This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft File: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json) Hash identifier: Jo6w4bPxR8lkEQ06N66rIEbTmyrmWuf24zSy62tfMr0= Subject key identifier: EC:38:E6:E9:E8:8C:95:EF:CB:D6:76:63:D8:F0:88:49:73:F4:CC:0D Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A Certificate issuer: /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Certificate serial: 019B2E54A477DA877552E05856CBC44B5BF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft Manifest number: 177E Signing time: Wed 17 Dec 2025 22:00:57 +0000 Manifest this update: Wed 17 Dec 2025 22:00:57 +0000 Manifest next update: Thu 18 Dec 2025 22:00:57 +0000 Files and hashes: 1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: ghuce03zRIH+P8fwvkoYCe0t9inZA+kgXrVqu+bTtdA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 22:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:54:a4:77:da:87:75:52:e0:58:56:cb:c4:4b:5b:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Validity Not Before: Dec 17 22:00:57 2025 GMT Not After : Dec 18 22:00:57 2025 GMT Subject: CN=ec38e6e9e88c95efcbd67663d8f0884973f4cc0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:9e:e4:6c:92:1e:2a:85:df:13:73:41:97:18: 65:c8:0f:d1:06:fb:f9:e8:a3:6e:38:2c:f6:87:63: 5f:ba:9a:4f:0e:d8:4d:5c:59:b6:84:68:97:c8:cd: f0:94:58:0a:4a:4b:03:d8:a6:d6:5e:4c:d5:72:a1: 33:e7:52:bf:47:a9:5a:68:4d:84:1a:af:05:03:86: 58:fb:61:37:cb:c3:ac:29:0f:5f:65:f4:9e:8e:66: cb:67:e7:67:f7:c1:40:23:0c:c6:f5:cb:dc:83:2d: 24:ce:e9:a5:58:ce:2f:e9:1b:2a:6f:59:d7:53:64: a4:9f:ec:70:22:c5:75:f4:4f:8c:b3:a9:b7:39:78: d7:ca:e6:a7:cf:a4:7a:7d:f5:f7:0c:1a:66:e2:18: e8:f9:ef:86:22:53:86:c4:e1:bf:60:22:c1:49:0f: 33:08:76:06:e9:28:a8:7b:5b:f3:c8:fd:7c:5c:c0: 1f:1d:92:77:de:55:a6:14:2f:c5:6a:07:16:f7:15: 68:34:b1:7a:b0:83:85:2a:68:6e:68:1f:2b:3d:c8: c2:75:cc:8c:d0:73:bc:89:2c:75:d0:53:cf:5b:95: e6:0d:35:98:96:89:90:ed:10:86:22:90:a3:a2:84: cb:c6:b4:a3:40:98:71:eb:e7:5d:45:1a:36:c0:47: cf:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:38:E6:E9:E8:8C:95:EF:CB:D6:76:63:D8:F0:88:49:73:F4:CC:0D X509v3 Authority Key Identifier: keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:49:91:b7:5b:55:27:7c:63:90:24:cb:05:c0:67:d0:23:bf: 7e:93:26:8b:c2:33:4f:be:44:4f:b3:fc:f4:58:72:f0:0b:ab: 0d:63:d9:f9:80:16:4a:ac:ce:3f:07:34:68:2f:5d:f7:42:00: 37:d9:e0:6e:ca:11:33:99:36:86:a5:50:8d:72:0b:a9:6d:bc: 65:2b:b4:e8:f0:74:76:c1:80:47:53:88:b6:19:65:d0:c4:b7: f0:d2:fb:dd:0e:c4:6c:f9:bf:e2:75:c3:91:d5:65:ce:e3:b4: d5:04:cc:3e:b0:53:33:d4:f3:4c:ac:a2:a2:a5:5f:41:6a:a6: 4a:f9:c2:f2:75:c8:1a:53:74:17:12:bd:43:5e:c3:c6:6f:0c: 07:6f:f6:33:c0:84:a9:f3:8f:89:53:e8:3d:24:01:87:3f:3a: 46:ad:75:81:fb:2c:f3:7f:82:01:a4:09:23:5f:1a:ea:c1:4c: 06:f7:31:6e:67:8a:36:33:72:58:14:df:3a:ac:33:58:f8:50: 38:68:4b:08:16:84:f3:2d:ed:ae:a9:7d:5c:93:07:a3:b9:6f: 94:08:b8:2b:46:43:d4:b7:97:ce:0b:3d:7c:5c:ff:38:22:7e: 7b:77:6c:52:80:66:d5:cd:d1:ea:6c:b0:be:0c:61:82:2f:f4: e4:aa:7b:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsuVKR32od1UuBYVsvES1v3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw Mzk0MWEwHhcNMjUxMjE3MjIwMDU3WhcNMjUxMjE4MjIwMDU3WjAzMTEwLwYDVQQD EyhlYzM4ZTZlOWU4OGM5NWVmY2JkNjc2NjNkOGYwODg0OTczZjRjYzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ7kbJIeKoXfE3NBlxhlyA/RBvv5 6KNuOCz2h2NfuppPDthNXFm2hGiXyM3wlFgKSksD2KbWXkzVcqEz51K/R6laaE2E Gq8FA4ZY+2E3y8OsKQ9fZfSejmbLZ+dn98FAIwzG9cvcgy0kzumlWM4v6Rsqb1nX U2Skn+xwIsV19E+Ms6m3OXjXyuanz6R6ffX3DBpm4hjo+e+GIlOGxOG/YCLBSQ8z CHYG6Sioe1vzyP18XMAfHZJ33lWmFC/FagcW9xVoNLF6sIOFKmhuaB8rPcjCdcyM 0HO8iSx10FPPW5XmDTWYlomQ7RCGIpCjooTLxrSjQJhx6+ddRRo2wEfPewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOw45unojJXvy9Z2Y9jwiElz9MwNMB8GA1UdIwQY MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh0mRt1tV J3xjkCTLBcBn0CO/fpMmi8IzT75ET7P89Fhy8AurDWPZ+YAWSqzOPwc0aC9d90IA N9ngbsoRM5k2hqVQjXILqW28ZSu06PB0dsGAR1OIthll0MS38NL73Q7EbPm/4nXD kdVlzuO01QTMPrBTM9TzTKyioqVfQWqmSvnC8nXIGlN0FxK9Q17Dxm8MB2/2M8CE qfOPiVPoPSQBhz86Rq11gfss83+CAaQJI18a6sFMBvcxbmeKNjNyWBTfOqwzWPhQ OGhLCBaE8y3trql9XJMHo7lvlAi4K0ZD1LeXzgs9fFz/OCJ+e3dsUoBm1c3R6myw vgxhgi/05Kp7bg== -----END CERTIFICATE-----Generated at Thu Dec 18 08:00:39 2025 by rpki-client