This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft File: 3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft (raw, json) Hash identifier: dnbutXOZUnDFyzP/cTPDTtvlXD8WRGLmm8wrdeWuw7k= Subject key identifier: 79:BD:48:1D:73:AF:6F:AE:3E:09:CC:81:A1:55:92:84:32:3E:DC:70 Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019BF462D21067021A52CB3DE5535B659DDD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft Manifest number: 175A Signing time: Sun 25 Jan 2026 09:01:15 +0000 Manifest this update: Sun 25 Jan 2026 09:01:15 +0000 Manifest next update: Mon 26 Jan 2026 09:01:15 +0000 Files and hashes: 1: 1-gX6qbETIIttBQf3NGjlhSo5a40.roa (hash: UW2uFSR1KC4UlPwX8F178+KvKc01uMjxgEJ5QQoAtmc=) 2: 1-sLuOUAWdw4gGuyAdDDNO5R3knY.roa (hash: UwJHgy6hiFG+CS5eWBzCb6KdVKW08xdJRDA4sajHgnA=) 3: 28w3148cO6lb1X7ebO0uJL6_jSA.roa (hash: /RvdIaEAOvXEUcZ/8C4+ae+9cR72KRnISKVr0yoxpuM=) 4: 3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl (hash: 06v276k0JDFKq7f7JeBkiRSZbjR5zpwnAXeMtjJL7cw=) 5: 3nWcd2m6s6bBzM_QYoygo0Ze6w0.roa (hash: htxDxHlHgU8dQkoVd6zcmNYRmFdbpmcNklfsUpe9Ix0=) 6: 78EB01J4WgTKHPdcf3EVHTeuc8s.roa (hash: AEd0Bl1EvO9i526KOfk+4Yr0kpyHuNMccILjVfMb8ds=) 7: 7u4rgz4l09r-eJqaQbI2EBriaRA.roa (hash: zlTV4eAW718JNR0mXym0vLWTb030NL8qDVFSJoistdw=) 8: BHSiCUrFc-TEdSEPwjcFCNQnGR8.roa (hash: hkVbYU9rreHO+iPmRQJ/E53L6MLfLKmzXEGQtgni27o=) 9: CHNXC3Z7q99hc7adVoxJZxDHWcQ.roa (hash: J59ogE/mSWqNwSaq5zDJFpLck2CQta+up20YJBmZqb0=) 10: FxInXR4DyqQT6DlyBPj_QGb3Tac.roa (hash: IFL+h0KaA01oNLzGyeAHHUWDYmIL4MN6R8/eqH6wmqo=) 11: MP6MyJ6JGT0Qd4fuNuAz8iDFiNo.roa (hash: JCKZg5aviqvu7Z76Faoxn9dtcsunUKEMHmwZGg/KRw0=) 12: MPnt1Ig40nuVBqADsEn8dObr5rE.roa (hash: LN3oJQmX/zwIzND61FwWanHfUPQZt6FmbQdO3LMJ4oI=) 13: NmTQqlVS4gvcDPcirwbd6QLOVW8.roa (hash: LMiHoX5P+lxgXfAq1o1ofUm+DKjY+GVzWYYvknBSyow=) 14: P89VxKlNGfRRMcSuDRi9zH0r-u4.roa (hash: m3Eb7tBEhi4jXpT2iac2bbRuZRo0+dNZTqs68H5Q/F8=) 15: QE4mWlynJcIb4WilZerciyCNIrM.roa (hash: O9hvkcBv0v7y2K1dBWJ4Vo0JgVG4Safg6I/3GHzMudQ=) 16: TTJbmeKN4OVpmVuz_9sVlDJ2-Qo.roa (hash: 9sn1cXj9PO9ABZhQTgF9fcIiZgMJttBAVbmqJSaXZvE=) 17: bGv-g5_Nq1lLtgwZjdzPyrknk9w.roa (hash: tFnnk/Nq81EttMG2a3kvMmGtdurbGz3xRmf1Xa0yg94=) 18: fH8Dmn4VQed_Qx1Vb_WAZiWK9No.roa (hash: jS9yGbolsVVkM6D04tMpgm8DxgjSbem+4eIOd9cAi6g=) 19: fmkJzH3NkUCcJph7bWlPwTvK1as.roa (hash: 5sVDquLqlQZjsrPg0UHa9viYVxRAjcZdLVAKXAnlaOQ=) 20: lVZUPTWkrcD9zWV0d6GRZgTVVtY.roa (hash: wqHHRXTgzV5U05gKB+m5zqGdaleWNQFqgG+iBB1QzNE=) 21: n2yklqPTbZScECuvP8sdtw1dqJs.roa (hash: XUl4EOZ0ACrcilwccYybYvigPaj+N+oRT70pMBR6/n4=) 22: nN_vAAZMEXdGpiLTZSquGYgk0ks.roa (hash: kiwSwAJEtUNKm6ywQc/ev4K8fjQGdo+U4PEggQj3XM4=) 23: r-BZPpfjArLuq-BQOY_DpWlcEMI.roa (hash: TJP0L3M3YkBnX+yCeWtuHnSFQJHToZMzD9dO3r+rF7Q=) 24: shInVxnETptNhYG5ctgG1wBa_IE.roa (hash: b14rKwCriv8+d3rzjVPCL7UyXFm3J/o38M8wbLSbZig=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:62:d2:10:67:02:1a:52:cb:3d:e5:53:5b:65:9d:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 25 09:01:15 2026 GMT Not After : Jan 26 09:01:15 2026 GMT Subject: CN=79bd481d73af6fae3e09cc81a1559284323edc70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a2:7c:91:04:a6:cd:f9:93:68:8d:57:e8:32: c4:69:84:c5:3f:bf:f2:65:99:04:21:6f:5b:32:8b: 9a:b4:b1:8c:48:dd:a1:f1:45:d5:5b:db:9d:b0:eb: 43:fe:ec:ef:7f:3b:a7:40:b1:6a:60:a2:22:63:a9: 50:c3:df:fc:55:7a:02:e9:fa:1c:cd:84:bb:27:0e: 66:40:0a:6b:38:54:bc:69:76:3c:19:2f:2a:73:04: 37:cb:f8:93:4d:df:46:12:2d:14:2f:8a:79:0e:28: 56:32:1e:2c:34:dd:76:72:18:10:39:40:07:15:22: 80:6d:6f:55:ef:8a:6e:f0:91:68:f8:2d:8a:d9:a2: de:33:b7:43:4d:96:f9:7b:bc:fa:6c:09:49:fc:b1: 52:63:19:b7:82:41:db:bc:18:a2:68:7b:da:6f:ca: c4:91:b4:b6:28:8e:36:28:3c:69:bc:1d:81:c5:ce: 7d:2f:60:10:88:38:4a:61:60:35:9c:f2:71:8f:5e: 84:f0:03:0d:ff:06:2a:a5:e9:08:ca:10:d5:43:e3: fa:bf:8a:17:5e:97:2e:51:ed:bd:5b:96:92:6e:d1: 7a:1c:a5:92:2a:a0:14:50:47:b6:2e:a1:f9:b8:10: ae:90:57:a4:8f:9c:29:68:a4:4a:fe:a1:5d:a9:53: da:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:BD:48:1D:73:AF:6F:AE:3E:09:CC:81:A1:55:92:84:32:3E:DC:70 X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:98:f0:ef:7c:14:90:e5:42:f4:c4:4a:96:95:93:ca:93:08: b8:c7:8c:72:a2:6f:3a:9a:92:68:da:7c:ba:52:c9:fc:b7:ec: 45:d8:f0:6e:05:2b:b9:75:08:ff:1e:6f:23:55:fb:8a:20:f5: a3:e1:c0:d1:ab:c7:e0:e7:08:a2:41:bb:0b:1b:b7:76:2d:55: 8c:37:a8:ae:41:f1:01:9d:62:29:51:ec:9c:7c:a0:bc:10:5d: 87:78:b6:c8:05:db:0a:97:fc:b2:8b:7c:7d:62:e8:70:f2:c8: 73:f8:ef:e0:e3:a4:0c:6f:59:38:ba:c5:95:15:e1:11:a1:01: 53:5a:b0:97:70:7e:d2:6d:69:3d:d1:82:6b:bc:28:ee:1b:7a: b0:b7:4f:11:ef:20:ba:96:b9:40:75:a5:37:21:a0:84:d1:2a: 72:28:24:35:4a:bf:cb:98:46:17:a1:e9:fb:ec:08:dc:50:3c: dc:b1:40:d1:17:2d:bc:c3:d7:02:b2:e7:fc:6e:ba:19:09:ef: a9:a2:d4:7d:f6:98:57:62:ff:21:84:c3:95:54:56:6c:c9:ff: 4f:b7:fd:37:92:2c:77:73:a7:76:40:01:b5:0f:72:d1:e9:7d: 56:87:c1:3d:ce:d7:22:85:e9:1d:35:87:db:b0:aa:21:46:be: 24:dc:04:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0YtIQZwIaUss95VNbZZ3dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTI1MDkwMTE1WhcNMjYwMTI2MDkwMTE1WjAzMTEwLwYDVQQD Eyg3OWJkNDgxZDczYWY2ZmFlM2UwOWNjODFhMTU1OTI4NDMyM2VkYzcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaJ8kQSmzfmTaI1X6DLEaYTFP7/y ZZkEIW9bMouatLGMSN2h8UXVW9udsOtD/uzvfzunQLFqYKIiY6lQw9/8VXoC6foc zYS7Jw5mQAprOFS8aXY8GS8qcwQ3y/iTTd9GEi0UL4p5DihWMh4sNN12chgQOUAH FSKAbW9V74pu8JFo+C2K2aLeM7dDTZb5e7z6bAlJ/LFSYxm3gkHbvBiiaHvab8rE kbS2KI42KDxpvB2Bxc59L2AQiDhKYWA1nPJxj16E8AMN/wYqpekIyhDVQ+P6v4oX XpcuUe29W5aSbtF6HKWSKqAUUEe2LqH5uBCukFekj5wpaKRK/qFdqVPaxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHm9SB1zr2+uPgnMgaFVkoQyPtxwMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT5jw73wU kOVC9MRKlpWTypMIuMeMcqJvOpqSaNp8ulLJ/LfsRdjwbgUruXUI/x5vI1X7iiD1 o+HA0avH4OcIokG7Cxu3di1VjDeorkHxAZ1iKVHsnHygvBBdh3i2yAXbCpf8sot8 fWLocPLIc/jv4OOkDG9ZOLrFlRXhEaEBU1qwl3B+0m1pPdGCa7wo7ht6sLdPEe8g upa5QHWlNyGghNEqcigkNUq/y5hGF6Hp++wI3FA83LFA0RctvMPXArLn/G66GQnv qaLUffaYV2L/IYTDlVRWbMn/T7f9N5Isd3OndkABtQ9y0el9VofBPc7XIoXpHTWH 27CqIUa+JNwESg== -----END CERTIFICATE-----Generated at Sun Jan 25 20:08:13 2026 by rpki-client