This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft File: otCM3GpDDvDaiCmRcla2rY0KNvk.mft (raw, json) Hash identifier: ZtqnMS8PUdooZL0gqBFqJTJqvdd20Y8j8ST/iFyNcj0= Subject key identifier: 3C:A9:22:E3:88:F9:94:12:1A:6D:1A:18:B0:53:FE:2E:A6:BB:4C:7A Authority key identifier: A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9 Certificate issuer: /CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9 Certificate serial: 019AF12EA246671EE43775F987C733B5FB85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft Manifest number: 0984 Signing time: Sat 06 Dec 2025 01:02:36 +0000 Manifest this update: Sat 06 Dec 2025 01:02:36 +0000 Manifest next update: Sun 07 Dec 2025 01:02:36 +0000 Files and hashes: 1: otCM3GpDDvDaiCmRcla2rY0KNvk.crl (hash: 4yRv78EEKyBnSMITZgqTHmV8T51ijPNsb/gHhw+AYi8=) 2: uWHHQqBwsm-RgF6BGlPrCIiU5u8.roa (hash: c70DUe86Dscr+BOk1RbQf+gmFBszpSvbzYy8111R1f4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a2:46:67:1e:e4:37:75:f9:87:c7:33:b5:fb:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2d08cdc6a430ef0da8829917256b6ad8d0a36f9 Validity Not Before: Dec 6 01:02:36 2025 GMT Not After : Dec 7 01:02:36 2025 GMT Subject: CN=3ca922e388f994121a6d1a18b053fe2ea6bb4c7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:f6:b5:a9:a8:e3:c5:55:6e:fe:88:6a:99:95: 9f:be:93:83:2b:3c:9c:26:df:50:b2:c7:17:fb:bc: 7c:04:52:6a:1f:1a:8f:4e:54:be:4e:b8:31:68:17: 05:eb:86:29:bb:bd:6a:47:b8:5c:48:82:b7:f8:ab: d0:a0:92:d9:7d:45:a6:6c:63:3c:23:91:52:47:3d: 1f:86:e7:ee:a6:23:0a:32:c8:e8:95:58:76:ae:10: 41:33:96:fe:82:c1:09:02:2d:7d:34:b3:04:35:68: e7:84:e3:dd:91:9f:e4:55:0b:a7:fc:f3:3a:aa:6d: 42:7a:9a:f8:c4:28:bf:1d:da:07:e1:eb:6b:99:38: 19:38:a4:9f:32:93:88:f4:9e:2b:53:5b:7b:0d:fb: 10:62:3f:56:8c:43:b2:85:0f:c0:b2:da:15:bb:25: b5:ff:6c:1c:e5:3e:3d:c3:90:29:d5:af:e1:73:d6: 19:38:5b:10:42:5b:62:8c:c8:18:40:80:e3:49:33: f8:2c:b1:84:15:ea:c6:65:9d:1c:f6:2e:d9:f5:9e: b4:de:bd:ac:c4:6a:b4:4d:32:2e:c1:8b:58:8e:41: 39:f2:74:c5:95:1f:57:ef:5c:54:69:96:99:47:30: 55:6a:63:02:35:47:12:18:c5:f7:a3:6f:75:bd:59: 7e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A9:22:E3:88:F9:94:12:1A:6D:1A:18:B0:53:FE:2E:A6:BB:4C:7A X509v3 Authority Key Identifier: keyid:A2:D0:8C:DC:6A:43:0E:F0:DA:88:29:91:72:56:B6:AD:8D:0A:36:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otCM3GpDDvDaiCmRcla2rY0KNvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc19cc-0f53-4d10-af93-dc01a19b2856/1/otCM3GpDDvDaiCmRcla2rY0KNvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:17:d8:f8:7f:16:2a:87:7d:a6:f2:d7:44:62:dc:23:a7:77: 