This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft File: o8-bZGUWkotdBsKoGestvA_pkgo.mft (raw, json) Hash identifier: TUE51/cr+lHkIsVtzuPDFuPYOEmFJ1n0wO7IgvC2OMY= Subject key identifier: AF:46:1A:D2:9D:85:C0:79:E5:A9:99:D1:13:54:E8:95:C1:2D:96:7F Authority key identifier: A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A Certificate issuer: /CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a Certificate serial: 019BF72C978732BCE0A2736E55BADFFCA2CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft Manifest number: 023C Signing time: Sun 25 Jan 2026 22:00:53 +0000 Manifest this update: Sun 25 Jan 2026 22:00:53 +0000 Manifest next update: Mon 26 Jan 2026 22:00:53 +0000 Files and hashes: 1: 699-AVQHq9A-mOz16n5eWo61zOY.roa (hash: qmU7lIRPt6s/fJ1Asi4/dDcElLOynVYiN3n5hO5Ttcc=) 2: o8-bZGUWkotdBsKoGestvA_pkgo.crl (hash: yTsTIhgwQ+tr35zUn8wA631SC8E0fmXAW7xzzOKNiUM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2c:97:87:32:bc:e0:a2:73:6e:55:ba:df:fc:a2:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3cf9b646516928b5d06c2a819eb2dbc0fe9920a Validity Not Before: Jan 25 22:00:53 2026 GMT Not After : Jan 26 22:00:53 2026 GMT Subject: CN=af461ad29d85c079e5a999d11354e895c12d967f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:24:9a:d9:ce:4e:6f:46:c0:70:bc:4d:53:96: aa:80:72:c0:35:0f:9f:c5:43:4b:0e:1f:fd:54:30: af:8f:eb:e8:0e:b8:5d:69:06:aa:85:b0:d4:e0:a1: a1:30:e4:b2:42:ab:3f:f6:06:25:b5:d3:10:97:1a: 73:b1:02:22:7c:1c:01:b7:e7:af:a3:60:59:6c:4c: 14:a5:d4:06:e0:81:48:f8:9a:48:ed:59:cd:01:59: c4:d5:12:a2:8f:03:ca:dd:44:81:6a:2c:77:ea:43: 00:6b:a8:da:2d:ab:8f:90:5c:9d:1b:33:be:ed:db: 43:b5:d4:30:1a:7b:7a:68:52:76:b1:00:89:77:4c: ee:73:cd:04:de:f3:78:15:08:11:de:43:27:0f:f6: f6:16:3d:f4:e3:dd:1c:60:9f:f8:27:31:96:14:89: a5:8e:f9:2d:da:e1:19:b0:cd:5c:b6:65:2f:9d:b5: dd:cd:ec:5f:aa:dc:cd:2f:89:77:70:c2:7e:67:17: a9:2a:fe:18:96:f5:1a:0a:da:64:7a:09:00:2d:f8: 61:0c:9c:bd:c0:27:ff:72:a0:9e:28:d8:90:7c:39: 7d:c6:cf:a9:10:e8:f8:5e:96:c3:41:6a:59:d0:cb: e0:6e:74:4f:24:53:6e:9e:aa:68:58:57:8a:12:bb: 6b:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:46:1A:D2:9D:85:C0:79:E5:A9:99:D1:13:54:E8:95:C1:2D:96:7F X509v3 Authority Key Identifier: keyid:A3:CF:9B:64:65:16:92:8B:5D:06:C2:A8:19:EB:2D:BC:0F:E9:92:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8-bZGUWkotdBsKoGestvA_pkgo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/394d07-05cc-4f72-bd46-289696cc99b9/1/o8-bZGUWkotdBsKoGestvA_pkgo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:f6:c8:a1:9b:82:85:81:24:ae:84:9d:0e:79:4b:cb:f4:9e: