This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft File: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json) Hash identifier: GaY99QIGEl1R8SaJAbJ+QumcD47eRBGqZGvBduFok1Q= Subject key identifier: F4:52:2F:A4:1A:FD:A5:50:93:E6:2B:89:11:C5:46:0F:AF:D6:EA:5C Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A Certificate issuer: /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Certificate serial: 019B3042FB76E5B272F66B8497B3AC3424C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 07:00:54 +0000 Manifest this update: Thu 18 Dec 2025 07:00:54 +0000 Manifest next update: Fri 19 Dec 2025 07:00:54 +0000 Files and hashes: 1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: bHYQp/th2qaFfvDT/IxV/0+2eBlC3+D56DzgYALlLa4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:42:fb:76:e5:b2:72:f6:6b:84:97:b3:ac:34:24:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Validity Not Before: Dec 18 07:00:54 2025 GMT Not After : Dec 19 07:00:54 2025 GMT Subject: CN=f4522fa41afda55093e62b8911c5460fafd6ea5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:05:f6:ee:43:7e:5c:8b:f2:c4:36:81:ea:a4: 46:40:e8:8e:ea:b7:a8:25:45:2f:f6:aa:62:1b:91: 2a:54:bf:ca:61:bc:54:ea:27:8d:e5:27:4f:f5:9b: 91:2e:e6:12:e7:5c:9a:00:9f:0b:d7:69:3a:0c:87: 63:00:f7:10:9b:79:fa:da:b4:4e:4c:83:c4:08:7f: 12:c7:af:61:a6:f6:d0:52:13:df:28:94:21:73:a5: f8:da:60:a8:63:d8:2f:43:2d:14:f5:45:4e:10:ac: 20:d1:fd:02:25:56:0c:1a:bb:00:29:42:0d:ce:74: d6:3f:59:c2:14:7e:2c:6e:14:f0:76:0d:57:28:e4: 9f:e8:95:e8:01:e7:3a:f2:90:43:fe:b3:62:d8:6f: e6:1e:29:fc:f6:da:21:b3:11:79:92:ca:15:5a:49: 61:ec:8a:78:98:44:fb:51:28:48:ca:49:e0:4e:da: f5:8f:a6:53:9a:1f:94:39:1f:72:93:3f:d1:29:36: 96:c1:87:93:07:9b:ea:e8:f5:d3:8c:68:7c:d9:95: 44:cc:7a:66:4b:6d:6f:bb:1b:cd:78:13:08:b7:77: e7:19:33:c4:4e:e8:a1:41:1c:9d:fc:b0:bf:c5:e8: fe:e4:81:ef:7d:8e:b8:59:c1:29:5c:c1:91:b0:2e: 5d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:52:2F:A4:1A:FD:A5:50:93:E6:2B:89:11:C5:46:0F:AF:D6:EA:5C X509v3 Authority Key Identifier: keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:4c:4e:36:d1:49:c2:f2:15:fe:31:ae:b0:db:e7:b7:32:30: 9f:97:72:60:7a:09:01:51:b2:62:25:c2:1a:1b:08:97:e0:44: 1c:dd:40:21:f4:91:f1:3e:db:c6:80:4d:82:94:79:cf:c4:ce: 49:ce:5b:a5:e8:1d:69:c7:d3:45:6e:05:00:6f:a6:95:21:d9: b5:24:76:b2:19:f8:bb:61:42:38:0d:c5:dc:c5:c9:24:da:5a: b1:67:92:5f:38:d6:ae:ff:ec:79:18:e4:6b:a9:d3:bd:55:c2: ff:6b:77:a2:ca:04:8d:37:07:58:0f:d7:8a:51:59:dc:d3:85: 53:43:bd:31:bc:6a:e4:36:87:ee:69:10:17:4a:78:df:07:8c: 47:0f:95:dd:80:47:d1:e8:7b:66:04:f0:d0:eb:74:a6:c0:5a: 89:79:08:b0:17:33:28:33:25:39:d8:c8:99:a3:4b:e6:58:d7: 59:8d:ad:4f:c5:3d:05:c2:b7:ac:d0:3b:d3:99:9b:82:dc:be: 06:5d:0b:2a:14:46:3a:31:cf:ff:8f:6a:ed:5f:c3:f7:8d:32: 17:64:56:dd:46:89:88:5e:a8:e5:a8:f5:c8:48:43:7d:ae:82: e6:a8:a9:05:25:06:c8:ab:fe:52:c7:76:fd:e2:c1:ce:56:0d: 78:99:07:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQvt25bJy9muEl7OsNCTEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw Mzk0MWEwHhcNMjUxMjE4MDcwMDU0WhcNMjUxMjE5MDcwMDU0WjAzMTEwLwYDVQQD EyhmNDUyMmZhNDFhZmRhNTUwOTNlNjJiODkxMWM1NDYwZmFmZDZlYTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgX27kN+XIvyxDaB6qRGQOiO6reo JUUv9qpiG5EqVL/KYbxU6ieN5SdP9ZuRLuYS51yaAJ8L12k6DIdjAPcQm3n62rRO TIPECH8Sx69hpvbQUhPfKJQhc6X42mCoY9gvQy0U9UVOEKwg0f0CJVYMGrsAKUIN znTWP1nCFH4sbhTwdg1XKOSf6JXoAec68pBD/rNi2G/mHin89tohsxF5ksoVWklh 7Ip4mET7UShIykngTtr1j6ZTmh+UOR9ykz/RKTaWwYeTB5vq6PXTjGh82ZVEzHpm S21vuxvNeBMIt3fnGTPETuihQRyd/LC/xej+5IHvfY64WcEpXMGRsC5dqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRSL6Qa/aVQk+YriRHFRg+v1upcMB8GA1UdIwQY MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUxONtFJ wvIV/jGusNvntzIwn5dyYHoJAVGyYiXCGhsIl+BEHN1AIfSR8T7bxoBNgpR5z8TO Sc5bpegdacfTRW4FAG+mlSHZtSR2shn4u2FCOA3F3MXJJNpasWeSXzjWrv/seRjk a6nTvVXC/2t3osoEjTcHWA/XilFZ3NOFU0O9Mbxq5DaH7mkQF0p43weMRw+V3YBH 0eh7ZgTw0Ot0psBaiXkIsBczKDMlOdjImaNL5ljXWY2tT8U9BcK3rNA705mbgty+ Bl0LKhRGOjHP/49q7V/D940yF2RW3UaJiF6o5aj1yEhDfa6C5qipBSUGyKv+Usd2 /eLBzlYNeJkHkA== -----END CERTIFICATE-----Generated at Thu Dec 18 11:27:15 2025 by rpki-client