This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft File: ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json) Hash identifier: I6HzZNYqtisc4NTrqVgt8v4UEV1LUaTzpkF0B/dbjFs= Subject key identifier: 01:94:67:C9:04:F5:E1:A1:29:0D:81:49:78:B5:49:73:E8:33:9E:2F Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85 Certificate issuer: /CN=3831f9aa50cefe825da5f90da67b303254a9db85 Certificate serial: 019AF08885715D8071266DD8C233E18C251E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft Manifest number: 0B70 Signing time: Fri 05 Dec 2025 22:01:10 +0000 Manifest this update: Fri 05 Dec 2025 22:01:10 +0000 Manifest next update: Sat 06 Dec 2025 22:01:10 +0000 Files and hashes: 1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: pokGsfjAzXT5bJvx0dnwcaMA3y/Q7ZLjoRdeUuWL3jI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:85:71:5d:80:71:26:6d:d8:c2:33:e1:8c:25:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85 Validity Not Before: Dec 5 22:01:10 2025 GMT Not After : Dec 6 22:01:10 2025 GMT Subject: CN=019467c904f5e1a1290d814978b54973e8339e2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:42:54:70:dc:da:98:66:99:25:3b:d3:82:7f: e3:5a:5f:a3:33:4e:8a:e7:65:5c:aa:72:38:01:25: 07:ba:0a:a4:34:6f:cb:0f:95:e0:7f:8f:68:e1:7e: 38:0a:a8:d6:93:4f:f9:07:bd:ec:b6:e4:e1:28:6e: 98:f0:10:c8:77:87:b5:69:d6:1b:e5:dd:49:6c:f2: 91:07:7f:aa:6c:40:23:74:05:0f:98:f8:3e:c5:d8: 02:0b:ba:3c:1f:05:cd:b0:0d:dd:82:ea:01:5f:34: 72:3f:ba:23:37:2d:8c:3d:17:b3:ce:c4:f3:7e:fc: d9:f0:3f:3c:d2:62:4b:03:a3:fb:1d:b5:cd:90:73: bd:cf:2d:29:6a:d1:1c:47:31:ca:4d:58:a3:0e:fd: f7:60:df:0a:40:19:9d:db:09:a6:ab:d2:b5:5f:4e: ee:a2:ab:87:43:ec:e7:6d:d7:29:c1:0c:e6:b4:b1: 9d:ee:93:35:de:68:e7:66:ca:8f:4d:42:34:9b:1b: d7:2d:c1:0f:62:4e:0d:75:6a:ab:6f:79:02:dd:68: b5:00:51:76:0f:3e:85:60:22:d5:1b:9d:e4:ee:05: 32:dd:9f:41:94:7f:1c:88:f9:8d:53:ce:69:b8:fe: 7a:9a:7e:80:f7:49:45:6a:ef:52:13:d3:ac:6a:10: 91:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:94:67:C9:04:F5:E1:A1:29:0D:81:49:78:B5:49:73:E8:33:9E:2F X509v3 Authority Key Identifier: keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:cb:6e:fb:00:0f:47:6a:de:dc:58:ef:31:5e:82:8b:44:87: f6:a4:88:d0:b7:07:96:1b:74:e6:93:a7:8d:88:9d:56:ce:6a: d2:5a:36:61:ce:1f:c6:51:9d:35:b2:7e:86:83:a7:c5:6f:ce: b7:1e:b6:99:c3:4a:a9:bb:e6:dc:57:3d:78:19:e1:38:25:7e: ce:ef:49:e7:b9:b5:c6:9b:ad:80:6e:e6:75:41:d0:3d:ee:e6: 62:d6:9a:5a:a4:2c:55:c0:da:1c:d1:30:06:39:51:3f:db:77: f9:b0:de:10:c1:ce:f6:25:af:5c:60:a5:ab:ac:14:12:a1:02: b9:d7:96:a0:3d:8e:10:4f:93:9f:d3:5f:e9:01:be:d2:9f:f0: 42:88:aa:75:01:42:52:2d:94:b9:95:88:85:fe:57:e3:c8:91: 7b:2f:28:55:1f:71:4b:76:a5:0f:07:7d:ac:f4:b7:34:af:37: 66:56:ec:8a:95:73:41:36:7f:fb:0e:d2:c6:9e:b8:95:c8:de: 30:b9:33:c5:08:8c:bd:b3:5f:63:2f:15:0b:40:89:94:4e:83: 2c:ac:23:9a:40:da:fb:b9:14:c5:60:2d:32:47:af:8e:34:93: e9:36:ed:a6:a3:3b:7b:11:15:75:a6:43:2e:c3:40:77:d1:9f: 7d:6a:ed:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiIVxXYBxJm3YwjPhjCUeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh OWRiODUwHhcNMjUxMjA1MjIwMTEwWhcNMjUxMjA2MjIwMTEwWjAzMTEwLwYDVQQD EygwMTk0NjdjOTA0ZjVlMWExMjkwZDgxNDk3OGI1NDk3M2U4MzM5ZTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kJUcNzamGaZJTvTgn/jWl+jM06K 52VcqnI4ASUHugqkNG/LD5Xgf49o4X44CqjWk0/5B73stuThKG6Y8BDId4e1adYb 5d1JbPKRB3+qbEAjdAUPmPg+xdgCC7o8HwXNsA3dguoBXzRyP7ojNy2MPRezzsTz fvzZ8D880mJLA6P7HbXNkHO9zy0patEcRzHKTVijDv33YN8KQBmd2wmmq9K1X07u oquHQ+znbdcpwQzmtLGd7pM13mjnZsqPTUI0mxvXLcEPYk4NdWqrb3kC3Wi1AFF2 Dz6FYCLVG53k7gUy3Z9BlH8ciPmNU85puP56mn6A90lFau9SE9OsahCRTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAGUZ8kE9eGhKQ2BSXi1SXPoM54vMB8GA1UdIwQY MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMtu+wAP R2re3FjvMV6Ci0SH9qSI0LcHlht05pOnjYidVs5q0lo2Yc4fxlGdNbJ+hoOnxW/O tx62mcNKqbvm3Fc9eBnhOCV+zu9J57m1xputgG7mdUHQPe7mYtaaWqQsVcDaHNEw BjlRP9t3+bDeEMHO9iWvXGClq6wUEqECudeWoD2OEE+Tn9Nf6QG+0p/wQoiqdQFC Ui2UuZWIhf5X48iRey8oVR9xS3alDwd9rPS3NK83ZlbsipVzQTZ/+w7Sxp64lcje MLkzxQiMvbNfYy8VC0CJlE6DLKwjmkDa+7kUxWAtMkevjjST6TbtpqM7exEVdaZD LsNAd9GffWrtZw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:40 2025 by rpki-client