f6:69:9c:10:d3:26:98:51:2f:ff:59:23:51:f2:ba:57:40:3c: 90:7f:20:79:3d:85:04:a2:ea:15:c3:08:5d:96:99:11:a4:58: 22:7a:86:17:af:62:34:ef:c0:4a:dc:c8:b0:c9:c8:d7:d2:2b: 3d:0b:6f:b9:f3:84:0f:14:46:65:64:ec:11:f3:0e:01:2f:b9: a2:c2:b4:37:88:ce:3b:4d:c6:19:bd:be:e5:a0:c3:6d:42:1c: 0b:f6:64:20:04:9d:0d:5f:90:bb:b0:06:90:c1:f1:bc:5e:36: 6d:07:6f:84:05:c0:44:a8:9e:e1:8b:93:35:35:41:b3:37:6e: 23:c8:ec:d2:b2:af:59:55:eb:29:0e:d7:fb:85:63:c5:77:42: 2b:1e:f8:74:a2:c6:32:61:c6:40:f7:d6:de:4c:19:8a:f6:84: d9:e5:f2:6d:a1:c7:f6:55:ef:6f:30:85:f6:8b:c6:34:1f:ed: ac:47:4d:b9:12:b4:dd:35:f2:ff:c8:f3:96:6d:49:28:0d:46: 7d:94:6f:92:f5:ce:7c:3c:51:87:45:2e:7d:25:9b:1f:ca:ba: 6a:25:17:85:e0:97:0b:1c:69:e6:d4:f5:b2:cc:fa:b6:b0:76: 7b:8a:1c:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LJeHMrzgonNuVbrf/KLMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzY2Y5YjY0NjUxNjkyOGI1ZDA2YzJhODE5ZWIyZGJjMGZl OTkyMGEwHhcNMjYwMTI1MjIwMDUzWhcNMjYwMTI2MjIwMDUzWjAzMTEwLwYDVQQD EyhhZjQ2MWFkMjlkODVjMDc5ZTVhOTk5ZDExMzU0ZTg5NWMxMmQ5NjdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSSa2c5Ob0bAcLxNU5aqgHLANQ+f xUNLDh/9VDCvj+voDrhdaQaqhbDU4KGhMOSyQqs/9gYltdMQlxpzsQIifBwBt+ev o2BZbEwUpdQG4IFI+JpI7VnNAVnE1RKijwPK3USBaix36kMAa6jaLauPkFydGzO+ 7dtDtdQwGnt6aFJ2sQCJd0zuc80E3vN4FQgR3kMnD/b2Fj30490cYJ/4JzGWFIml jvkt2uEZsM1ctmUvnbXdzexfqtzNL4l3cMJ+ZxepKv4YlvUaCtpkegkALfhhDJy9 wCf/cqCeKNiQfDl9xs+pEOj4XpbDQWpZ0MvgbnRPJFNunqpoWFeKErtrsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK9GGtKdhcB55amZ0RNU6JXBLZZ/MB8GA1UdIwQY MBaAFKPPm2RlFpKLXQbCqBnrLbwP6ZIKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYt Mjg5Njk2Y2M5OWI5LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8zOTRkMDctMDVjYy00ZjcyLWJkNDYtMjg5Njk2Y2M5OWI5 LzEvbzgtYlpHVVdrb3RkQnNLb0dlc3R2QV9wa2dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/bIoZuC hYEkroSdDnlLy/Se9mmcENMmmFEv/1kjUfK6V0A8kH8geT2FBKLqFcMIXZaZEaRY InqGF69iNO/AStzIsMnI19IrPQtvufOEDxRGZWTsEfMOAS+5osK0N4jOO03GGb2+ 5aDDbUIcC/ZkIASdDV+Qu7AGkMHxvF42bQdvhAXARKie4YuTNTVBszduI8js0rKv WVXrKQ7X+4VjxXdCKx74dKLGMmHGQPfW3kwZivaE2eXybaHH9lXvbzCF9ovGNB/t rEdNuRK03TXy/8jzlm1JKA1GfZRvkvXOfDxRh0UufSWbH8q6aiUXheCXCxxp5tT1 ssz6trB2e4ocSA== -----END CERTIFICATE-----Generated at Mon Jan 26 03:11:55 2026 by rpki-client