This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft File: OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft (raw, json) Hash identifier: ROyxS7XAySrnQn2PRe7kUml7mXJl9IIikb7fY9uIhAo= Subject key identifier: 69:EC:29:BA:CF:9E:E2:24:A2:35:B5:4B:F3:87:07:D5:8C:9F:7E:A4 Authority key identifier: 3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D Certificate issuer: /CN=3abc6247ee0caec365a8022f5f8c6feccca5710d Certificate serial: 019AF509D655A1C2E0C7C7CCF0A62E690C95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft Manifest number: 1041 Signing time: Sat 06 Dec 2025 19:00:53 +0000 Manifest this update: Sat 06 Dec 2025 19:00:53 +0000 Manifest next update: Sun 07 Dec 2025 19:00:53 +0000 Files and hashes: 1: OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl (hash: grf7Bu/mgpY4hgCcPMi40SBqzg9gmQNAPfSaL/mWaGs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:d6:55:a1:c2:e0:c7:c7:cc:f0:a6:2e:69:0c:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3abc6247ee0caec365a8022f5f8c6feccca5710d Validity Not Before: Dec 6 19:00:53 2025 GMT Not After : Dec 7 19:00:53 2025 GMT Subject: CN=69ec29bacf9ee224a235b54bf38707d58c9f7ea4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:21:f7:bb:6e:47:26:a4:ef:05:04:4e:cb:d3: eb:bc:34:a1:32:d2:a7:a4:ea:52:22:bd:c3:6a:d9: b3:89:12:2a:8c:8f:a8:a0:a0:5b:b9:ed:71:13:e0: 81:95:e6:49:58:d4:2b:80:94:d3:77:6b:61:ea:d8: 18:62:a3:0d:52:65:31:68:fa:a8:eb:4b:f6:a3:15: 94:cd:0d:60:a2:55:55:4e:92:f7:5f:c3:f2:2a:b7: f3:63:4b:89:d0:7b:4b:70:61:78:50:57:a2:9f:b4: e4:e8:cf:2d:a4:ac:8f:9a:f4:a1:f0:dc:33:9f:8c: c9:87:05:df:5e:39:bb:92:e4:e6:05:65:f7:cc:d4: 59:ae:17:67:8e:4e:48:e8:6a:4d:11:2c:9f:a6:cf: 39:79:7a:e4:c9:a5:8a:c1:50:0c:16:4e:c5:45:1d: 24:61:9f:24:e9:06:d6:3d:3e:84:0a:05:8a:b7:f1: fd:9d:b2:e1:06:41:8b:89:ac:be:84:cd:ee:91:24: f9:12:1c:d0:9a:35:5a:d3:e5:f8:a6:d4:af:3f:2b: cd:5f:94:06:c2:b9:61:3e:35:d2:c2:48:e8:e6:aa: e6:09:ef:45:8f:e0:a2:b7:c4:8b:2e:a9:6e:2a:9a: 5a:9d:94:e8:77:fe:62:f5:c7:87:cf:1b:b5:9f:6f: b3:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:EC:29:BA:CF:9E:E2:24:A2:35:B5:4B:F3:87:07:D5:8C:9F:7E:A4 X509v3 Authority Key Identifier: keyid:3A:BC:62:47:EE:0C:AE:C3:65:A8:02:2F:5F:8C:6F:EC:CC:A5:71:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrxiR-4MrsNlqAIvX4xv7MylcQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/633abb-2c3d-4dd3-80eb-b8cf649de32c/1/OrxiR-4MrsNlqAIvX4xv7MylcQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:f0:a0:16:1a:74:b5:b3:0e:23:d3:8b:54:f9:25:b6:4c:11: 