This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft File: o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json) Hash identifier: IQrLPSr5zlF/gDnyFbCmxPwkJZN3WzkYFY6qFygfUnI= Subject key identifier: A4:FF:C2:95:FA:10:A0:B8:15:63:23:3C:46:90:7D:F6:B9:6B:3E:6B Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0 Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0 Certificate serial: 019BF53EB4FE7DD03BBF94F787BB30CAC856 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft Manifest number: 17EC Signing time: Sun 25 Jan 2026 13:01:25 +0000 Manifest this update: Sun 25 Jan 2026 13:01:25 +0000 Manifest next update: Mon 26 Jan 2026 13:01:25 +0000 Files and hashes: 1: cqrDqsllU4angXR7ZhiixighcHI.roa (hash: fhOWug7UyzusWzCmpcbK8cX3/PPspaEdcPiG9KdZ6F4=) 2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: 8/PaqZ6DUIhZJIICIJC68+WsCUTicDyi/0lP7BKMC9Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3e:b4:fe:7d:d0:3b:bf:94:f7:87:bb:30:ca:c8:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0 Validity Not Before: Jan 25 13:01:25 2026 GMT Not After : Jan 26 13:01:25 2026 GMT Subject: CN=a4ffc295fa10a0b81563233c46907df6b96b3e6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:62:94:6c:56:7e:fa:8a:83:3c:12:51:2f:9e: 28:71:cb:e1:99:e5:07:f1:7f:d2:a9:23:33:32:0f: 1a:29:50:a8:08:98:aa:65:03:7a:0a:d7:61:88:ce: e3:1f:11:67:eb:25:0c:75:9f:63:80:ca:15:1b:44: 64:7c:ba:75:16:67:a3:4e:31:4c:c9:51:0f:62:69: 3a:ef:75:0e:49:52:02:b5:1b:ea:33:4f:d7:d3:83: dd:1c:f5:2f:fe:ca:05:27:27:e3:7c:fb:22:74:04: ce:a6:18:c6:9f:88:45:ef:16:af:23:c7:9f:43:2b: fe:32:83:87:f6:c3:c0:a9:4d:5f:e3:5b:84:03:c2: 4b:cc:dd:ed:51:89:aa:5f:ec:01:24:44:1d:3b:c1: fe:3b:71:d9:fa:5b:bd:52:c2:39:a9:2c:2a:a0:6b: 58:4f:7c:88:e9:ef:63:73:f2:43:70:dd:42:1c:23: 15:43:43:a6:f1:01:3f:16:59:43:ac:31:e1:22:6b: e8:f6:78:d3:82:9f:33:9e:d9:e0:8c:ad:1d:a1:39: 5a:3f:b9:12:ab:0d:ce:f8:c1:2f:27:f4:58:84:1b: f3:b2:70:cf:92:c8:94:86:5b:b7:c2:c5:4d:80:36: 77:4b:1f:8f:62:41:89:ca:de:1b:aa:95:0d:94:03: 81:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:FF:C2:95:FA:10:A0:B8:15:63:23:3C:46:90:7D:F6:B9:6B:3E:6B X509v3 Authority Key Identifier: keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:dd:22:f2:93:a5:cb:95:3e:8a:5a:b8:09:95:1d:a1:22:02: 45:13:ff:ac:41:b8:dd:3a:b1:66:89:23:be:c8:35:b0:62:e3: 71:bd:d4:ea:50:a0:11:13:f1:09:3e:d3:0c:2d:1e:f0:50:4e: 6f:52:59:c4:58:80:63:58:07:c6:5e:8e:09:4f:06:ad:ec:fe: fc:2f:0e:9c:b8:d5:79:90:76:60:50:db:c2:82:f8:51:e4:a2: f2:4a:e3:12:fa:d9:5b:eb:3d:9e:bf:55:7d:34:a7:14:f5:ac: 8e:8c:4c:30:80:3d:7a:f5:93:dc:50:18:4f:4f:4a:04:68:bd: 07:79:bc:e6:e1:09:8c:2d:36:c2:6f:92:d9:59:99:cd:23:20: 9e:9b:04:e9:99:47:86:97:6e:4c:e3:7a:62:2d:02:bd:7f:01: 6f:47:81:94:cb:dd:a5:54:4f:3b:c7:2f:69:99:e8:36:e5:5a: 19:e4:f5:3c:99:e4:1d:03:4f:9d:7b:42:9f:48:52:1e:d7:a5: f8:af:1d:f2:53:85:9e:59:4d:ba:3f:2d:e5:7b:1b:4e:dd:1a: 43:c9:0b:7f:da:8f:d7:64:6f:fe:f8:c0:a0:a6:6c:ea:dd:be: ec:9e:40:1a:75:40:36:c5:1e:42:91:83:cb:84:9a:6c:fa:e9: c2:94:47:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1PrT+fdA7v5T3h7swyshWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2 ZjFjYzAwHhcNMjYwMTI1MTMwMTI1WhcNMjYwMTI2MTMwMTI1WjAzMTEwLwYDVQQD EyhhNGZmYzI5NWZhMTBhMGI4MTU2MzIzM2M0NjkwN2RmNmI5NmIzZTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WKUbFZ++oqDPBJRL54occvhmeUH 8X/SqSMzMg8aKVCoCJiqZQN6CtdhiM7jHxFn6yUMdZ9jgMoVG0RkfLp1FmejTjFM yVEPYmk673UOSVICtRvqM0/X04PdHPUv/soFJyfjfPsidATOphjGn4hF7xavI8ef Qyv+MoOH9sPAqU1f41uEA8JLzN3tUYmqX+wBJEQdO8H+O3HZ+lu9UsI5qSwqoGtY T3yI6e9jc/JDcN1CHCMVQ0Om8QE/FllDrDHhImvo9njTgp8zntngjK0doTlaP7kS qw3O+MEvJ/RYhBvzsnDPksiUhlu3wsVNgDZ3Sx+PYkGJyt4bqpUNlAOBIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKT/wpX6EKC4FWMjPEaQffa5az5rMB8GA1UdIwQY MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5 LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANN0i8pOl y5U+ilq4CZUdoSICRRP/rEG43TqxZokjvsg1sGLjcb3U6lCgERPxCT7TDC0e8FBO b1JZxFiAY1gHxl6OCU8Grez+/C8OnLjVeZB2YFDbwoL4UeSi8krjEvrZW+s9nr9V fTSnFPWsjoxMMIA9evWT3FAYT09KBGi9B3m85uEJjC02wm+S2VmZzSMgnpsE6ZlH hpduTON6Yi0CvX8Bb0eBlMvdpVRPO8cvaZnoNuVaGeT1PJnkHQNPnXtCn0hSHtel +K8d8lOFnllNuj8t5XsbTt0aQ8kLf9qP12Rv/vjAoKZs6t2+7J5AGnVANsUeQpGD y4SabPrpwpRHwg== -----END CERTIFICATE-----Generated at Sun Jan 25 21:46:16 2026 by rpki-client