34:e0:60:40:71:22:22:9f:4a:62:05:63:1f:80:d7:ae:d7:78: 19:bd:65:74:4a:9f:92:36:b4:6c:62:62:35:eb:71:4f:6f:9f: 89:8b:e9:39:88:5d:3e:79:ba:29:a3:27:d8:81:15:ec:8d:a1: 7f:1a:80:88:e5:7b:92:e0:7f:2b:e3:7f:44:4d:ff:da:37:0e: 0d:be:3a:2e:e6:65:67:d9:fa:0d:e1:09:d8:cf:52:3f:d1:50: 6f:4d:77:10:1f:68:ad:b3:b3:86:1c:1d:66:fc:42:5c:19:cb: ac:5e:d4:b7:21:c7:88:3d:bd:59:ca:4e:d3:84:74:98:e4:80: dc:bc:03:93:3c:0e:e3:fb:7c:d5:d6:37:85:27:c5:1c:53:f2: c3:73:4e:99:79:91:5f:7e:20:9f:9e:60:4a:55:2f:23:a6:ba: 72:47:fc:49:30:ba:b1:f6:c0:3f:5a:f8:7b:06:52:e6:03:a4: f5:f3:2d:72:6b:34:45:b3:a0:34:56:10:0e:ed:ee:ad:2f:c3: 72:6e:36:94:a1:cd:50:a8:f9:39:5d:fb:ac:ad:cc:f0:1b:89: 69:47:ab:26:7d:e2:28:cb:bd:25:6c:8c:89:f9:78:e3:97:c3: cb:a8:93:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqJGZx7kN3X5h8cztfuFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZDA4Y2RjNmE0MzBlZjBkYTg4Mjk5MTcyNTZiNmFkOGQw YTM2ZjkwHhcNMjUxMjA2MDEwMjM2WhcNMjUxMjA3MDEwMjM2WjAzMTEwLwYDVQQD EygzY2E5MjJlMzg4Zjk5NDEyMWE2ZDFhMThiMDUzZmUyZWE2YmI0YzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/a1qajjxVVu/ohqmZWfvpODKzyc Jt9QsscX+7x8BFJqHxqPTlS+TrgxaBcF64Ypu71qR7hcSIK3+KvQoJLZfUWmbGM8 I5FSRz0fhufupiMKMsjolVh2rhBBM5b+gsEJAi19NLMENWjnhOPdkZ/kVQun/PM6 qm1Cepr4xCi/HdoH4etrmTgZOKSfMpOI9J4rU1t7DfsQYj9WjEOyhQ/AstoVuyW1 /2wc5T49w5Ap1a/hc9YZOFsQQltijMgYQIDjSTP4LLGEFerGZZ0c9i7Z9Z603r2s xGq0TTIuwYtYjkE58nTFlR9X71xUaZaZRzBVamMCNUcSGMX3o291vVl++wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDypIuOI+ZQSGm0aGLBT/i6mu0x6MB8GA1UdIwQY MBaAFKLQjNxqQw7w2ogpkXJWtq2NCjb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMt ZGMwMWExOWIyODU2LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9iYzE5Y2MtMGY1My00ZDEwLWFmOTMtZGMwMWExOWIyODU2 LzEvb3RDTTNHcEREdkRhaUNtUmNsYTJyWTBLTnZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXRfY+H8W Kod9pvLXRGLcI6d3NOBgQHEiIp9KYgVjH4DXrtd4Gb1ldEqfkja0bGJiNetxT2+f iYvpOYhdPnm6KaMn2IEV7I2hfxqAiOV7kuB/K+N/RE3/2jcODb46LuZlZ9n6DeEJ 2M9SP9FQb013EB9orbOzhhwdZvxCXBnLrF7UtyHHiD29WcpO04R0mOSA3LwDkzwO 4/t81dY3hSfFHFPyw3NOmXmRX34gn55gSlUvI6a6ckf8STC6sfbAP1r4ewZS5gOk 9fMtcms0RbOgNFYQDu3urS/Dcm42lKHNUKj5OV37rK3M8BuJaUerJn3iKMu9JWyM ifl445fDy6iTUA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:11:12 2025 by rpki-client