This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft File: OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json) Hash identifier: 55D7/2XPkoYvj6iXCgvccxBODpERVi0vAh0tSyhjp0o= Subject key identifier: E5:F7:7B:5E:D4:23:9F:B8:04:A3:0B:E5:C0:0E:48:F4:26:88:29:A2 Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48 Certificate issuer: /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748 Certificate serial: 019AF208EF50E17D40A2617166C7FD5B9896 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft Manifest number: 06DD Signing time: Sat 06 Dec 2025 05:01:02 +0000 Manifest this update: Sat 06 Dec 2025 05:01:02 +0000 Manifest next update: Sun 07 Dec 2025 05:01:02 +0000 Files and hashes: 1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: oRK0nUUm0P+uncBxahqDYkLYbs0TfX8L1OE54/ewHWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:ef:50:e1:7d:40:a2:61:71:66:c7:fd:5b:98:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748 Validity Not Before: Dec 6 05:01:02 2025 GMT Not After : Dec 7 05:01:02 2025 GMT Subject: CN=e5f77b5ed4239fb804a30be5c00e48f4268829a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:75:c1:67:04:a3:fc:7e:97:24:ba:12:40:2e: d6:ba:44:76:3a:5c:e5:94:a5:fd:cc:c3:14:18:cb: 28:66:de:cb:a7:f2:fa:09:c4:b0:a2:d6:22:18:64: 72:4f:02:e5:6e:71:87:e7:32:76:19:e8:67:f6:4b: 20:be:a4:34:87:30:cc:f6:a2:7b:18:2f:5f:e7:23: 56:af:e3:e7:93:d6:57:fb:33:e4:9b:f1:b6:9a:1f: 7a:c7:a0:7f:68:51:b6:9a:c7:45:da:a5:f8:fe:c0: 60:62:6c:e7:a7:09:de:f8:3e:30:f0:56:08:2b:56: 8e:1e:fe:c8:44:8f:b4:fc:4d:3d:ee:79:1f:91:ff: 8d:16:15:49:c0:1d:e7:98:3a:fc:0e:64:b4:78:a2: 61:f7:c5:e4:62:13:f4:9e:f4:8f:6e:85:ed:7e:f6: 43:14:46:10:4a:05:82:e9:6c:51:0c:03:fc:20:25: 3f:fe:46:b4:a1:6b:26:e1:0a:7b:fc:46:07:97:cb: 86:6f:f5:2f:e8:c3:4d:db:57:0d:e0:05:4c:bc:2c: ab:f6:f0:49:49:11:40:95:bb:e3:0b:ee:92:bc:2d: ef:f3:a2:6a:b5:d3:5e:da:65:d8:33:98:0b:6d:fc: 54:a3:a0:61:40:b8:a1:0e:36:e7:8f:23:47:8a:ff: c0:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:F7:7B:5E:D4:23:9F:B8:04:A3:0B:E5:C0:0E:48:F4:26:88:29:A2 X509v3 Authority Key Identifier: keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:77:77:21:2f:a8:3b:1f:3c:e9:62:14:ac:cb:8f:85:fb:48: 70:0d:0e:8d:65:b2:1a:f6:63:04:3d:4f:30:19:11:67:12:82: 93:5f:ec:34:c1:a4:30:a4:6a:67:fc:5a:99:43:7e:a6:8d:8f: 00:44:2e:07:3f:dc:88:4e:9b:5e:87:1a:0d:3f:30:49:71:3b: 31:10:67:b7:68:a8:8f:96:38:f7:66:a1:6b:ac:74:4a:b8:2f: 81:f5:70:ed:47:ad:a2:3f:e7:ae:b2:a7:af:2e:d5:a2:76:aa: d4:c9:8c:02:e3:72:9a:17:82:34:d3:01:ee:f6:1b:c6:2e:cf: fa:e4:5d:72:f0:2a:52:89:bd:de:2d:da:27:5c:ee:a4:71:a0: 57:84:e0:07:6e:10:cd:e8:89:99:0d:a1:ed:c4:31:4e:7d:61: 58:51:b4:00:9d:2a:ac:8a:90:99:6a:46:4b:44:a0:30:e0:3f: f4:90:f6:a6:13:b8:22:1f:9c:38:83:56:9b:0d:d1:83:11:7c: dd:40:ba:04:65:e4:6d:d1:c9:d8:6d:63:4e:31:61:89:29:b1: e9:8e:d1:dd:27:7b:9f:0b:bf:bc:32:b9:1e:4d:54:7b:9b:62: 72:ae:6c:1b:8e:e2:45:18:de:df:f9:74:79:74:bc:38:e0:a2: c7:d2:87:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCO9Q4X1AomFxZsf9W5iWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw OTM3NDgwHhcNMjUxMjA2MDUwMTAyWhcNMjUxMjA3MDUwMTAyWjAzMTEwLwYDVQQD EyhlNWY3N2I1ZWQ0MjM5ZmI4MDRhMzBiZTVjMDBlNDhmNDI2ODgyOWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXXBZwSj/H6XJLoSQC7WukR2Olzl lKX9zMMUGMsoZt7Lp/L6CcSwotYiGGRyTwLlbnGH5zJ2Gehn9ksgvqQ0hzDM9qJ7 GC9f5yNWr+Pnk9ZX+zPkm/G2mh96x6B/aFG2msdF2qX4/sBgYmznpwne+D4w8FYI K1aOHv7IRI+0/E097nkfkf+NFhVJwB3nmDr8DmS0eKJh98XkYhP0nvSPboXtfvZD FEYQSgWC6WxRDAP8ICU//ka0oWsm4Qp7/EYHl8uGb/Uv6MNN21cN4AVMvCyr9vBJ SRFAlbvjC+6SvC3v86JqtdNe2mXYM5gLbfxUo6BhQLihDjbnjyNHiv/AMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOX3e17UI5+4BKML5cAOSPQmiCmiMB8GA1UdIwQY MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3d3IS+o Ox886WIUrMuPhftIcA0OjWWyGvZjBD1PMBkRZxKCk1/sNMGkMKRqZ/xamUN+po2P AEQuBz/ciE6bXocaDT8wSXE7MRBnt2ioj5Y492aha6x0SrgvgfVw7Uetoj/nrrKn ry7Vonaq1MmMAuNymheCNNMB7vYbxi7P+uRdcvAqUom93i3aJ1zupHGgV4TgB24Q zeiJmQ2h7cQxTn1hWFG0AJ0qrIqQmWpGS0SgMOA/9JD2phO4Ih+cOINWmw3RgxF8 3UC6BGXkbdHJ2G1jTjFhiSmx6Y7R3Sd7nwu/vDK5Hk1Ue5ticq5sG47iRRje3/l0 eXS8OOCix9KHFg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:09:09 2025 by rpki-client