This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft File: oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft (raw, json) Hash identifier: pqvk+NullIFnhr+5etyNxliLnLi1YhLHGhpfurCW8M0= Subject key identifier: E2:E2:06:1F:89:77:F0:C5:B5:E5:69:23:A9:C1:D7:CA:27:73:71:57 Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59 Certificate serial: 019BF3867DA79AA2CB01D8FE25D3E0C7451E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft Manifest number: 0D4A Signing time: Sun 25 Jan 2026 05:00:36 +0000 Manifest this update: Sun 25 Jan 2026 05:00:36 +0000 Manifest next update: Mon 26 Jan 2026 05:00:36 +0000 Files and hashes: 1: 0MTbD1ZTQ8RkmGu_ThgOSCCcqRs.roa (hash: x8g3x8alA1GYm26r1ZPqCbnozd0RVhFDolwCkJFv3qc=) 2: oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl (hash: NS5XetPLnuu6TEeWdPbiLVYYbWQlNIz8jSAk99kJip0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f3:86:7d:a7:9a:a2:cb:01:d8:fe:25:d3:e0:c7:45:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59 Validity Not Before: Jan 25 05:00:36 2026 GMT Not After : Jan 26 05:00:36 2026 GMT Subject: CN=e2e2061f8977f0c5b5e56923a9c1d7ca27737157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:38:0c:b0:9c:e2:01:d3:12:70:d5:16:b5:5a: fc:46:d5:c6:e9:26:87:ff:d0:46:1d:ee:60:78:f4: 5a:15:f7:cd:5c:38:3c:6e:8d:88:53:6a:0c:10:60: 2a:9a:e1:69:7e:49:b8:dc:c9:02:8c:2b:26:0b:ba: f1:16:6b:68:9c:a2:fd:d3:6b:c6:b8:6f:61:70:57: 37:91:b5:af:9a:ec:62:4f:07:c0:e1:73:95:8d:ba: 6b:52:15:68:83:93:62:ff:07:bc:b5:85:5b:86:ef: 93:0b:9c:69:6d:7d:28:3e:d4:96:c6:71:3f:d9:ac: a1:46:3a:53:a6:59:e7:a1:ba:84:16:ac:c0:1a:7b: 66:ff:a1:d1:83:c7:71:da:7f:57:51:ab:33:2b:90: 61:b3:9f:0a:7f:97:d3:d2:89:58:8c:d2:89:81:44: 93:07:95:a6:4a:41:4b:85:cc:ab:92:86:15:97:44: ce:7a:1a:ea:74:cb:2f:b3:bb:97:a8:5f:eb:61:7b: 61:5e:01:d8:24:a8:31:ba:ea:c6:82:c7:9d:73:ed: dc:b2:46:b2:63:6b:99:6d:30:e1:70:4f:98:0a:af: 03:d1:94:c9:94:31:40:dd:16:9e:9f:d4:af:96:99: d7:d8:b2:26:f5:2a:22:19:fd:9b:b5:8a:29:9b:da: 4a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:E2:06:1F:89:77:F0:C5:B5:E5:69:23:A9:C1:D7:CA:27:73:71:57 X509v3 Authority Key Identifier: keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:55:9c:76:02:d9:fc:24:06:10:cf:f1:ba:8e:a0:33:a8:40: 43:f6:1d:8b:4d:58:f3:90:fd:f0:2c:c4:bc:28:85:29:36:bd: 61:5b:b9:b3:7f:17:25:c6:f3:81:5b:e0:d1:c2:8a:fa:35:c3: e4:f3:b1:b9:f2:ff:af:22:1c:77:79:6f:36:46:9a:15:bd:73: a7:da:e2:f2:67:f5:a2:1f:4f:0d:14:a2:68:f5:59:2e:53:25: 57:f6:22:98:7a:37:c4:d0:dc:50:37:f3:78:a4:7e:3c:08:7e: 05:e0:49:ac:b3:6d:1d:f9:9b:0e:bd:65:8a:59:5f:cb:47:79: 4e:c7:b2:8f:0f:69:a0:7f:75:51:e7:29:f0:9a:b7:55:7a:e6: 8d:0d:d2:a1:ba:b0:58:9e:4d:0e:55:79:24:f1:ee:81:cf:76: b2:25:a5:58:aa:d4:ab:97:47:cd:01:15:32:26:ea:1d:db:7b: 84:f4:99:04:96:18:90:0e:2c:39:56:e2:22:44:5d:80:c4:88: 03:1c:df:82:61:b5:77:8d:af:eb:59:34:30:d1:77:3b:40:ec: f1:d4:d4:00:95:8e:d8:1a:4c:e8:b2:f4:f0:a7:62:4d:fd:ac: 1a:64:22:ab:5c:59:31:b8:f6:fe:71:a3:04:aa:1c:af:1c:69: 13:c2:50:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvzhn2nmqLLAdj+JdPgx0UeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1 M2RjNTkwHhcNMjYwMTI1MDUwMDM2WhcNMjYwMTI2MDUwMDM2WjAzMTEwLwYDVQQD EyhlMmUyMDYxZjg5NzdmMGM1YjVlNTY5MjNhOWMxZDdjYTI3NzM3MTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDgMsJziAdMScNUWtVr8RtXG6SaH /9BGHe5gePRaFffNXDg8bo2IU2oMEGAqmuFpfkm43MkCjCsmC7rxFmtonKL902vG uG9hcFc3kbWvmuxiTwfA4XOVjbprUhVog5Ni/we8tYVbhu+TC5xpbX0oPtSWxnE/ 2ayhRjpTplnnobqEFqzAGntm/6HRg8dx2n9XUaszK5Bhs58Kf5fT0olYjNKJgUST B5WmSkFLhcyrkoYVl0TOehrqdMsvs7uXqF/rYXthXgHYJKgxuurGgsedc+3cskay Y2uZbTDhcE+YCq8D0ZTJlDFA3Raen9SvlpnX2LIm9SoiGf2btYopm9pKSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOLiBh+Jd/DFteVpI6nB18onc3FXMB8GA1UdIwQY MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt ZmI2OTgzY2U5ZGZmLzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFWcdgLZ /CQGEM/xuo6gM6hAQ/Ydi01Y85D98CzEvCiFKTa9YVu5s38XJcbzgVvg0cKK+jXD 5POxufL/ryIcd3lvNkaaFb1zp9ri8mf1oh9PDRSiaPVZLlMlV/YimHo3xNDcUDfz eKR+PAh+BeBJrLNtHfmbDr1lillfy0d5Tseyjw9poH91Uecp8Jq3VXrmjQ3Sobqw WJ5NDlV5JPHugc92siWlWKrUq5dHzQEVMibqHdt7hPSZBJYYkA4sOVbiIkRdgMSI AxzfgmG1d42v61k0MNF3O0Ds8dTUAJWO2BpM6LL08KdiTf2sGmQiq1xZMbj2/nGj BKocrxxpE8JQeA== -----END CERTIFICATE-----Generated at Sun Jan 25 10:43:13 2026 by rpki-client