This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft File: Ony1ktfk7HG2eFXR38VdnQZwVHE.mft (raw, json) Hash identifier: MhES42ug7HdUe8MQCkc8KC6WJuSCwRGO4dsQRmK6MOw= Subject key identifier: 42:34:1E:7F:54:91:DB:A7:26:58:37:05:01:B1:B9:7C:FC:1B:AD:C2 Authority key identifier: 3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 Certificate issuer: /CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Certificate serial: 019BF5E30BF746145078C5466C9BC4B2CE05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft Manifest number: 0ECF Signing time: Sun 25 Jan 2026 16:00:56 +0000 Manifest this update: Sun 25 Jan 2026 16:00:56 +0000 Manifest next update: Mon 26 Jan 2026 16:00:56 +0000 Files and hashes: 1: Ay8bkrrQ4W8en6WQA0oZqxfliDY.roa (hash: eQ24k3su4taaH0Z4GfAAZBwUKUzpQjLgnBxCtBNBzyI=) 2: Ony1ktfk7HG2eFXR38VdnQZwVHE.crl (hash: Ac+8oDFderZrSHmWfHxRI2vjo10ZvHdbAozrIT65bbY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:e3:0b:f7:46:14:50:78:c5:46:6c:9b:c4:b2:ce:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a7cb592d7e4ec71b67855d1dfc55d9d06705471 Validity Not Before: Jan 25 16:00:56 2026 GMT Not After : Jan 26 16:00:56 2026 GMT Subject: CN=42341e7f5491dba72658370501b1b97cfc1badc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2b:36:5a:b5:d2:6d:3c:ac:ec:01:fa:70:ae: 51:83:5c:05:da:ff:3f:c1:55:45:ca:c3:11:e0:9b: 9d:f9:62:15:6d:aa:77:8c:dc:ef:f5:bd:79:4e:69: 74:37:91:49:08:d2:41:70:c2:a4:04:39:aa:5e:e3: b8:e2:f5:bb:fe:ef:3f:e7:b8:76:ae:1b:82:53:64: 0c:fb:78:3c:11:2c:37:bb:1e:21:db:53:a8:6a:55: 3e:6c:8d:e6:e4:0d:ba:ce:8f:08:20:e0:6f:e4:fa: 31:83:51:5d:a9:f0:42:bd:25:e5:47:cc:39:da:4d: ec:4f:79:3f:2e:d4:3f:ba:a9:8f:22:db:07:3b:cf: 23:ea:c1:63:a3:6b:c0:ac:48:2c:1b:e3:2e:28:5e: 4c:3d:11:d3:3f:1a:85:a9:30:dc:ad:b4:7d:c1:a6: 1d:79:c8:2a:92:b1:b4:5e:8f:16:bf:00:04:78:2e: c8:04:d6:07:c9:ed:37:44:34:00:0f:dd:b8:5e:51: 1a:b0:ec:0d:77:d3:18:54:13:76:19:d6:d3:17:37: f4:69:59:6b:8d:dd:40:c3:55:13:83:cb:f6:64:4d: 0a:27:56:84:23:5b:f0:04:e1:a1:09:99:04:41:d8: 4c:f0:4b:53:8d:7a:3a:88:ef:e4:cc:b7:c6:4a:d8: 3d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:34:1E:7F:54:91:DB:A7:26:58:37:05:01:B1:B9:7C:FC:1B:AD:C2 X509v3 Authority Key Identifier: keyid:3A:7C:B5:92:D7:E4:EC:71:B6:78:55:D1:DF:C5:5D:9D:06:70:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ony1ktfk7HG2eFXR38VdnQZwVHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf4aa6-28ca-4e71-8aaa-3cc592898789/1/Ony1ktfk7HG2eFXR38VdnQZwVHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:ab:24:ee:59:7e:71:a4:a2:15:97:93:2b:77:91:9e:3e:81: