This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json) Hash identifier: l0YlJKMwP9Y2lGBkMFw8+8cCYOmXWXNtVs45q5cX8Jk= Subject key identifier: 7C:CD:41:B3:79:3A:09:45:BC:47:D5:81:53:05:00:23:E9:49:A2:EE Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Certificate serial: 019BF8763C6B2C66BBE936C7E0A8A1608C87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft Manifest number: 10AE Signing time: Mon 26 Jan 2026 04:00:56 +0000 Manifest this update: Mon 26 Jan 2026 04:00:56 +0000 Manifest next update: Tue 27 Jan 2026 04:00:56 +0000 Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: UTOjeYaJgFSrzzRVioobYybP9mBgkEGz2PnjXdrYG3Y=) 2: e4qPjYtVZNjFgNgoQb6aifisJTs.roa (hash: 1M+oNLSG3cS6v1C1UyKbtqc0oXSkYgVWMgvB/761VUE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:76:3c:6b:2c:66:bb:e9:36:c7:e0:a8:a1:60:8c:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Validity Not Before: Jan 26 04:00:56 2026 GMT Not After : Jan 27 04:00:56 2026 GMT Subject: CN=7ccd41b3793a0945bc47d58153050023e949a2ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:f3:0c:f1:b0:3c:23:a3:6f:93:b5:51:c7:a6: a0:26:74:99:aa:e2:0b:37:ed:6c:78:88:c4:aa:42: 3d:a5:d2:22:6f:c5:ad:3e:8d:f0:59:3a:2a:db:48: 5d:5b:27:3e:0e:da:a8:73:b9:66:5d:82:d4:2e:63: 77:6e:04:8d:62:0a:c8:ab:10:6a:ce:f9:bb:67:03: 32:c4:33:02:0e:5c:e5:d5:93:9e:45:36:21:95:61: 2d:b2:b9:45:94:9d:0b:5e:c8:c6:75:33:7e:7f:28: 92:ea:74:55:c3:4a:4f:a4:e8:c9:24:b7:5d:c0:d1: 47:6e:87:5a:5b:db:6a:18:15:c1:64:ef:da:3f:e4: 97:fb:8c:90:23:28:4c:cf:46:89:3f:50:5a:57:eb: c9:32:98:16:6f:68:da:37:29:3f:b2:25:be:29:dc: 02:38:1f:41:8d:bb:07:b9:47:d4:68:f1:16:86:7f: 4a:23:2b:6d:1c:a6:4e:fd:d8:75:dd:00:04:aa:14: af:76:d5:0d:aa:d8:79:f4:c6:c2:cd:89:21:9c:97: f9:e2:b1:ee:89:a8:fe:d8:5e:53:89:7b:b3:86:ae: 16:67:35:d0:72:27:98:ae:b6:17:67:bb:a6:60:a5: 8b:ea:95:7b:4b:b2:ef:f7:a9:f7:10:99:71:03:24: d8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:CD:41:B3:79:3A:09:45:BC:47:D5:81:53:05:00:23:E9:49:A2:EE X509v3 Authority Key Identifier: keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:44:ea:c1:17:e0:f5:fb:6b:df:08:a2:f9:b2:c8:0a:b2:95: d0:ee:2f:be:7a:63:3d:f7:fe:81:75:a8:0a:bc:02:77:a7:d8: 40:9d:aa:90:b7:c3:0d:0c:7a:47:92:37:88:bd:fb:0d:25:f7: 35:3c:60:59:1c:69:49:6c:62:e1:f7:d8:3d:12:e2:a4:e6:e0: 04:ef:3e:f2:52:57:9a:af:f0:ac:78:7e:95:f7:9a:b6:e9:a6: 79:20:ab:db:78:4f:23:45:bc:29:c8:39:40:55:a0:5e:74:93: 21:5e:a1:e6:00:ba:71:75:fb:5d:e4:6a:89:f1:8b:84:b8:b2: a0:ae:ee:e7:a1:fe:ae:82:33:68:5d:7d:be:4a:07:95:82:d1: 54:ff:3c:0e:40:cf:db:51:2b:ff:8f:8c:d5:ae:07:02:89:66: da:28:e1:f8:28:c9:57:0c:65:31:9b:da:2f:e0:a7:a1:2b:ef: 2d:f2:6c:35:07:17:0e:47:68:46:a4:9b:ba:d6:63:bf:f7:2b: e5:e4:4e:7d:23:49:05:19:a1:c2:60:b9:0a:e8:8f:6e:1e:13: 48:e1:11:d6:be:9e:e4:a1:26:13:6d:80:37:07:9e:e4:16:39: ba:8b:37:d2:36:76:36:fd:a3:0a:df:49:02:5c:ab:e3:1c:1a: 8f:ed:e5:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4djxrLGa76TbH4KihYIyHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5 OWI1MjkwHhcNMjYwMTI2MDQwMDU2WhcNMjYwMTI3MDQwMDU2WjAzMTEwLwYDVQQD Eyg3Y2NkNDFiMzc5M2EwOTQ1YmM0N2Q1ODE1MzA1MDAyM2U5NDlhMmVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPMM8bA8I6Nvk7VRx6agJnSZquIL N+1seIjEqkI9pdIib8WtPo3wWToq20hdWyc+Dtqoc7lmXYLULmN3bgSNYgrIqxBq zvm7ZwMyxDMCDlzl1ZOeRTYhlWEtsrlFlJ0LXsjGdTN+fyiS6nRVw0pPpOjJJLdd wNFHbodaW9tqGBXBZO/aP+SX+4yQIyhMz0aJP1BaV+vJMpgWb2jaNyk/siW+KdwC OB9BjbsHuUfUaPEWhn9KIyttHKZO/dh13QAEqhSvdtUNqth59MbCzYkhnJf54rHu iaj+2F5TiXuzhq4WZzXQcieYrrYXZ7umYKWL6pV7S7Lv96n3EJlxAyTYxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzNQbN5OglFvEfVgVMFACPpSaLuMB8GA1UdIwQY MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVETqwRfg 9ftr3wii+bLICrKV0O4vvnpjPff+gXWoCrwCd6fYQJ2qkLfDDQx6R5I3iL37DSX3 NTxgWRxpSWxi4ffYPRLipObgBO8+8lJXmq/wrHh+lfeatummeSCr23hPI0W8Kcg5 QFWgXnSTIV6h5gC6cXX7XeRqifGLhLiyoK7u56H+roIzaF19vkoHlYLRVP88DkDP 21Er/4+M1a4HAolm2ijh+CjJVwxlMZvaL+CnoSvvLfJsNQcXDkdoRqSbutZjv/cr 5eROfSNJBRmhwmC5CuiPbh4TSOER1r6e5KEmE22ANwee5BY5uos30jZ2Nv2jCt9J Alyr4xwaj+3lJg== -----END CERTIFICATE-----Generated at Mon Jan 26 06:23:40 2026 by rpki-client