This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft File: OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json) Hash identifier: lxCveIUxAkZUv60YwfzjuhcvRk5iWsY4VW8ie5i3gf4= Subject key identifier: AC:A7:A7:57:A8:95:7B:43:89:92:C5:24:C5:F4:B7:C6:33:63:0D:88 Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39 Certificate issuer: /CN=3a2b50799b31c0b145124650d711bce383d67039 Certificate serial: 019B5ABFA1BBFFA5B12101628273351E49EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft Manifest number: 0BE9 Signing time: Fri 26 Dec 2025 13:01:06 +0000 Manifest this update: Fri 26 Dec 2025 13:01:06 +0000 Manifest next update: Sat 27 Dec 2025 13:01:06 +0000 Files and hashes: 1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: qdB0UDt3QkmQkAyZuKYg59jyhUPxP1oLdBeVeSz8L1s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:a1:bb:ff:a5:b1:21:01:62:82:73:35:1e:49:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039 Validity Not Before: Dec 26 13:01:06 2025 GMT Not After : Dec 27 13:01:06 2025 GMT Subject: CN=aca7a757a8957b438992c524c5f4b7c633630d88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e6:20:bc:f2:09:ae:ed:2f:1b:10:60:49:dd: ac:80:f9:e7:39:2d:aa:02:04:19:53:da:60:95:16: d4:a8:5a:27:8b:38:9a:49:69:1d:8a:4f:93:0d:6e: 3c:b8:97:c7:06:e2:82:7b:5e:3f:ec:6d:2c:39:29: ff:5d:f3:41:45:2f:8d:df:d0:84:f2:61:58:22:9a: e9:0a:1e:c2:5d:07:59:6c:bd:5c:57:67:79:5f:38: 12:65:20:24:54:7b:bd:8b:24:92:89:6a:1a:31:c3: e4:c0:36:aa:48:d1:7a:36:38:7b:c8:ea:a9:af:63: 4d:ed:89:2a:15:c6:7e:cd:0e:fb:d6:de:53:11:f8: 4f:3a:84:5b:1b:c4:ad:61:e2:2f:2b:d7:17:e7:dc: 16:7a:12:76:1c:d6:ba:43:87:6d:2d:09:c8:7c:fe: a4:31:87:8a:fe:4d:d7:c4:05:c0:e0:45:79:84:3b: 5f:05:bb:da:65:b7:de:3a:25:79:36:93:96:68:04: 12:00:35:91:60:2e:28:4b:53:b6:e2:d1:2c:f4:c3: 6c:15:14:77:e6:53:b1:bd:ff:1c:d0:8f:e6:9a:24: 8c:0c:45:3f:86:4e:a3:34:e8:23:1b:10:e2:4f:77: f5:be:73:9d:25:6a:cc:a9:3c:f7:79:c9:40:57:07: 70:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:A7:A7:57:A8:95:7B:43:89:92:C5:24:C5:F4:B7:C6:33:63:0D:88 X509v3 Authority Key Identifier: keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:e8:d5:d3:12:78:76:69:84:f3:92:48:31:55:cf:4c:d3:f5: f3:83:ac:70:ca:66:1a:4b:92:10:f9:00:d2:da:b1:ef:13:9f: 98:91:0f:26:32:d0:5a:70:4e:66:1f:7e:14:81:c4:d9:86:98: 31:34:77:08:1f:bd:56:b9:65:26:33:d7:de:6e:2e:0f:98:bc: 8f:e6:1a:39:c7:c2:80:63:58:81:fc:d0:31:12:93:5b:35:7f: 07:91:6e:83:ac:39:96:b0:8c:b2:c6:c9:3a:31:a9:01:8a:60: a0:d8:a4:7e:59:7f:80:d1:6e:97:42:77:c6:92:15:53:9b:e0: 54:98:b5:88:c0:9d:1f:f2:9f:66:35:bf:d8:1b:50:41:64:10: fb:c4:0f:84:98:0b:56:92:90:b3:ba:12:a1:9b:09:2f:db:38: 3f:39:10:af:ee:bf:5d:de:13:e1:8a:98:25:49:ff:4a:64:6c: fd:6d:bf:24:cb:b4:1d:6f:ad:51:18:dd:c0:10:9f:7f:dd:e3: 23:ce:c3:e3:d2:ac:46:dc:ec:ba:06:41:73:c4:fb:1e:ad:e1: bc:a1:96:13:f7:e1:1b:d4:2f:1c:45:ee:ea:ef:17:6f:93:e9: 43:00:43:b0:7d:31:5f:4e:0e:a6:97:8c:1b:e4:5a:e2:5f:d3: 16:bc:9c:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav6G7/6WxIQFignM1HknuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk NjcwMzkwHhcNMjUxMjI2MTMwMTA2WhcNMjUxMjI3MTMwMTA2WjAzMTEwLwYDVQQD EyhhY2E3YTc1N2E4OTU3YjQzODk5MmM1MjRjNWY0YjdjNjMzNjMwZDg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuYgvPIJru0vGxBgSd2sgPnnOS2q AgQZU9pglRbUqFoniziaSWkdik+TDW48uJfHBuKCe14/7G0sOSn/XfNBRS+N39CE 8mFYIprpCh7CXQdZbL1cV2d5XzgSZSAkVHu9iySSiWoaMcPkwDaqSNF6Njh7yOqp r2NN7YkqFcZ+zQ771t5TEfhPOoRbG8StYeIvK9cX59wWehJ2HNa6Q4dtLQnIfP6k MYeK/k3XxAXA4EV5hDtfBbvaZbfeOiV5NpOWaAQSADWRYC4oS1O24tEs9MNsFRR3 5lOxvf8c0I/mmiSMDEU/hk6jNOgjGxDiT3f1vnOdJWrMqTz3eclAVwdw6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKynp1eolXtDiZLFJMX0t8YzYw2IMB8GA1UdIwQY MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOjV0xJ4 dmmE85JIMVXPTNP184OscMpmGkuSEPkA0tqx7xOfmJEPJjLQWnBOZh9+FIHE2YaY MTR3CB+9VrllJjPX3m4uD5i8j+YaOcfCgGNYgfzQMRKTWzV/B5Fug6w5lrCMssbJ OjGpAYpgoNikfll/gNFul0J3xpIVU5vgVJi1iMCdH/KfZjW/2BtQQWQQ+8QPhJgL VpKQs7oSoZsJL9s4PzkQr+6/Xd4T4YqYJUn/SmRs/W2/JMu0HW+tURjdwBCff93j I87D49KsRtzsugZBc8T7Hq3hvKGWE/fhG9QvHEXu6u8Xb5PpQwBDsH0xX04OppeM G+Ra4l/TFrycJw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:19 2025 by rpki-client