This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft File: O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json) Hash identifier: 5WSJy/0PG1iJrjYWLTt0RwZ2olsoMqhxRl3wudErd30= Subject key identifier: 71:7B:E1:AE:7E:97:D3:62:EA:93:8A:2A:EC:9F:94:08:CB:45:07:86 Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7 Certificate issuer: /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7 Certificate serial: 019AF12E4BDEAF8631C30A69B87BCDE08ACD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft Manifest number: 0EBB Signing time: Sat 06 Dec 2025 01:02:14 +0000 Manifest this update: Sat 06 Dec 2025 01:02:14 +0000 Manifest next update: Sun 07 Dec 2025 01:02:14 +0000 Files and hashes: 1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: bfpO6FM66c+Brjt5CNRgM24CasSUb8HtKCOW49DmOcw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:4b:de:af:86:31:c3:0a:69:b8:7b:cd:e0:8a:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7 Validity Not Before: Dec 6 01:02:14 2025 GMT Not After : Dec 7 01:02:14 2025 GMT Subject: CN=717be1ae7e97d362ea938a2aec9f9408cb450786 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e2:9e:47:31:ae:bc:1d:f2:e6:90:1a:a7:35: f1:c5:27:e8:64:45:65:54:4a:61:3b:bb:66:14:c3: 10:91:1d:b0:f6:74:0d:66:da:0a:b1:16:a2:10:ed: a6:54:d6:71:85:e3:8c:18:cd:7c:9f:cc:bd:ab:dc: 84:d3:78:6a:1e:9b:8e:46:0f:35:46:6e:87:d9:72: a7:2e:e7:0a:74:1b:f5:09:68:e6:60:f7:09:2c:13: b0:f1:bc:1e:c6:06:14:f1:09:e5:cf:56:3c:37:05: 42:cf:9c:19:14:bb:56:b2:76:15:88:ba:e9:20:cc: 1e:eb:60:36:bc:ac:b0:99:da:27:83:26:bc:dd:02: 71:a3:25:f7:43:0a:e9:e7:f5:d9:2d:fc:f1:8a:a7: ed:da:b8:9d:76:b2:e1:f7:90:7c:a2:9f:8c:5e:94: d4:17:94:07:76:d4:98:57:22:86:9d:cd:89:1e:b4: 3a:b2:2b:12:45:fd:c8:84:c9:4d:11:29:67:26:73: fd:da:ec:da:87:8a:9f:59:7e:0e:61:f5:4c:4e:6a: 8d:eb:c2:af:70:f7:eb:04:7d:6c:e1:d4:68:b6:3e: 6d:5d:f4:e7:f0:71:3e:95:55:80:cd:7d:69:1f:82: a4:6d:29:b8:3f:98:40:14:7c:06:8a:33:3d:2e:36: f7:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:7B:E1:AE:7E:97:D3:62:EA:93:8A:2A:EC:9F:94:08:CB:45:07:86 X509v3 Authority Key Identifier: keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:6d:55:ae:c3:4b:9e:21:cc:f4:93:d4:b5:ec:a2:97:4a:22: e6:10:db:d5:76:f5:32:71:80:79:ad:17:e0:85:34:ab:d0:c7: f7:76:11:12:23:06:df:45:b2:87:2c:f4:35:3d:12:8d:65:53: 60:12:0f:2b:f6:32:d6:15:cb:a2:22:10:38:69:8d:e1:c6:d8: fb:8d:86:68:1c:3a:9f:94:99:3b:2c:ff:65:9d:23:dc:f4:86: 2d:18:f8:12:3b:47:ca:b0:e5:66:91:20:6f:da:15:08:2c:07: 52:a4:36:bc:56:f3:9f:6d:83:8c:98:5f:18:91:1f:ad:f6:41: 53:3c:56:9f:7d:c6:bf:14:70:be:e3:12:20:ea:52:e6:d6:da: cb:10:61:3e:9d:9c:a7:ce:28:3b:d7:e7:24:84:4a:ce:ef:d5: 1c:2b:8d:23:67:3f:34:b0:fa:ba:fd:1f:e1:2c:96:45:77:74: 20:f3:75:7c:a2:3c:b1:af:94:a2:90:a9:4c:9d:f8:58:d2:69: 6e:b1:4a:a5:12:03:cc:86:80:e0:e1:c7:a5:0b:af:04:66:51: 4b:f4:bd:38:bb:6d:1a:c4:8f:0c:01:58:04:6e:95:43:43:7f: 50:d8:ec:48:89:0b:3f:2d:bc:96:da:cc:f7:2c:5c:1e:a9:dd: 20:d4:11:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLkver4YxwwppuHvN4IrNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj NmM4YTcwHhcNMjUxMjA2MDEwMjE0WhcNMjUxMjA3MDEwMjE0WjAzMTEwLwYDVQQD Eyg3MTdiZTFhZTdlOTdkMzYyZWE5MzhhMmFlYzlmOTQwOGNiNDUwNzg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eKeRzGuvB3y5pAapzXxxSfoZEVl VEphO7tmFMMQkR2w9nQNZtoKsRaiEO2mVNZxheOMGM18n8y9q9yE03hqHpuORg81 Rm6H2XKnLucKdBv1CWjmYPcJLBOw8bwexgYU8Qnlz1Y8NwVCz5wZFLtWsnYViLrp IMwe62A2vKywmdongya83QJxoyX3Qwrp5/XZLfzxiqft2riddrLh95B8op+MXpTU F5QHdtSYVyKGnc2JHrQ6sisSRf3IhMlNESlnJnP92uzah4qfWX4OYfVMTmqN68Kv cPfrBH1s4dRotj5tXfTn8HE+lVWAzX1pH4KkbSm4P5hAFHwGijM9Ljb3eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHF74a5+l9Ni6pOKKuyflAjLRQeGMB8GA1UdIwQY MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM21VrsNL niHM9JPUteyil0oi5hDb1Xb1MnGAea0X4IU0q9DH93YREiMG30Wyhyz0NT0SjWVT YBIPK/Yy1hXLoiIQOGmN4cbY+42GaBw6n5SZOyz/ZZ0j3PSGLRj4EjtHyrDlZpEg b9oVCCwHUqQ2vFbzn22DjJhfGJEfrfZBUzxWn33GvxRwvuMSIOpS5tbayxBhPp2c p84oO9fnJIRKzu/VHCuNI2c/NLD6uv0f4SyWRXd0IPN1fKI8sa+UopCpTJ34WNJp brFKpRIDzIaA4OHHpQuvBGZRS/S9OLttGsSPDAFYBG6VQ0N/UNjsSIkLPy28ltrM 9yxcHqndINQRYw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:18:53 2025 by rpki-client