This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft File: o-zqyBJVNKV5R5YtsokD-tesOvk.mft (raw, json) Hash identifier: gzOFm4hL6ugN8atPPHhtjZJQ8l3OH4Pj0EVAEmnFJXI= Subject key identifier: 4E:06:37:73:96:91:A1:C6:95:F7:40:A5:84:58:0A:BA:A8:5D:8E:0C Authority key identifier: A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 Certificate issuer: /CN=a3eceac8125534a57947962db28903fad7ac3af9 Certificate serial: 019BF5AC00F37BB1E7BE161F227A61A98016 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft Manifest number: 1767 Signing time: Sun 25 Jan 2026 15:00:48 +0000 Manifest this update: Sun 25 Jan 2026 15:00:48 +0000 Manifest next update: Mon 26 Jan 2026 15:00:48 +0000 Files and hashes: 1: 2MsPFamPffku1ttx9gaJe1ffa6Y.roa (hash: DHSbfM3R76vdNxci0L/Qjop0BLeabp3SpJ5q1Jd300M=) 2: o-zqyBJVNKV5R5YtsokD-tesOvk.crl (hash: vFk+bHBvMFteRi45QsHy5gCCXzJYQYyzROWn87g1rU4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:00:f3:7b:b1:e7:be:16:1f:22:7a:61:a9:80:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3eceac8125534a57947962db28903fad7ac3af9 Validity Not Before: Jan 25 15:00:48 2026 GMT Not After : Jan 26 15:00:48 2026 GMT Subject: CN=4e0637739691a1c695f740a584580abaa85d8e0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:1b:fe:36:f7:d4:d3:6d:ef:d2:fc:1b:c0:ba: 4d:a0:a1:82:9d:5b:9a:e9:dc:63:f1:1a:db:ee:cf: 85:75:92:65:af:22:09:17:19:3b:3a:07:f6:37:11: e0:a3:3d:bc:2f:8e:c0:c5:0e:cd:a3:ce:31:d2:f9: 6a:b3:2e:65:4e:77:21:48:b2:33:ca:66:4e:b6:a3: b4:a5:28:ee:91:a0:71:53:de:c7:b2:45:a9:6c:b6: b6:d8:7a:7a:c0:ed:4b:60:31:f2:24:5a:90:3b:1e: 4d:bc:58:0f:a8:84:b0:d4:7b:c6:1c:f4:96:0c:00: f8:a3:6c:36:70:98:62:fe:2d:35:7b:06:3a:83:e9: 31:73:54:64:8c:02:b5:ac:40:e0:d0:a4:20:87:5c: 59:51:c7:3f:0a:25:b9:85:78:74:ba:19:7c:30:81: 3e:31:7c:62:71:cb:ff:b6:cd:68:12:09:a0:f4:b3: 62:5a:14:30:ef:27:4a:05:5d:4b:73:35:7b:36:a5: 9a:28:ad:1a:26:5d:cd:58:fe:d8:d7:f9:f3:f5:15: db:b4:69:e6:38:74:a9:ac:37:ca:f5:b4:57:ae:ed: 07:ed:6d:d4:9b:11:d7:1a:57:0f:a5:84:37:fd:32: f0:f1:0e:9a:c9:65:b0:00:08:4c:be:64:12:80:a9: 36:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:06:37:73:96:91:A1:C6:95:F7:40:A5:84:58:0A:BA:A8:5D:8E:0C X509v3 Authority Key Identifier: keyid:A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:ee:6b:5c:58:3a:bc:7c:81:f8:c8:43:ae:8a:09:b1:ac:7e: 9f:f1:8b:bf:8f:99:4a:33:f5:74:ee:e1:64:26:68:15:e7:c7: 05:a7:7e:0b:27:fc:4d:00:29:aa:2c:17:45:0a:80:f2:e3:43: e4:17:30:0a:78:03:f6:64:36:82:c0:26:cc:0e:41:81:94:59: 56:b7:6a:db:a7:c7:cf:8f:64:39:d7:94:79:4b:7a:e6:a5:35: bd:5b:88:14:9b:0d:2f:50:2c:2b:76:dc:41:25:25:95:c9:15: 0b:58:75:03:7f:d7:0b:90:02:30:4d:4b:5b:4a:45:ce:6b:c2: d9:6c:18:9a:62:7f:ee:8a:c7:5e:03:c7:06:f2:12:72:5a:7a: ef:3f:0a:96:04:81:e8:d2:6e:22:f2:31:81:76:a5:4e:66:ad: cd:0f:55:17:68:8a:09:33:0d:48:c5:dc:0a:4b:6f:c0:c3:1d: d8:a3:a4:ea:56:86:06:82:bf:31:c6:a4:22:00:40:ac:b6:5f: e0:b7:61:80:58:1d:76:ef:3b:8f:d8:2f:31:60:47:f1:68:00: f8:9b:65:bd:f4:95:23:5a:33:e5:c0:2a:31:92:b2:2c:e8:e0: 9f:01:5e:55:ad:43:f8:72:28:f0:fe:84:af:99:b9:1c:02:f6: 44:06:c2:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rADze7HnvhYfInphqYAWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzZWNlYWM4MTI1NTM0YTU3OTQ3OTYyZGIyODkwM2ZhZDdh YzNhZjkwHhcNMjYwMTI1MTUwMDQ4WhcNMjYwMTI2MTUwMDQ4WjAzMTEwLwYDVQQD Eyg0ZTA2Mzc3Mzk2OTFhMWM2OTVmNzQwYTU4NDU4MGFiYWE4NWQ4ZTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRv+NvfU023v0vwbwLpNoKGCnVua 6dxj8Rrb7s+FdZJlryIJFxk7Ogf2NxHgoz28L47AxQ7No84x0vlqsy5lTnchSLIz ymZOtqO0pSjukaBxU97HskWpbLa22Hp6wO1LYDHyJFqQOx5NvFgPqISw1HvGHPSW DAD4o2w2cJhi/i01ewY6g+kxc1RkjAK1rEDg0KQgh1xZUcc/CiW5hXh0uhl8MIE+ MXxiccv/ts1oEgmg9LNiWhQw7ydKBV1LczV7NqWaKK0aJl3NWP7Y1/nz9RXbtGnm OHSprDfK9bRXru0H7W3UmxHXGlcPpYQ3/TLw8Q6ayWWwAAhMvmQSgKk22QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4GN3OWkaHGlfdApYRYCrqoXY4MMB8GA1UdIwQY MBaAFKPs6sgSVTSleUeWLbKJA/rXrDr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQt YTliZDVlNDEwYWVkLzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQtYTliZDVlNDEwYWVk LzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALu5rXFg6 vHyB+MhDrooJsax+n/GLv4+ZSjP1dO7hZCZoFefHBad+Cyf8TQApqiwXRQqA8uND 5BcwCngD9mQ2gsAmzA5BgZRZVrdq26fHz49kOdeUeUt65qU1vVuIFJsNL1AsK3bc QSUllckVC1h1A3/XC5ACME1LW0pFzmvC2WwYmmJ/7orHXgPHBvISclp67z8KlgSB 6NJuIvIxgXalTmatzQ9VF2iKCTMNSMXcCktvwMMd2KOk6laGBoK/McakIgBArLZf 4LdhgFgddu87j9gvMWBH8WgA+JtlvfSVI1oz5cAqMZKyLOjgnwFeVa1D+HIo8P6E r5m5HAL2RAbCXA== -----END CERTIFICATE-----Generated at Sun Jan 25 22:21:50 2026 by rpki-client