54:7f:dc:3e:60:55:79:31:3d:52:58:ee:44:6d:80:61:d1:d6: 84:6f:7b:61:79:44:c0:f8:f4:94:f5:8c:ad:6d:a0:8b:5f:76: 73:2f:8a:5f:a8:42:34:99:33:51:1c:cb:cb:a4:12:cd:74:14: 75:96:4f:e2:e7:cf:36:a5:7e:df:ea:52:5f:55:5f:0c:c6:72: 43:bd:86:94:8d:5a:fc:82:a2:09:30:be:88:6a:90:cb:df:74: 81:b5:5b:fb:2a:db:bd:c1:83:2f:4d:bb:fc:6b:81:8e:cd:42: 18:07:5b:8f:95:d2:56:a8:03:39:d3:39:6a:0e:fc:0b:b5:d4: a5:7c:0d:07:fd:4d:d5:7e:b1:7c:89:b2:2f:38:d2:a4:ee:69: 2e:9d:32:76:ec:af:cf:d9:f4:ee:70:83:e5:85:73:ca:fe:d9: f7:ea:3c:22:38:9b:e0:ce:0a:9e:24:99:1d:e3:fd:1a:02:9c: c1:8b:bd:83:cf:cf:96:d4:49:01:69:fb:34:cb:54:56:46:f7: bf:c0:9a:c6:40:cd:9f:3d:e8:2d:b9:48:cb:82:2e:34:10:d0: d3:12:25:e8:48:e9:23:d2:b3:ee:6e:71:80:e7:c8:82:68:10: 4a:e9:6f:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CdZVocLgx8fM8KYuaQyVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhYmM2MjQ3ZWUwY2FlYzM2NWE4MDIyZjVmOGM2ZmVjY2Nh NTcxMGQwHhcNMjUxMjA2MTkwMDUzWhcNMjUxMjA3MTkwMDUzWjAzMTEwLwYDVQQD Eyg2OWVjMjliYWNmOWVlMjI0YTIzNWI1NGJmMzg3MDdkNThjOWY3ZWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSH3u25HJqTvBQROy9PrvDShMtKn pOpSIr3DatmziRIqjI+ooKBbue1xE+CBleZJWNQrgJTTd2th6tgYYqMNUmUxaPqo 60v2oxWUzQ1golVVTpL3X8PyKrfzY0uJ0HtLcGF4UFein7Tk6M8tpKyPmvSh8Nwz n4zJhwXfXjm7kuTmBWX3zNRZrhdnjk5I6GpNESyfps85eXrkyaWKwVAMFk7FRR0k YZ8k6QbWPT6ECgWKt/H9nbLhBkGLiay+hM3ukST5EhzQmjVa0+X4ptSvPyvNX5QG wrlhPjXSwkjo5qrmCe9Fj+Cit8SLLqluKppanZTod/5i9ceHzxu1n2+zBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGnsKbrPnuIkojW1S/OHB9WMn36kMB8GA1UdIwQY MBaAFDq8YkfuDK7DZagCL1+Mb+zMpXENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWIt YjhjZjY0OWRlMzJjLzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MzNhYmItMmMzZC00ZGQzLTgwZWItYjhjZjY0OWRlMzJj LzEvT3J4aVItNE1yc05scUFJdlg0eHY3TXlsY1EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcvCgFhp0 tbMOI9OLVPkltkwRVH/cPmBVeTE9UljuRG2AYdHWhG97YXlEwPj0lPWMrW2gi192 cy+KX6hCNJkzURzLy6QSzXQUdZZP4ufPNqV+3+pSX1VfDMZyQ72GlI1a/IKiCTC+ iGqQy990gbVb+yrbvcGDL027/GuBjs1CGAdbj5XSVqgDOdM5ag78C7XUpXwNB/1N 1X6xfImyLzjSpO5pLp0yduyvz9n07nCD5YVzyv7Z9+o8Ijib4M4KniSZHeP9GgKc wYu9g8/PltRJAWn7NMtUVkb3v8CaxkDNnz3oLblIy4IuNBDQ0xIl6EjpI9Kz7m5x gOfIgmgQSulvHQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:18:49 2025 by rpki-client