This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft File: D5otI3SqascUtfim7duA3GlnnMY.mft (raw, json) Hash identifier: KdBpde+HddfAeNJykvWil/PAqNRseoGu73bU89s93dI= Subject key identifier: 34:2E:A6:89:29:73:03:6D:D7:9C:97:40:DE:FA:DE:76:7D:EA:FB:30 Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Certificate serial: 019AF12D1AF285E411BA8E8C72B57FD07D76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft Manifest number: 0DC5 Signing time: Sat 06 Dec 2025 01:00:56 +0000 Manifest this update: Sat 06 Dec 2025 01:00:56 +0000 Manifest next update: Sun 07 Dec 2025 01:00:56 +0000 Files and hashes: 1: D5otI3SqascUtfim7duA3GlnnMY.crl (hash: fWHsdp886Vio7FMC9TaJ+e86fE4GjlEtZU79p1a9wNM=) 2: RNk_0Bt2Bdlaf0Pdd2eUPaMyW8E.roa (hash: m6J+0888VMRpST0J5iXwVh9t9K8LOLn/EV2xZ10pPjg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:1a:f2:85:e4:11:ba:8e:8c:72:b5:7f:d0:7d:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6 Validity Not Before: Dec 6 01:00:56 2025 GMT Not After : Dec 7 01:00:56 2025 GMT Subject: CN=342ea6892973036dd79c9740defade767deafb30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:df:77:a1:bc:7d:c7:b5:ce:bb:bf:fc:ff:a8: f3:68:e5:29:56:68:82:2e:fb:a0:b0:c1:61:05:dd: cd:ad:a8:17:75:86:bb:6d:d5:68:90:94:af:9b:ee: 4a:0e:51:98:3d:f3:05:db:a4:f3:7f:f9:3a:e5:dc: a4:7e:4e:a8:03:34:ad:e9:03:ec:81:46:58:d0:c2: 29:9e:5e:eb:9d:c1:88:22:9f:84:a9:43:eb:bc:60: 7f:58:5a:c3:f0:2b:ff:fe:38:38:9b:c6:ae:47:27: ba:38:11:22:e2:92:aa:4b:4a:25:65:d7:67:3c:9f: fc:32:ed:fd:46:e0:4e:c1:ee:bb:11:f0:5c:f0:b3: 5e:db:fe:45:4f:23:35:db:c3:4d:90:0b:80:53:d4: 83:96:17:9f:b1:cb:38:b5:92:8a:32:54:73:2f:94: 81:76:64:b5:94:39:64:cc:1f:95:4c:8d:f5:a7:a8: ff:f2:d6:86:4b:d5:92:36:fb:7b:13:11:c2:b9:ed: 17:86:c1:89:65:7b:6e:d0:4a:1c:5d:14:b6:22:54: c6:8a:6a:94:96:38:d9:22:0a:a7:99:cb:68:37:de: 9b:4a:c7:54:c4:4d:c8:2a:57:af:f2:51:9b:0c:15: d1:2c:79:f2:7e:63:a0:32:60:65:17:1c:0d:30:fa: d0:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:2E:A6:89:29:73:03:6D:D7:9C:97:40:DE:FA:DE:76:7D:EA:FB:30 X509v3 Authority Key Identifier: keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:0c:e8:31:7e:1a:bb:ad:a1:2e:bf:8f:81:80:d3:74:50:03: c9:fa:82:c9:6d:a9:f0:14:ff:ff:5d:b5:24:09:5b:be:0d:5f: 6c:a3:24:8e:ab:82:d9:c7:c9:7c:ff:ee:fb:dd:8e:d0:dc:36: 13:92:06:20:73:3e:cf:e4:85:94:62:03:a8:c2:12:b7:72:5a: d9:6f:f3:73:26:49:a1:dd:89:5e:e5:3c:d3:32:70:d3:a9:89: f8:82:65:f0:a5:85:57:36:2a:e9:af:86:ff:92:dd:c3:8f:8e: 4f:35:7c:62:72:f4:06:38:fe:f1:51:6d:2b:96:54:ff:cc:d7: 05:2d:71:f4:24:97:ed:fc:62:25:e5:b7:ec:a7:98:93:c1:af: 78:6b:9e:d0:56:31:e4:42:ef:83:7c:51:f7:51:13:17:63:a2: b2:80:b8:ec:0b:30:8e:ee:19:8d:0e:9a:a3:71:4d:5b:ad:5f: 57:11:57:01:5e:6c:44:b1:d2:32:d9:e5:32:b3:52:d3:54:6d: c7:ce:e0:20:64:c7:a6:88:ab:b6:ab:8d:63:f7:f0:2f:43:57: a1:1c:1c:97:ea:dc:72:89:6a:29:0a:ff:27:7e:a1:d5:06:8a: 47:ac:06:ff:99:ae:52:71:1f:2f:a8:ae:c3:22:e0:9e:0f:17: 93:68:02:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLRryheQRuo6McrV/0H12MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2 NzljYzYwHhcNMjUxMjA2MDEwMDU2WhcNMjUxMjA3MDEwMDU2WjAzMTEwLwYDVQQD EygzNDJlYTY4OTI5NzMwMzZkZDc5Yzk3NDBkZWZhZGU3NjdkZWFmYjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp993obx9x7XOu7/8/6jzaOUpVmiC LvugsMFhBd3NragXdYa7bdVokJSvm+5KDlGYPfMF26Tzf/k65dykfk6oAzSt6QPs gUZY0MIpnl7rncGIIp+EqUPrvGB/WFrD8Cv//jg4m8auRye6OBEi4pKqS0olZddn PJ/8Mu39RuBOwe67EfBc8LNe2/5FTyM128NNkAuAU9SDlhefscs4tZKKMlRzL5SB dmS1lDlkzB+VTI31p6j/8taGS9WSNvt7ExHCue0XhsGJZXtu0EocXRS2IlTGimqU ljjZIgqnmctoN96bSsdUxE3IKlev8lGbDBXRLHnyfmOgMmBlFxwNMPrQ/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQupokpcwNt15yXQN763nZ96vswMB8GA1UdIwQY MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt NmQ5NzE5OTJjMzQ5LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5 LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfwzoMX4a u62hLr+PgYDTdFADyfqCyW2p8BT//121JAlbvg1fbKMkjquC2cfJfP/u+92O0Nw2 E5IGIHM+z+SFlGIDqMISt3Ja2W/zcyZJod2JXuU80zJw06mJ+IJl8KWFVzYq6a+G /5Ldw4+OTzV8YnL0Bjj+8VFtK5ZU/8zXBS1x9CSX7fxiJeW37KeYk8GveGue0FYx 5ELvg3xR91ETF2OisoC47Aswju4ZjQ6ao3FNW61fVxFXAV5sRLHSMtnlMrNS01Rt x87gIGTHpoirtquNY/fwL0NXoRwcl+rccolqKQr/J36h1QaKR6wG/5muUnEfL6iu wyLgng8Xk2gCMw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:21 2025 by rpki-client