This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft File: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft (raw, json) Hash identifier: Hgl/lvbfHVYQuTnv7WyrqOS/9zwjvebtF2c/Vyb4tUc= Subject key identifier: B6:04:25:06:8D:4E:90:DC:31:43:63:06:B9:3E:70:4F:2B:39:B6:56 Authority key identifier: 3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 Certificate issuer: /CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Certificate serial: 019BF8AD9E14BBCE68915A5C1B084016C5A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft Manifest number: 0CB7 Signing time: Mon 26 Jan 2026 05:01:26 +0000 Manifest this update: Mon 26 Jan 2026 05:01:26 +0000 Manifest next update: Tue 27 Jan 2026 05:01:26 +0000 Files and hashes: 1: IH423EjGhjGEYUhA9Vkl_n9zB8E.roa (hash: JSP/u1wkfocZw2cQtJFX46pxKJk7V7jUMeaOiY9+bXo=) 2: O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl (hash: R+VC1vhhsD6OsNo+MvOsb/AUX/Zx1Bfzz5/tHwnOzMQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:ad:9e:14:bb:ce:68:91:5a:5c:1b:08:40:16:c5:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bf468d1515ad6f14ca69cf9c772e5cb57d277d6 Validity Not Before: Jan 26 05:01:26 2026 GMT Not After : Jan 27 05:01:26 2026 GMT Subject: CN=b60425068d4e90dc31436306b93e704f2b39b656 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:e8:dd:72:57:c8:34:a7:f6:04:40:f2:73:e0: 96:64:4c:d0:47:a7:5d:79:b2:69:6c:8f:f1:65:6d: e1:ab:1d:ae:27:6f:71:86:e5:c6:c7:b5:32:a0:82: c3:a1:4a:5b:dd:de:c7:5a:49:3e:75:73:0b:84:e8: 0d:f4:92:ef:bb:e3:e2:05:40:51:25:3e:ad:64:ac: 2e:57:5d:a9:54:c2:38:59:6b:02:c7:50:4d:c4:de: 6e:1c:7d:5b:c3:43:52:b0:75:1c:42:aa:c2:39:64: a2:e3:76:b9:ce:d0:93:c1:c1:57:b5:33:70:fd:44: ca:43:2c:2a:b0:72:83:6c:1b:c1:e7:3f:15:d3:f6: 42:27:91:af:63:49:2b:a6:be:9d:07:b7:b3:8c:0f: 1f:f8:6a:52:26:44:de:5c:6c:71:0a:22:47:de:97: a8:55:65:43:7f:6f:ab:c1:1d:c2:c4:46:f7:10:3e: 0c:c9:1f:db:61:80:8b:81:cd:89:19:e0:94:51:9d: d9:e4:c1:e3:a8:6d:c1:13:32:89:08:76:e2:f6:37: 7a:15:89:b8:ee:36:e4:dd:b9:48:be:6b:43:b4:45: ff:88:c2:c5:4f:7b:dc:83:0c:99:5f:0d:27:67:65: 8e:7c:2f:d7:db:f0:f3:3b:1a:16:e9:9f:67:8f:10: 83:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:04:25:06:8D:4E:90:DC:31:43:63:06:B9:3E:70:4F:2B:39:B6:56 X509v3 Authority Key Identifier: