This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft File: OTba8DdWuvg7pPONvl1oy5us7_k.mft (raw, json) Hash identifier: T0LZf0R0bZ03VdOcCvOKS2+fCzzB9YdB1R+ssEmB8NE= Subject key identifier: D2:EC:F5:FB:B7:16:66:70:9C:04:BB:19:EC:43:91:33:DB:A5:BE:CE Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Certificate serial: 019AF766FFF83E7C29F8426DD1D423FA929C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft Manifest number: 091E Signing time: Sun 07 Dec 2025 06:01:53 +0000 Manifest this update: Sun 07 Dec 2025 06:01:53 +0000 Manifest next update: Mon 08 Dec 2025 06:01:53 +0000 Files and hashes: 1: 1ZMKCjtoyUotW5zL6d-I3qOaSBE.roa (hash: 5gJp0s5iC22SH9q8M0EDrUjpQSDzsUFawVisJiKFG6A=) 2: D2x90Hp-gN9ES-WMtaRxOkRU7zk.roa (hash: l/qjD5THnTNjpjg3s7YHV5e23ifKj7BiMe0FzY2nCgo=) 3: OTba8DdWuvg7pPONvl1oy5us7_k.crl (hash: FImU7kFNXWTRkYbzSCNNZQRFYBEUVhmAAKTKzFVClvc=) 4: XAC3MTIDy2Wt50Hn1LPVCPZj6e0.roa (hash: Dwx9RqPqD8/O5XTxZSeNq9SNO+JNCNDt1UlVOS13grg=) 5: hbNzX9sb-OFJ3CONrcdLuZ55uyU.roa (hash: NFMtgtynDHta0KlGWRazjZvBYm+8qkNagl80fkK/Tdk=) 6: y5t9VCG86iK6aUs1XnSlJL9WwkU.roa (hash: AeobAv5BcqpSnLadsMWLSvPDtqBRihCI6v5wMAmYfok=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f7:66:ff:f8:3e:7c:29:f8:42:6d:d1:d4:23:fa:92:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Validity Not Before: Dec 7 06:01:53 2025 GMT Not After : Dec 8 06:01:53 2025 GMT Subject: CN=d2ecf5fbb71666709c04bb19ec439133dba5bece Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a9:2d:9c:3f:a6:9f:d6:30:5f:0a:04:35:98: f5:85:d6:6c:1c:7e:96:1f:9f:e6:dd:94:26:b8:e3: 2d:e5:ed:98:17:75:ff:9e:f6:5d:51:c5:11:34:81: 17:70:32:c3:be:f9:e7:4b:f9:fb:7b:1b:fa:0c:b0: c1:98:ec:30:9a:63:8e:f8:32:58:76:20:bd:b9:81: 87:9e:eb:da:c4:0c:3d:99:2c:3c:9b:46:09:9f:5c: 7f:c7:0e:07:b4:09:ee:e8:0d:9a:ad:fc:37:fe:d0: fa:fe:15:2e:31:a8:a3:0d:9c:eb:4a:88:35:6f:7c: f0:bb:8c:a6:40:b0:d4:c4:40:44:26:a2:f3:de:08: 8b:20:61:4c:90:c8:b0:12:bf:7e:b0:78:c4:84:11: 0b:2b:6f:17:14:7b:bb:0d:59:63:cc:97:9a:5b:1d: dd:af:c6:6d:6d:b1:73:8b:43:52:74:62:80:f2:53: 61:a5:81:05:2d:3c:f1:a7:ba:2f:c4:b6:63:24:2b: b4:ba:ec:e6:98:1b:17:7e:8c:51:fe:80:5c:ab:d5: 27:35:1a:57:af:02:58:80:d2:f2:8a:b0:b8:85:d0: ab:13:d6:a0:72:5c:d8:00:98:54:eb:95:d6:31:a5: b4:c7:8e:cf:58:f3:8e:15:e8:01:b7:10:4e:7b:b4: e9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EC:F5:FB:B7:16:66:70:9C:04:BB:19:EC:43:91:33:DB:A5:BE:CE X509v3 Authority Key Identifier: keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:46:d0:ec:9d:79:a9:d0:7e:06:46:55:ce:2a:8c:c6:e4:b7: f3:e5:3f:cc:94:11:2f:3f:7b:1c:16:5a:0f:6a:62:d1:52:0a: 37:4a:b2:19:1d:36:63:4e:9d:37:03:45:f3:17:82:48:8f:73: 31:53:7f:66:1b:89:68:38:dc:a3:2b:77:bb:7f:7d:fa:9e:01: 36:9f:85:ca:d2:1a:28:18:78:43:2f:76:a2:13:5c:f7:2c:38: 58:99:02:5a:61:f2:9a:69:b7:76:dd:e2:7f:95:2c:06:6c:04: ea:41:4e:02:58:5d:2f:97:12:d7:22:ad:24:55:a8:75:bc:c6: e7:8c:2d:01:62:a1:76:c9:d8:4a:dc:b9:0c:b3:87:ae:72:42: 7e:3a:7f:6a:12:ae:82:5b:67:0a:88:52:73:3e:f9:86:d8:cb: 43:6f:21:3b:a5:07:46:d7:1e:e9:0b:24:4e:d3:b2:00:d9:ef: 63:f5:ef:5f:57:73:7b:df:a8:93:d5:3d:71:b0:97:42:fe:a5: 45:b3:eb:88:80:6e:d9:45:29:db:61:6a:fa:87:8b:a6:4d:ed: 0e:2d:d1:87:f6:03:e6:29:3b:07:df:45:0c:49:f6:eb:da:b5: 98:a3:52:b4:80:23:3f:a0:be:38:c6:a0:b2:fe:cc:b0:a7:62: a1:19:c5:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr3Zv/4Pnwp+EJt0dQj+pKcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh Y2VmZjkwHhcNMjUxMjA3MDYwMTUzWhcNMjUxMjA4MDYwMTUzWjAzMTEwLwYDVQQD EyhkMmVjZjVmYmI3MTY2NjcwOWMwNGJiMTllYzQzOTEzM2RiYTViZWNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqktnD+mn9YwXwoENZj1hdZsHH6W H5/m3ZQmuOMt5e2YF3X/nvZdUcURNIEXcDLDvvnnS/n7exv6DLDBmOwwmmOO+DJY diC9uYGHnuvaxAw9mSw8m0YJn1x/xw4HtAnu6A2arfw3/tD6/hUuMaijDZzrSog1 b3zwu4ymQLDUxEBEJqLz3giLIGFMkMiwEr9+sHjEhBELK28XFHu7DVljzJeaWx3d r8ZtbbFzi0NSdGKA8lNhpYEFLTzxp7ovxLZjJCu0uuzmmBsXfoxR/oBcq9UnNRpX rwJYgNLyirC4hdCrE9agclzYAJhU65XWMaW0x47PWPOOFegBtxBOe7TpXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNLs9fu3FmZwnAS7GexDkTPbpb7OMB8GA1UdIwQY MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt Zjk1ZjY2ZDYwNTVjLzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0bQ7J15 qdB+BkZVziqMxuS38+U/zJQRLz97HBZaD2pi0VIKN0qyGR02Y06dNwNF8xeCSI9z MVN/ZhuJaDjcoyt3u399+p4BNp+FytIaKBh4Qy92ohNc9yw4WJkCWmHymmm3dt3i f5UsBmwE6kFOAlhdL5cS1yKtJFWodbzG54wtAWKhdsnYSty5DLOHrnJCfjp/ahKu gltnCohScz75htjLQ28hO6UHRtce6QskTtOyANnvY/XvX1dze9+ok9U9cbCXQv6l RbPriIBu2UUp22Fq+oeLpk3tDi3Rh/YD5ik7B99FDEn269q1mKNStIAjP6C+OMag sv7MsKdioRnFkg== -----END CERTIFICATE-----Generated at Sun Dec 7 08:30:41 2025 by rpki-client