This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft File: OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json) Hash identifier: XLPpaXAZ6wo5EjWEro3nRyDGtR7lttxipzOa4Gjx8xw= Subject key identifier: C9:74:9E:B9:0A:C2:AA:23:9F:BE:B4:03:4C:F4:4E:88:33:F4:FF:0E Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 Certificate issuer: /CN=389c030036756ab8cdac922b1af237bce1367ce0 Certificate serial: 019BF5ABD6AF6B4431B0DB3CE8C80CDF3C57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft Manifest number: 17E6 Signing time: Sun 25 Jan 2026 15:00:38 +0000 Manifest this update: Sun 25 Jan 2026 15:00:38 +0000 Manifest next update: Mon 26 Jan 2026 15:00:38 +0000 Files and hashes: 1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: hrio0K8GBBSte9ACkzCMskmYy4+MlQWTM30kreGyxIU=) 2: UDNnbwScWIceduT3mK8HBVvLzOg.roa (hash: vhtxGUgVNJ9daTmq66lTJXKGFzwiSTw9nac1gcWaxBE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ab:d6:af:6b:44:31:b0:db:3c:e8:c8:0c:df:3c:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0 Validity Not Before: Jan 25 15:00:38 2026 GMT Not After : Jan 26 15:00:38 2026 GMT Subject: CN=c9749eb90ac2aa239fbeb4034cf44e8833f4ff0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c4:46:21:b0:5e:10:51:be:08:5e:24:f9:05: 6b:c0:9b:5c:55:88:fc:02:73:5c:2b:6a:99:ac:b2: 09:eb:db:54:23:51:ba:a1:e0:4f:a8:e8:0f:74:69: 21:5d:59:b8:7d:cc:c3:7c:4b:d5:7e:be:2b:a9:36: f7:50:1c:af:e1:a7:5b:77:6a:ba:96:80:9e:f7:82: ce:2e:2d:2d:c1:05:32:ee:ec:b1:eb:9c:ad:fd:ae: be:26:dd:61:c7:f0:1c:85:69:51:ce:de:3f:86:4b: ec:d4:f4:6c:cd:fe:59:a8:2c:c6:82:52:f5:37:3e: 02:ba:f3:d2:58:31:1c:b6:76:13:12:d0:4f:1c:11: 95:68:a9:3e:79:30:7b:3d:87:36:f6:5d:73:9f:ec: 03:3f:62:36:84:de:c9:4b:b6:15:d8:53:43:f4:7d: 48:7b:85:19:0e:eb:27:ea:46:c6:bf:3c:ae:24:88: 35:b0:08:e7:9a:8f:ba:7d:e3:b5:58:3c:99:ea:ac: ed:39:6c:b1:88:4d:3d:95:9e:95:2d:f5:25:57:ca: f5:27:10:a5:3e:4d:65:67:25:86:d7:ae:db:5a:e5: 23:f7:f2:f2:1e:79:8e:88:ad:3b:b0:98:f4:67:42: 64:2e:88:a6:f7:38:cb:50:b5:5a:cb:c8:ff:d5:43: 56:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:74:9E:B9:0A:C2:AA:23:9F:BE:B4:03:4C:F4:4E:88:33:F4:FF:0E X509v3 Authority Key Identifier: keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:c7:f1:e8:23:2b:55:1c:44:c5:63:79:fc:77:25:fc:f7:22: a9:c5:62:c3:f5:d0:3a:6c:b7:d7:39:ac:b1:9f:2d:b9:64:39: 82:b8:5f:12:99:fb:b5:bf:cf:35:ee:fc:3f:4c:3f:06:0b:fe: 7b:db:99:66:56:0c:02:05:4c:a7:e0:29:ee:34:2c:1b:3b:1b: b9:ea:da:ac:a1:27:7e:08:76:b5:0b:6e:3a:b4:02:69:79:00: 84:94:ce:ac:6b:56:d6:39:75:84:e7:2b:d5:bc:02:d8:1e:2c: f7:38:f4:aa:3f:fa:c5:b3:61:f0:33:b4:a2:ee:1a:df:b4:df: 24:c1:ca:99:af:c9:cd:7f:3e:7f:89:f2:a7:99:38:8f:c9:b2: c5:b5:14:d3:8e:39:8c:df:80:ee:51:c7:fb:a6:69:fb:5b:89: db:48:f1:2e:33:5d:17:ab:54:ba:64:ff:37:4e:c2:98:34:4c: ce:5d:f8:51:3a:60:3b:07:01:e8:1d:43:8b:96:cb:cd:10:30: 1e:b4:96:cd:90:5d:3c:3d:13:7a:1d:81:55:9e:8b:15:82:c3: 3c:80:31:a9:24:89:89:95:6b:ed:97:53:9f:62:25:39:93:95: b8:32:b1:27:f4:86:63:69:a0:6c:c6:ff:b3:16:89:3b:7b:b9: 18:29:0d:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1q9ava0QxsNs86MgM3zxXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz NjdjZTAwHhcNMjYwMTI1MTUwMDM4WhcNMjYwMTI2MTUwMDM4WjAzMTEwLwYDVQQD EyhjOTc0OWViOTBhYzJhYTIzOWZiZWI0MDM0Y2Y0NGU4ODMzZjRmZjBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8RGIbBeEFG+CF4k+QVrwJtcVYj8 AnNcK2qZrLIJ69tUI1G6oeBPqOgPdGkhXVm4fczDfEvVfr4rqTb3UByv4adbd2q6 loCe94LOLi0twQUy7uyx65yt/a6+Jt1hx/AchWlRzt4/hkvs1PRszf5ZqCzGglL1 Nz4CuvPSWDEctnYTEtBPHBGVaKk+eTB7PYc29l1zn+wDP2I2hN7JS7YV2FND9H1I e4UZDusn6kbGvzyuJIg1sAjnmo+6feO1WDyZ6qztOWyxiE09lZ6VLfUlV8r1JxCl Pk1lZyWG167bWuUj9/LyHnmOiK07sJj0Z0JkLoim9zjLULVay8j/1UNWXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMl0nrkKwqojn760A0z0Togz9P8OMB8GA1UdIwQY MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0 LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgsfx6CMr VRxExWN5/Hcl/PciqcViw/XQOmy31zmssZ8tuWQ5grhfEpn7tb/PNe78P0w/Bgv+ e9uZZlYMAgVMp+Ap7jQsGzsbuerarKEnfgh2tQtuOrQCaXkAhJTOrGtW1jl1hOcr 1bwC2B4s9zj0qj/6xbNh8DO0ou4a37TfJMHKma/JzX8+f4nyp5k4j8myxbUU0445 jN+A7lHH+6Zp+1uJ20jxLjNdF6tUumT/N07CmDRMzl34UTpgOwcB6B1Di5bLzRAw HrSWzZBdPD0Teh2BVZ6LFYLDPIAxqSSJiZVr7ZdTn2IlOZOVuDKxJ/SGY2mgbMb/ sxaJO3u5GCkNmA== -----END CERTIFICATE-----Generated at Sun Jan 25 20:12:03 2026 by rpki-client