This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft File: OTioGkQSd0HZSaNVpH88tZk4mng.mft (raw, json) Hash identifier: bl4b1FxD2fEHUiuZmRHfjUApuy4DuT3s437rQ1j07Yc= Subject key identifier: DB:FB:25:78:C8:5C:02:C0:8A:08:B8:3F:C3:C8:01:1F:82:EA:45:B2 Authority key identifier: 39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 Certificate issuer: /CN=3938a81a44127741d949a355a47f3cb599389a78 Certificate serial: 019AF19AAE7A0649C5BA8A195BE0E9158B6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft Manifest number: 11B4 Signing time: Sat 06 Dec 2025 03:00:37 +0000 Manifest this update: Sat 06 Dec 2025 03:00:37 +0000 Manifest next update: Sun 07 Dec 2025 03:00:37 +0000 Files and hashes: 1: OTioGkQSd0HZSaNVpH88tZk4mng.crl (hash: W7KizIXh41le/pD4nPvxG3zTbEgiMfzO1mBGAxoWHE0=) 2: SyALsZDSYtge1NmYRoKzwbP5Vv8.roa (hash: rjh76rxbo7HoAknp3g/P2hhQiBIAvMqHmifN8tVtg/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:ae:7a:06:49:c5:ba:8a:19:5b:e0:e9:15:8b:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3938a81a44127741d949a355a47f3cb599389a78 Validity Not Before: Dec 6 03:00:37 2025 GMT Not After : Dec 7 03:00:37 2025 GMT Subject: CN=dbfb2578c85c02c08a08b83fc3c8011f82ea45b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:39:75:d2:64:2d:64:05:20:cb:13:f5:cd:21: 81:0a:e9:fe:93:89:00:73:01:85:09:2f:ed:e8:19: 4c:65:4a:1f:cf:f5:5b:43:1c:1f:5b:62:27:66:f9: fe:52:fc:42:c7:cd:d4:72:b8:b6:eb:3d:8c:ee:2c: 0d:b8:a3:77:39:2d:c5:67:f4:f0:17:6b:a3:3a:1d: cb:a5:a6:ad:b7:58:51:9c:4a:06:03:7f:11:ca:17: a4:b9:30:07:fd:35:b7:83:43:a3:7a:d1:ba:1f:4f: 93:09:f1:76:c5:7f:ee:f0:dc:af:54:c7:9d:44:a5: 5e:d0:80:0a:42:e9:33:b9:2e:97:04:83:94:59:da: 75:f7:a6:b1:38:57:df:82:eb:b1:da:42:de:64:c1: d4:6c:a4:c3:f2:7f:b1:8b:b1:75:ed:78:a6:5c:6f: 3f:ba:5a:b5:31:85:7b:83:d8:6a:f6:82:06:94:d1: 97:4f:17:fa:e4:ff:a9:c9:27:79:45:75:82:a6:46: 75:b5:e5:b1:ac:40:c0:4e:8e:a2:34:26:15:c2:b8: 4f:65:aa:be:dc:4c:b4:89:d3:fb:c9:4d:2a:ad:f3: aa:67:43:ce:ce:13:bb:f8:67:2a:5f:2a:38:1d:22: b9:54:78:c3:34:8c:8a:17:50:2d:ac:22:75:ac:5a: 9c:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:FB:25:78:C8:5C:02:C0:8A:08:B8:3F:C3:C8:01:1F:82:EA:45:B2 X509v3 Authority Key Identifier: keyid:39:38:A8:1A:44:12:77:41:D9:49:A3:55:A4:7F:3C:B5:99:38:9A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTioGkQSd0HZSaNVpH88tZk4mng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/02cab5-59b4-4d90-a5db-fd214cacfb62/1/OTioGkQSd0HZSaNVpH88tZk4mng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:66:53:d8:27:42:a0:ee:f1:95:72:01:e4:f9:6f:37:40:a1: ad:4e:12:ef:27:51:74:7e:c0:90:91:88:22:19:99:05:32:0b: 17:bf:17:9e:3f:a9:66:90:90:19:56:61:4a:18:02:37:44:1c: bf:83:78:60:be:9d:bb:94:f4:9d:47:c4:08:0f:0a:01:d3:38: c9:f0:ab:89:2d:68:dd:72:b8:5c:2c:34:1a:d6:dd:7e:94:eb: 65:d1:50:b1:c6:d6:69:87:a4:90:00:80:8e:96:18:7a:d5:41: d6:51:3a:c3:c4:73:3b:39:fd:4b:2e:2d:e0:0d:e2:02:89:ac: c8:49:49:c7:7b:aa:12:9c:ae:f6:26:92:d6:48:2e:04:98:90: fb:7b:89:42:13:5c:64:c6:2e:13:39:4c:57:92:86:16:d9:60: b9:b9:25:3b:c4:38:c5:2b:cc:35:98:e9:8b:7b:23:77:99:c7: c0:62:19:ec:e7:1c:86:28:49:a9:e6:8c:d1:cd:34:5c:10:34: 2b:a6:04:4b:7b:1d:7f:d4:73:78:46:d3:b5:d3:93:ef:1a:fc: 80:d6:a0:79:59:e4:07:74:76:64:6d:03:67:7e:f1:52:52:de: 2d:73:87:dc:9a:a4:07:95:9c:b3:68:cf:6e:f2:6d:53:ee:4a: 4d:db:61:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmq56BknFuooZW+DpFYtsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzhhODFhNDQxMjc3NDFkOTQ5YTM1NWE0N2YzY2I1OTkz ODlhNzgwHhcNMjUxMjA2MDMwMDM3WhcNMjUxMjA3MDMwMDM3WjAzMTEwLwYDVQQD EyhkYmZiMjU3OGM4NWMwMmMwOGEwOGI4M2ZjM2M4MDExZjgyZWE0NWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzl10mQtZAUgyxP1zSGBCun+k4kA cwGFCS/t6BlMZUofz/VbQxwfW2InZvn+UvxCx83Ucri26z2M7iwNuKN3OS3FZ/Tw F2ujOh3Lpaatt1hRnEoGA38RyhekuTAH/TW3g0OjetG6H0+TCfF2xX/u8NyvVMed RKVe0IAKQukzuS6XBIOUWdp196axOFffguux2kLeZMHUbKTD8n+xi7F17XimXG8/ ulq1MYV7g9hq9oIGlNGXTxf65P+pySd5RXWCpkZ1teWxrEDATo6iNCYVwrhPZaq+ 3Ey0idP7yU0qrfOqZ0POzhO7+GcqXyo4HSK5VHjDNIyKF1AtrCJ1rFqcRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNv7JXjIXALAigi4P8PIAR+C6kWyMB8GA1UdIwQY MBaAFDk4qBpEEndB2UmjVaR/PLWZOJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGIt ZmQyMTRjYWNmYjYyLzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wMmNhYjUtNTliNC00ZDkwLWE1ZGItZmQyMTRjYWNmYjYy LzEvT1Rpb0drUVNkMEhaU2FOVnBIODh0Wms0bW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2ZT2CdC oO7xlXIB5PlvN0ChrU4S7ydRdH7AkJGIIhmZBTILF78Xnj+pZpCQGVZhShgCN0Qc v4N4YL6du5T0nUfECA8KAdM4yfCriS1o3XK4XCw0GtbdfpTrZdFQscbWaYekkACA jpYYetVB1lE6w8RzOzn9Sy4t4A3iAomsyElJx3uqEpyu9iaS1kguBJiQ+3uJQhNc ZMYuEzlMV5KGFtlgubklO8Q4xSvMNZjpi3sjd5nHwGIZ7OcchihJqeaM0c00XBA0 K6YES3sdf9RzeEbTtdOT7xr8gNageVnkB3R2ZG0DZ37xUlLeLXOH3JqkB5Wcs2jP bvJtU+5KTdth2A== -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:13 2025 by rpki-client