This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft File: O849R0p3XOR3Y3FjK8GWyh9Owjs.mft (raw, json) Hash identifier: uYY8s0FXL6Wfbyl3mCGLTBzKoUoSll6NxZ0WzyDnV5g= Subject key identifier: E8:22:59:24:68:BC:72:3A:CE:13:71:23:4A:EE:6C:B3:A6:59:2E:8F Authority key identifier: 3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B Certificate issuer: /CN=3bce3d474a775ce4776371632bc196ca1f4ec23b Certificate serial: 019BF7D17312862EB71A085DB4F2A7F5B08B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft Manifest number: 0484 Signing time: Mon 26 Jan 2026 01:00:57 +0000 Manifest this update: Mon 26 Jan 2026 01:00:57 +0000 Manifest next update: Tue 27 Jan 2026 01:00:57 +0000 Files and hashes: 1: O849R0p3XOR3Y3FjK8GWyh9Owjs.crl (hash: F4JBCCM0yr7nDyHpRNrdmiCY35cY3Ep1f9RoWF6QIpA=) 2: VbL2QWZ9Kg8L1pE36SvfZYyr8Ts.roa (hash: sfB+nZS7Puz64duDQmVXVvH/Ydql31OyVDJAMGHxmwg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:d1:73:12:86:2e:b7:1a:08:5d:b4:f2:a7:f5:b0:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bce3d474a775ce4776371632bc196ca1f4ec23b Validity Not Before: Jan 26 01:00:57 2026 GMT Not After : Jan 27 01:00:57 2026 GMT Subject: CN=e822592468bc723ace1371234aee6cb3a6592e8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:34:fa:07:7e:88:e0:94:1e:7c:a7:96:9e:df: c3:ac:b7:80:bd:5f:cf:a5:36:6d:21:49:ef:93:70: 1b:ce:c8:aa:7e:fd:f3:7f:40:05:27:32:30:a9:f8: 04:a9:8f:88:f1:c3:34:e4:0f:a1:d1:1d:86:84:ef: bf:26:5d:66:d0:2b:f9:1c:3c:f7:09:e1:8c:ad:34: 4d:e1:84:f3:8a:67:56:0c:50:af:d2:83:33:46:b3: 6f:e5:f9:fd:10:08:1c:ee:53:57:13:47:f1:00:f7: 94:17:2c:f2:11:7b:a3:a4:47:35:d5:a6:92:01:12: f5:c2:19:96:b1:ed:5a:4b:78:4d:2f:53:50:c1:13: 1f:be:54:7d:03:78:d6:40:24:47:c5:c7:e9:ce:2b: 13:3a:0a:be:e9:c1:ce:8b:aa:c8:d1:1d:a3:09:d0: 6b:4b:0e:0a:8d:df:02:24:45:f1:22:e8:7a:4f:6c: ac:40:5d:72:f9:74:d7:d8:ed:23:9a:2f:2e:56:3d: a3:68:2c:4d:56:62:c8:56:bf:70:aa:13:39:05:29: 71:23:b1:da:f8:38:ea:85:21:40:bf:42:23:7c:ba: 0b:f9:94:aa:8e:95:56:2a:14:dc:d1:90:75:53:1c: ed:2c:d3:f2:41:a7:68:9b:01:0e:46:84:25:f9:95: c8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:22:59:24:68:BC:72:3A:CE:13:71:23:4A:EE:6C:B3:A6:59:2E:8F X509v3 Authority Key Identifier: keyid:3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:17:f4:2e:7c:d3:59:f5:b2:de:06:dc:11:1e:63:23:ac:0d: ad:f2:7f:87:35:26:de:e8:8f:f1:f0:2f:15:95:ee:a2:eb:75: 51:ee:80:9d:e1:02:75:2d:4d:7d:0c:29:a2:0e:6d:4c:ed:92: 68:cf:da:c4:0a:2c:a2:3a:c4:5b:2b:c5:ee:24:7c:8a:bb:60: a6:a5:60:fc:0e:28:1a:06:de:54:7e:8a:4b:dd:f1:23:ed:4b: ba:dc:97:84:79:85:d4:48:44:1c:2b:e1:b4:36:b5:05:c9:30: 1e:83:ac:1c:8d:61:b5:45:7e:51:69:60:73:6c:e5:6a:20:e8: 48:57:79:f2:9b:33:eb:6c:25:9b:09:9e:b7:15:db:a5:e0:8a: 38:df:67:35:58:6e:a6:bb:3f:f7:bc:ee:b6:af:16:f2:b1:00: 54:43:ac:41:bc:93:b2:d9:1a:35:5d:6b:1a:33:2b:50:74:b7: f3:a0:ba:d9:d9:10:d6:34:64:9b:9d:6c:85:75:1b:b7:55:db: 54:23:e4:0d:12:28:df:81:e8:29:b2:40:cd:cf:a1:f1:ab:18: 51:d6:50:1f:06:b3:38:c4:21:c2:da:f9:32:29:c5:aa:8e:ce: 07:18:18:4c:7c:38:ae:fa:9a:88:b8:bf:41:19:f0:93:87:f9: 9e:bd:be:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv30XMShi63GghdtPKn9bCLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiY2UzZDQ3NGE3NzVjZTQ3NzYzNzE2MzJiYzE5NmNhMWY0 ZWMyM2IwHhcNMjYwMTI2MDEwMDU3WhcNMjYwMTI3MDEwMDU3WjAzMTEwLwYDVQQD EyhlODIyNTkyNDY4YmM3MjNhY2UxMzcxMjM0YWVlNmNiM2E2NTkyZThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozT6B36I4JQefKeWnt/DrLeAvV/P pTZtIUnvk3Abzsiqfv3zf0AFJzIwqfgEqY+I8cM05A+h0R2GhO+/Jl1m0Cv5HDz3 CeGMrTRN4YTzimdWDFCv0oMzRrNv5fn9EAgc7lNXE0fxAPeUFyzyEXujpEc11aaS ARL1whmWse1aS3hNL1NQwRMfvlR9A3jWQCRHxcfpzisTOgq+6cHOi6rI0R2jCdBr Sw4Kjd8CJEXxIuh6T2ysQF1y+XTX2O0jmi8uVj2jaCxNVmLIVr9wqhM5BSlxI7Ha +DjqhSFAv0IjfLoL+ZSqjpVWKhTc0ZB1UxztLNPyQadomwEORoQl+ZXIzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOgiWSRovHI6zhNxI0rubLOmWS6PMB8GA1UdIwQY MBaAFDvOPUdKd1zkd2NxYyvBlsofTsI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEt NjNjYzZjNjdjOTk1LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEtNjNjYzZjNjdjOTk1 LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArRf0LnzT WfWy3gbcER5jI6wNrfJ/hzUm3uiP8fAvFZXuout1Ue6AneECdS1NfQwpog5tTO2S aM/axAosojrEWyvF7iR8irtgpqVg/A4oGgbeVH6KS93xI+1LutyXhHmF1EhEHCvh tDa1BckwHoOsHI1htUV+UWlgc2zlaiDoSFd58psz62wlmwmetxXbpeCKON9nNVhu prs/97zutq8W8rEAVEOsQbyTstkaNV1rGjMrUHS386C62dkQ1jRkm51shXUbt1Xb VCPkDRIo34HoKbJAzc+h8asYUdZQHwazOMQhwtr5MinFqo7OBxgYTHw4rvqaiLi/ QRnwk4f5nr2+Hw== -----END CERTIFICATE-----Generated at Mon Jan 26 04:01:57 2026 by rpki-client