keyid:3B:F4:68:D1:51:5A:D6:F1:4C:A6:9C:F9:C7:72:E5:CB:57:D2:77:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/821f35-a880-4d64-adc0-4611046f1a4e/1/O_Ro0VFa1vFMppz5x3Lly1fSd9Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:8e:b1:58:bf:a2:c7:30:9f:8f:50:d6:d3:7c:d0:53:b7:e5: fd:d8:69:87:bc:6c:5e:74:d4:f6:8f:34:bd:79:99:4b:a3:6d: cf:b1:a8:53:47:8c:6e:94:8c:b8:88:7b:4b:b7:02:bc:78:a6: 09:8c:34:4c:bf:66:31:ee:d1:15:0e:9e:72:12:96:ef:cb:a3: c5:98:92:c6:60:48:11:8a:d2:21:75:97:b2:7d:71:84:9c:bf: 6c:b8:98:36:44:e1:56:ca:9b:82:45:e6:7c:a4:59:70:06:cf: 04:2c:77:28:34:b5:c6:b6:5b:f7:ba:d4:5f:93:79:e7:6c:7f: 9b:ce:7d:ca:c0:48:99:a4:c5:37:0d:fa:e0:01:62:7c:57:0b: 04:26:96:ec:9e:af:3a:a6:45:52:6c:c9:b7:0c:5e:87:d6:dc: bc:ae:fe:f6:18:fd:1a:e9:9e:30:2d:c1:c2:50:2f:6c:de:ef: 8f:8d:73:0c:35:ea:43:db:0f:99:b1:16:3c:dc:0b:2f:8c:7f: 4b:06:75:33:eb:77:c9:13:8f:f3:98:e4:16:0f:2f:46:2e:32: bb:43:35:65:3f:e1:e9:0a:5a:ab:45:17:73:7f:9c:44:ee:87: 0a:17:3f:39:44:d4:24:50:d9:b1:9f:17:20:e5:49:91:60:61: 1b:f5:ad:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4rZ4Uu85okVpcGwhAFsWiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZjQ2OGQxNTE1YWQ2ZjE0Y2E2OWNmOWM3NzJlNWNiNTdk Mjc3ZDYwHhcNMjYwMTI2MDUwMTI2WhcNMjYwMTI3MDUwMTI2WjAzMTEwLwYDVQQD EyhiNjA0MjUwNjhkNGU5MGRjMzE0MzYzMDZiOTNlNzA0ZjJiMzliNjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOjdclfINKf2BEDyc+CWZEzQR6dd ebJpbI/xZW3hqx2uJ29xhuXGx7UyoILDoUpb3d7HWkk+dXMLhOgN9JLvu+PiBUBR JT6tZKwuV12pVMI4WWsCx1BNxN5uHH1bw0NSsHUcQqrCOWSi43a5ztCTwcFXtTNw /UTKQywqsHKDbBvB5z8V0/ZCJ5GvY0krpr6dB7ezjA8f+GpSJkTeXGxxCiJH3peo VWVDf2+rwR3CxEb3ED4MyR/bYYCLgc2JGeCUUZ3Z5MHjqG3BEzKJCHbi9jd6FYm4 7jbk3blIvmtDtEX/iMLFT3vcgwyZXw0nZ2WOfC/X2/DzOxoW6Z9njxCDlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYEJQaNTpDcMUNjBrk+cE8rObZWMB8GA1UdIwQY MBaAFDv0aNFRWtbxTKac+cdy5ctX0nfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAt NDYxMTA0NmYxYTRlLzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC84MjFmMzUtYTg4MC00ZDY0LWFkYzAtNDYxMTA0NmYxYTRl LzEvT19SbzBWRmExdkZNcHB6NXgzTGx5MWZTZDlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF46xWL+i xzCfj1DW03zQU7fl/dhph7xsXnTU9o80vXmZS6Ntz7GoU0eMbpSMuIh7S7cCvHim CYw0TL9mMe7RFQ6echKW78ujxZiSxmBIEYrSIXWXsn1xhJy/bLiYNkThVsqbgkXm fKRZcAbPBCx3KDS1xrZb97rUX5N552x/m859ysBImaTFNw364AFifFcLBCaW7J6v OqZFUmzJtwxeh9bcvK7+9hj9GumeMC3BwlAvbN7vj41zDDXqQ9sPmbEWPNwLL4x/ SwZ1M+t3yROP85jkFg8vRi4yu0M1ZT/h6Qpaq0UXc3+cRO6HChc/OUTUJFDZsZ8X IOVJkWBhG/WtGQ== -----END CERTIFICATE-----Generated at Mon Jan 26 12:35:31 2026 by rpki-client