ce:9f:f4:42:15:e3:99:8e:ac:e2:2a: d5:f1:ad:47:76:c5:c0:f5:89:47:22:20:e3:41:76:f1:4c:cb: d6:e7:1f:25:ad:fb:b8:0a:d3:0d:cd:2d:ed:b4:3b:35:72:d3: de:ff:68:1f:2f:9d:eb:bd:24:b3:e7:a8:e0:cd:f9:80:dd:00: 59:01:fe:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQFADLrw8CTC5AIab47JlMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2 NzljYzYwHhcNMjUxMjEyMDEwMTQ0WhcNMjUxMjEzMDEwMTQ0WjAzMTEwLwYDVQQD EyhlN2ZmZWUwNzQwMWU4N2E3YjIzNDliODc5NmY2YTM1MGM5OGU0Mjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3thf3I4XsdR8S/goYl2IVxqDjO+G L93QLK5L+IfeIqqqjExyiLaTdHIvTtWAvkq2e0nL+dbozsCojv4mgVmsNQE4Pon1 Y/3BZDglLuDKJrJ3UVvJf8JMKiqdxJoVE8Gg9TagjHbPrHITrpB5boTleFK+VPBk 3Mdp5VhmI49LgMGXBGPrwnOsy/4WLv+UJD3ndtesK9jjz/sIkryUnLwqPfTxp8IY igvwBJflthCqONJYxnhnny3+2v05MwRGAnXegI6WMgwN6DwcJXwOivn5BeAtqZ13 i0qQhW0D7inNecEEMPcw7dPOQOif41+p9l9BGnuoB8GIA235ve41VGdSswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOf/7gdAHoensjSbh5b2o1DJjkJ0MB8GA1UdIwQY MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt NmQ5NzE5OTJjMzQ5LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5 LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitw8yquL qtdG74rDUHbLSNf7l/V3SbcuI135alHd4ta6xbbWq8YtGYOc9aqNjpFDQsakXCrK UPrjfYyv7h5kMjgYPSDyQNhMdYOxIQfVzcXjYMkAQCZRk9WOwrPO10klHygmIi4L UY8qNB4cZcF/JgowfHXUNwIEYwibrnJo/3IAUqWVFMxdED0TC81dsyAjZCgm0lHQ wTzCE2lJKrIOBqtL8EPlZCyQlei40T4U8sKJSKuQFQiazRib+86f9EIV45mOrOIq 1fGtR3bFwPWJRyIg40F28UzL1ucfJa37uArTDc0t7bQ7NXLT3v9oHy+d670ks+eo 4M35gN0AWQH+FA== -----END CERTIFICATE-----Generated at Fri Dec 12 07:52:48 2025 by rpki-client