This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.mft File: BoekrKWB2OvN_iS2Xx5woS8omng.mft (raw, json) Hash identifier: AHR/dooLCbB8qbUZ9OgGyzmQ+JcnkaKQrdxyHY46X8k= Subject key identifier: 0A:D9:4B:BC:A6:ED:D7:B8:93:DB:A8:FB:B7:B1:18:AA:68:B7:3A:00 Authority key identifier: 06:87:A4:AC:A5:81:D8:EB:CD:FE:24:B6:5F:1E:70:A1:2F:28:9A:78 Certificate issuer: /CN=0687a4aca581d8ebcdfe24b65f1e70a12f289a78 Certificate serial: 019BF49948461ABDCFF348967C779E8752FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BoekrKWB2OvN_iS2Xx5woS8omng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.mft Manifest number: 09A1 Signing time: Sun 25 Jan 2026 10:00:44 +0000 Manifest this update: Sun 25 Jan 2026 10:00:44 +0000 Manifest next update: Mon 26 Jan 2026 10:00:44 +0000 Files and hashes: 1: BoekrKWB2OvN_iS2Xx5woS8omng.crl (hash: rIGBbFXYYcX3Zq1TODkIO8oKB99jcp5pPgawLseLHBU=) 2: xNUHHeKL5gyglULSwBpb7Qy-WwI.roa (hash: +glq0PaufWCQhOFjvFVpKvbSAAw+d7Af8r+hPXAyxiA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.mft rsync://rpki.ripe.net/repository/DEFAULT/BoekrKWB2OvN_iS2Xx5woS8omng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:99:48:46:1a:bd:cf:f3:48:96:7c:77:9e:87:52:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0687a4aca581d8ebcdfe24b65f1e70a12f289a78 Validity Not Before: Jan 25 10:00:44 2026 GMT Not After : Jan 26 10:00:44 2026 GMT Subject: CN=0ad94bbca6edd7b893dba8fbb7b118aa68b73a00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7a:8d:f7:37:bc:02:30:5c:2f:6f:82:f3:28: 8c:8a:62:a7:78:51:2d:ad:26:9d:4e:03:c4:fe:05: c8:4e:40:08:d5:c8:0a:0e:c5:64:8f:7d:59:e9:c4: 41:a6:34:7c:c3:61:8d:15:09:8a:18:06:d8:31:b9: 91:9f:9d:c1:91:6e:0e:47:88:75:bc:66:f7:a3:4c: 4b:88:7c:d3:0f:c0:20:0d:65:ac:6a:bf:a8:e6:44: a2:7f:af:c0:aa:da:66:5f:3a:7a:0e:4b:c8:c9:70: f5:0a:90:56:99:ce:b1:a2:a1:61:c4:ce:e2:de:2f: 12:92:78:3e:96:9e:55:ce:d0:9e:21:4c:f6:bf:39: c2:89:65:0a:8a:41:73:9e:3b:df:8b:c3:46:71:4e: 4f:dd:7a:cc:19:cc:64:fe:2f:0c:73:99:52:12:56: c9:d7:88:07:56:6e:03:1f:ca:41:c6:a8:93:4f:5e: bc:b7:e8:b6:cd:3e:3c:a5:87:07:34:31:e4:c7:90: 97:f4:f4:24:eb:b9:48:f4:f9:6b:b7:94:43:8c:8a: aa:40:d9:8f:f2:13:5f:e3:2d:5e:fe:0b:c6:0d:8d: 1a:44:d9:c3:d1:32:92:21:9e:f1:f6:13:2a:3f:e8: 6d:ec:34:21:4f:57:4f:bc:2a:58:bd:32:08:ef:dc: 64:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:D9:4B:BC:A6:ED:D7:B8:93:DB:A8:FB:B7:B1:18:AA:68:B7:3A:00 X509v3 Authority Key Identifier: keyid:06:87:A4:AC:A5:81:D8:EB:CD:FE:24:B6:5F:1E:70:A1:2F:28:9A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BoekrKWB2OvN_iS2Xx5woS8omng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/9df11b-0187-4a91-b5d1-2d28a19135fd/1/BoekrKWB2OvN_iS2Xx5woS8omng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:ca:2f:8f:fc:31:b1:99:93:07:9b:5b:df:29:a6:23:04:bb: 5f:39:71:3b:5d:d7:75:16:02:2c:ce:df:b0:a1:30:80:17:6f: f9:23:68:a1:3b:e8:50:9e:d7:d3:89:e1:d5:2c:e5:e2:11:e7: 92:e6:a5:4b:8a:67:2b:08:66:39:e7:b4:bb:0b:2c:68:44:5d: db:ed:e4:8d:e9:27:b3:1e:45:60:9c:b1:ed:f9:59:e7:3b:64: cc:40:18:2c:fe:b5:90:0a:11:28:c8:86:06:75:00:7f:91:b2: 24:e7:b3:f7:a0:16:d0:86:7d:18:41:0c:87:9a:8f:f3:ec:b2: 56:90:a5:f2:86:eb:86:79:34:b0:68:7f:40:f0:a4:b6:9e:a4: fc:9e:ff:59:08:ab:b9:f9:ce:3a:e6:9d:72:c6:d8:f3:9e:5c: 6e:4f:bd:2d:05:78:c8:ba:98:e2:3b:75:a4:4b:fa:6d:7b:de: 22:e8:e0:be:bd:ad:91:8c:ed:fb:a7:09:2d:40:00:b2:59:fc: 2c:50:b6:77:13:32:7c:54:d1:b6:6c:73:d4:cf:8e:d7:9f:35: 52:7a:62:2a:7f:ce:ce:43:02:65:5a:3f:c6:7f:e2:29:4b:30: 23:64:da:8e:7b:f3:a0:ad:33:ae:d3:d7:eb:d5:cd:2a:f0:4f: c4:d2:1b:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0mUhGGr3P80iWfHeeh1L/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2ODdhNGFjYTU4MWQ4ZWJjZGZlMjRiNjVmMWU3MGExMmYy ODlhNzgwHhcNMjYwMTI1MTAwMDQ0WhcNMjYwMTI2MTAwMDQ0WjAzMTEwLwYDVQQD EygwYWQ5NGJiY2E2ZWRkN2I4OTNkYmE4ZmJiN2IxMThhYTY4YjczYTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznqN9ze8AjBcL2+C8yiMimKneFEt rSadTgPE/gXITkAI1cgKDsVkj31Z6cRBpjR8w2GNFQmKGAbYMbmRn53BkW4OR4h1 vGb3o0xLiHzTD8AgDWWsar+o5kSif6/AqtpmXzp6DkvIyXD1CpBWmc6xoqFhxM7i 3i8Skng+lp5VztCeIUz2vznCiWUKikFznjvfi8NGcU5P3XrMGcxk/i8Mc5lSElbJ 14gHVm4DH8pBxqiTT168t+i2zT48pYcHNDHkx5CX9PQk67lI9Plrt5RDjIqqQNmP 8hNf4y1e/gvGDY0aRNnD0TKSIZ7x9hMqP+ht7DQhT1dPvCpYvTII79xkFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFArZS7ym7de4k9uo+7exGKpotzoAMB8GA1UdIwQY MBaAFAaHpKylgdjrzf4ktl8ecKEvKJp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm9la3JLV0IyT3ZOX2lTMlh4NXdvUzhvbW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85ZGYxMWItMDE4Ny00YTkxLWI1ZDEt MmQyOGExOTEzNWZkLzEvQm9la3JLV0IyT3ZOX2lTMlh4NXdvUzhvbW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy85ZGYxMWItMDE4Ny00YTkxLWI1ZDEtMmQyOGExOTEzNWZk LzEvQm9la3JLV0IyT3ZOX2lTMlh4NXdvUzhvbW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcovj/wx sZmTB5tb3ymmIwS7XzlxO13XdRYCLM7fsKEwgBdv+SNooTvoUJ7X04nh1Szl4hHn kualS4pnKwhmOee0uwssaERd2+3kjeknsx5FYJyx7flZ5ztkzEAYLP61kAoRKMiG BnUAf5GyJOez96AW0IZ9GEEMh5qP8+yyVpCl8obrhnk0sGh/QPCktp6k/J7/WQir ufnOOuadcsbY855cbk+9LQV4yLqY4jt1pEv6bXveIujgvr2tkYzt+6cJLUAAsln8 LFC2dxMyfFTRtmxz1M+O1581UnpiKn/OzkMCZVo/xn/iKUswI2TajnvzoK0zrtPX 69XNKvBPxNIbzw== -----END CERTIFICATE-----Generated at Sun Jan 25 13:41:18 2026 by rpki-client