This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft File: OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json) Hash identifier: D+vLew2uRdpuLBLIri8B1o4UNCMVYK+C3gIF6CZ0FUY= Subject key identifier: 23:AC:B3:3A:B8:1B:93:8A:A7:9C:A7:24:14:AC:1A:E1:A0:39:D9:99 Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39 Certificate issuer: /CN=3a2b50799b31c0b145124650d711bce383d67039 Certificate serial: 019AF276DDB7B052895C939CB536A0C95A97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft Manifest number: 0BB3 Signing time: Sat 06 Dec 2025 07:01:07 +0000 Manifest this update: Sat 06 Dec 2025 07:01:07 +0000 Manifest next update: Sun 07 Dec 2025 07:01:07 +0000 Files and hashes: 1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: 0/hDnzZQlhUh5qBcPeZYh3dH+t1U3p75gMbWkhsigKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 07:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:dd:b7:b0:52:89:5c:93:9c:b5:36:a0:c9:5a:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039 Validity Not Before: Dec 6 07:01:07 2025 GMT Not After : Dec 7 07:01:07 2025 GMT Subject: CN=23acb33ab81b938aa79ca72414ac1ae1a039d999 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:63:76:0d:fa:86:23:97:8a:e4:17:41:f4:dc: 1b:c9:49:76:11:64:e3:78:45:56:f1:a2:63:16:fc: e3:b9:5b:9d:93:4c:a5:c8:3b:d5:5c:5b:87:f9:bc: b3:05:10:75:30:32:b4:e0:3b:4d:e9:67:66:dd:35: 3e:f6:b5:fc:92:a5:c8:da:7a:ea:90:66:24:da:30: 13:2f:57:f0:de:eb:cc:ff:28:27:28:2c:00:e5:96: b6:e4:3c:43:4d:60:1f:30:54:7d:a5:86:f7:a9:5f: 27:8b:c2:1b:a5:dc:8e:e7:02:08:f2:72:2e:8f:77: 1b:f0:b5:9f:9a:8f:e3:5b:00:bd:f0:21:e5:ef:23: 32:d8:d4:d8:27:00:00:4e:2d:6b:75:43:dd:81:f9: 52:0e:4c:3d:4e:27:2e:09:d1:03:4d:0f:00:88:fb: ba:04:45:d3:15:17:b9:c4:7c:18:d6:04:20:bd:9d: a4:83:59:2d:b3:5d:26:81:1b:c4:ec:0e:82:03:80: 95:f5:47:05:6c:d3:b6:fa:04:58:e3:75:4a:8e:24: d5:04:4a:e6:4b:7d:17:43:36:fa:3b:d8:7f:84:54: 5b:8b:1c:e8:6b:29:4e:ac:3a:59:0c:39:7b:06:f8: 95:14:14:d9:31:20:e1:68:49:d5:03:dc:db:ee:c7: 0d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:AC:B3:3A:B8:1B:93:8A:A7:9C:A7:24:14:AC:1A:E1:A0:39:D9:99 X509v3 Authority Key Identifier: keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:51:f2:1b:53:b2:05:40:1a:6e:dd:f9:e8:52:dd:1a:a8:79: fb:de:c2:74:56:20:98:04:65:69:83:31:49:bb:dd:4d:2b:7f: 94:4b:01:e0:b4:64:0c:10:99:32:fb:dc:b7:ca:54:af:e3:4c: 5e:60:41:c3:e6:21:ef:04:09:f9:70:5f:24:fe:ea:e0:70:4b: b5:62:49:d2:f3:74:23:4f:34:8b:5f:96:c7:c4:12:d0:71:d3: 9f:b3:9f:e2:a4:fe:1e:1d:56:93:64:0f:39:55:81:23:7c:1a: c9:3e:59:4f:7b:36:6b:8b:ae:2c:8f:54:9e:b0:a6:31:c2:0a: 62:40:54:fd:d5:c8:e2:62:6b:b3:af:97:59:cd:cf:0e:7b:e4: 92:89:b5:89:74:bb:32:7f:69:db:a6:09:5e:e3:44:90:a8:eb: 02:85:b9:e4:12:e9:96:8e:39:27:3c:09:b3:d5:32:22:35:5c: a9:57:b7:1b:69:b8:b3:41:9a:49:a7:99:42:50:16:34:d2:10: 11:99:39:15:b1:73:a2:e2:ec:4a:85:95:71:58:e0:b6:47:87: ff:72:86:1c:0e:a2:be:e4:db:e1:14:ac:c8:9e:69:de:fe:5e: 00:cd:07:27:1b:2d:70:8c:96:1f:8b:74:f2:02:da:81:55:9e: cd:03:53:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydt23sFKJXJOctTagyVqXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk NjcwMzkwHhcNMjUxMjA2MDcwMTA3WhcNMjUxMjA3MDcwMTA3WjAzMTEwLwYDVQQD EygyM2FjYjMzYWI4MWI5MzhhYTc5Y2E3MjQxNGFjMWFlMWEwMzlkOTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWN2DfqGI5eK5BdB9NwbyUl2EWTj eEVW8aJjFvzjuVudk0ylyDvVXFuH+byzBRB1MDK04DtN6Wdm3TU+9rX8kqXI2nrq kGYk2jATL1fw3uvM/ygnKCwA5Za25DxDTWAfMFR9pYb3qV8ni8IbpdyO5wII8nIu j3cb8LWfmo/jWwC98CHl7yMy2NTYJwAATi1rdUPdgflSDkw9TicuCdEDTQ8AiPu6 BEXTFRe5xHwY1gQgvZ2kg1kts10mgRvE7A6CA4CV9UcFbNO2+gRY43VKjiTVBErm S30XQzb6O9h/hFRbixzoaylOrDpZDDl7BviVFBTZMSDhaEnVA9zb7scNUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCOsszq4G5OKp5ynJBSsGuGgOdmZMB8GA1UdIwQY MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlHyG1Oy BUAabt356FLdGqh5+97CdFYgmARlaYMxSbvdTSt/lEsB4LRkDBCZMvvct8pUr+NM XmBBw+Yh7wQJ+XBfJP7q4HBLtWJJ0vN0I080i1+Wx8QS0HHTn7Of4qT+Hh1Wk2QP OVWBI3wayT5ZT3s2a4uuLI9UnrCmMcIKYkBU/dXI4mJrs6+XWc3PDnvkkom1iXS7 Mn9p26YJXuNEkKjrAoW55BLplo45JzwJs9UyIjVcqVe3G2m4s0GaSaeZQlAWNNIQ EZk5FbFzouLsSoWVcVjgtkeH/3KGHA6ivuTb4RSsyJ5p3v5eAM0HJxstcIyWH4t0 8gLagVWezQNT9g== -----END CERTIFICATE-----Generated at Sat Dec 6 17:21:57 2025 by rpki-client