This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json) Hash identifier: lkXxFM8tcuc4hgk0nWtU4ZppenGQXAFShR/6FVblyQs= Subject key identifier: BB:EB:D9:9F:C4:49:08:C6:07:FE:6E:EC:1D:BE:41:D2:3D:48:FC:59 Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d Certificate serial: 019BFB405DEF644E0733C3E7CD1051136C02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft Manifest number: 177D Signing time: Mon 26 Jan 2026 17:00:57 +0000 Manifest this update: Mon 26 Jan 2026 17:00:57 +0000 Manifest next update: Tue 27 Jan 2026 17:00:57 +0000 Files and hashes: 1: OB7HIJ6E7VL850eNPLbDO9hsF0w.roa (hash: nMO9swrGeSsqg3nG7FL8cD0rTbfGf4XKw96dzuahhzY=) 2: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: AAvHavnpXYpkKdZRVo2CGLsNvPQaJZ6Mp2Dudo1zO20=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:40:5d:ef:64:4e:07:33:c3:e7:cd:10:51:13:6c:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d Validity Not Before: Jan 26 17:00:57 2026 GMT Not After : Jan 27 17:00:57 2026 GMT Subject: CN=bbebd99fc44908c607fe6eec1dbe41d23d48fc59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:07:57:43:90:3b:5e:a4:c9:e8:04:0d:41:1e: 9d:ae:5b:a9:90:db:e4:75:2d:7a:62:bd:fe:96:3e: 41:e3:c3:e3:23:d2:a6:0f:00:a5:84:51:df:b5:45: dd:85:60:2b:34:09:9b:ce:fc:03:e3:17:88:c2:d8: ed:41:7f:2d:c5:d9:73:34:d7:b3:cc:2a:dc:13:aa: f4:b8:99:dd:5c:dd:76:f9:7a:a8:5e:1d:08:87:a0: c5:f1:89:5b:02:71:2a:ef:e6:da:58:94:08:21:1c: 56:77:59:03:f0:55:c6:b3:2e:09:66:7e:e0:9d:56: 25:d2:ee:f0:46:14:97:1a:fa:e3:db:7f:e6:b8:90: 3b:b8:42:c4:66:80:0c:e0:33:1a:e4:9a:66:fd:24: 14:52:57:de:56:8a:d0:e6:2d:ec:de:6d:6b:bc:7f: 61:ca:04:a6:59:33:90:95:6b:9c:bb:31:5a:02:11: 9f:5f:d5:4c:01:4d:f5:87:9e:d8:9e:0b:44:e0:c3: fb:05:4a:ca:a3:8f:6f:19:00:60:dc:f3:25:73:6a: 9d:4a:94:f4:88:ee:87:39:1e:ba:31:87:b6:9a:c0: a6:08:12:a2:7a:05:ab:41:ed:72:af:e8:bb:ae:dd: 64:88:3d:8f:73:81:c0:77:13:17:71:1a:08:bf:19: 29:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:EB:D9:9F:C4:49:08:C6:07:FE:6E:EC:1D:BE:41:D2:3D:48:FC:59 X509v3 Authority Key Identifier: keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:c2:da:09:96:fc:28:cd:0c:71:6a:74:9e:a2:1a:2a:36:c8: 51:76:26:c9:0e:fd:54:ec:c3:c7:a9:51:60:30:59:b7:c3:60: 8c:34:dc:46:a2:f9:7b:82:6b:f3:73:5f:3e:ca:cd:25:42:b0: f6:8c:fe:e0:13:54:be:18:f3:8c:ea:b5:ce:6c:42:99:1d:7e: f4:2f:f1:38:42:5e:4d:43:65:63:8a:ab:c8:60:32:4a:92:bf: 8c:54:9c:cb:42:45:21:1e:e9:ca:55:2e:51:76:ae:48:df:4c: a4:c4:e3:be:ec:62:e3:e3:d3:0b:25:f2:5f:b2:22:99:e0:f7: fb:72:01:f9:99:90:33:c3:bd:23:b3:20:46:0a:f8:aa:b6:f9: f8:6d:fa:58:fc:18:b1:ca:2b:67:ab:9d:f2:73:3f:00:da:75: e3:fc:29:de:07:dd:bc:e5:c1:b4:2a:e1:66:a5:60:07:0b:08: 87:c4:b9:51:f3:54:03:f7:aa:14:0b:2a:ab:c9:5c:b2:76:a1: 1a:2a:91:3f:d8:7d:ba:28:57:13:5b:c1:a4:f5:8c:d9:9e:c4: af:cb:4a:f4:b6:1f:cb:71:2d:5c:da:af:83:04:cf:18:49:e6: 69:d8:3d:5f:0f:bc:24:a2:44:18:51:8b:2c:6a:ed:ce:4b:df: e4:7c:3c:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7QF3vZE4HM8PnzRBRE2wCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm Njk5NmQwHhcNMjYwMTI2MTcwMDU3WhcNMjYwMTI3MTcwMDU3WjAzMTEwLwYDVQQD EyhiYmViZDk5ZmM0NDkwOGM2MDdmZTZlZWMxZGJlNDFkMjNkNDhmYzU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAdXQ5A7XqTJ6AQNQR6drlupkNvk dS16Yr3+lj5B48PjI9KmDwClhFHftUXdhWArNAmbzvwD4xeIwtjtQX8txdlzNNez zCrcE6r0uJndXN12+XqoXh0Ih6DF8YlbAnEq7+baWJQIIRxWd1kD8FXGsy4JZn7g nVYl0u7wRhSXGvrj23/muJA7uELEZoAM4DMa5Jpm/SQUUlfeVorQ5i3s3m1rvH9h ygSmWTOQlWucuzFaAhGfX9VMAU31h57YngtE4MP7BUrKo49vGQBg3PMlc2qdSpT0 iO6HOR66MYe2msCmCBKiegWrQe1yr+i7rt1kiD2Pc4HAdxMXcRoIvxkpTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLvr2Z/ESQjGB/5u7B2+QdI9SPxZMB8GA1UdIwQY MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQcLaCZb8 KM0McWp0nqIaKjbIUXYmyQ79VOzDx6lRYDBZt8NgjDTcRqL5e4Jr83NfPsrNJUKw 9oz+4BNUvhjzjOq1zmxCmR1+9C/xOEJeTUNlY4qryGAySpK/jFScy0JFIR7pylUu UXauSN9MpMTjvuxi4+PTCyXyX7IimeD3+3IB+ZmQM8O9I7MgRgr4qrb5+G36WPwY scorZ6ud8nM/ANp14/wp3gfdvOXBtCrhZqVgBwsIh8S5UfNUA/eqFAsqq8lcsnah GiqRP9h9uihXE1vBpPWM2Z7Er8tK9LYfy3EtXNqvgwTPGEnmadg9Xw+8JKJEGFGL LGrtzkvf5Hw8CA== -----END CERTIFICATE-----Generated at Mon Jan 26 21:08:53 2026 by rpki-client