a6:f3:46:e0:92:43:7b:b2:1d:56:dc:6b:c8:8f:40:30:92:d5: 98:90:72:93:18:1d:fc:20:d8:f4:2f:c7:08:12:61:02:13:25: ee:19:a3:e0:2a:00:c2:9a:3d:3b:cd:a1:ac:bc:49:a5:e2:16: 5c:9a:a4:5a:9a:c2:f0:d3:fe:2b:c5:5e:f1:29:dd:f6:5b:3e: ee:73:89:3f:4b:b3:77:06:af:f0:01:bb:8c:1d:bf:f4:35:cc: 7b:96:f4:fa:7b:5e:90:3a:04:11:1b:06:45:8d:ed:59:54:e7: 14:3f:10:02:50:12:22:40:47:2e:97:12:bd:8e:7a:37:73:9d: 23:ce:cf:5d:6e:00:ce:5f:63:10:8e:6b:f1:f8:66:b6:75:74: fc:89:b3:ce:34:7a:79:8e:d8:cd:0d:d7:75:4c:4a:a3:41:1b: 69:cd:b7:52:53:12:8c:be:22:43:71:24:ad:b0:51:24:e2:26: 56:71:60:1f:35:62:b3:aa:fa:a6:26:fc:5c:78:31:6c:3e:02: 80:96:bc:16:a6:59:c3:97:c4:92:77:a8:41:e5:db:c7:1b:97: 3c:88:ec:d8:4d:46:af:3b:26:15:14:af:00:88:71:10:cf:bc: 09:3c:65:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv14wv3RhRQeMVGbJvEss4FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhN2NiNTkyZDdlNGVjNzFiNjc4NTVkMWRmYzU1ZDlkMDY3 MDU0NzEwHhcNMjYwMTI1MTYwMDU2WhcNMjYwMTI2MTYwMDU2WjAzMTEwLwYDVQQD Eyg0MjM0MWU3ZjU0OTFkYmE3MjY1ODM3MDUwMWIxYjk3Y2ZjMWJhZGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqys2WrXSbTys7AH6cK5Rg1wF2v8/ wVVFysMR4Jud+WIVbap3jNzv9b15Tml0N5FJCNJBcMKkBDmqXuO44vW7/u8/57h2 rhuCU2QM+3g8ESw3ux4h21OoalU+bI3m5A26zo8IIOBv5Poxg1FdqfBCvSXlR8w5 2k3sT3k/LtQ/uqmPItsHO88j6sFjo2vArEgsG+MuKF5MPRHTPxqFqTDcrbR9waYd ecgqkrG0Xo8WvwAEeC7IBNYHye03RDQAD924XlEasOwNd9MYVBN2GdbTFzf0aVlr jd1Aw1UTg8v2ZE0KJ1aEI1vwBOGhCZkEQdhM8EtTjXo6iO/kzLfGStg97QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEI0Hn9UkdunJlg3BQGxuXz8G63CMB8GA1UdIwQY MBaAFDp8tZLX5OxxtnhV0d/FXZ0GcFRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEt M2NjNTkyODk4Nzg5LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjRhYTYtMjhjYS00ZTcxLThhYWEtM2NjNTkyODk4Nzg5 LzEvT255MWt0Zms3SEcyZUZYUjM4VmRuUVp3VkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKsk7ll+ caSiFZeTK3eRnj6BpvNG4JJDe7IdVtxryI9AMJLVmJBykxgd/CDY9C/HCBJhAhMl 7hmj4CoAwpo9O82hrLxJpeIWXJqkWprC8NP+K8Ve8Snd9ls+7nOJP0uzdwav8AG7 jB2/9DXMe5b0+ntekDoEERsGRY3tWVTnFD8QAlASIkBHLpcSvY56N3OdI87PXW4A zl9jEI5r8fhmtnV0/ImzzjR6eY7YzQ3XdUxKo0Ebac23UlMSjL4iQ3EkrbBRJOIm VnFgHzVis6r6pib8XHgxbD4CgJa8FqZZw5fEkneoQeXbxxuXPIjs2E1GrzsmFRSv AIhxEM+8CTxl+Q== -----END CERTIFICATE-----Generated at Sun Jan 25 23:34:59 2026 by rpki-client