This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft File: OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft (raw, json) Hash identifier: AKkGYulGssUAEDYDQmM6XWItkg94VI/hS6cKZA9Ll8Y= Subject key identifier: F9:42:6E:7C:89:DA:71:36:95:A4:CA:6C:8A:0D:65:57:F0:8C:04:FD Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b Certificate serial: 019BF6BF65B810695B26D1BE7BE9AB65326C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft Manifest number: 17ED Signing time: Sun 25 Jan 2026 20:01:37 +0000 Manifest this update: Sun 25 Jan 2026 20:01:37 +0000 Manifest next update: Mon 26 Jan 2026 20:01:37 +0000 Files and hashes: 1: GS12T19X33XYAhf098NVhyXx3j4.roa (hash: 2sPtA3M8U954wEjtNrs6ONRJ78QRH5zWAILMakv6ILg=) 2: OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl (hash: EL5HesQ1NCFi9OH85Nl7awrhZCzokXwz7RLgNJV7+bQ=) 3: Ys4PogIAyq6Z-1e6V87HwtKW-Jw.roa (hash: 9OEorLPT8PEnhbBuzCTUI3Vb5lQD/nIA0b2dhSxkYk4=) 4: ckGyseiXClHPKvZc0nmqY19ttos.roa (hash: Yi/gbRZzD3hzlnLpg0sfEHwVq1nYLL7ZQtIyu02d0kc=) 5: flQssGcGnPHhqNGkKwTNsJejaeQ.roa (hash: 7MK/e6VIAjwZyf2enbWUdzme5SKLDGdFufR5UtJ+Iyo=) 6: tI1eWKq17tDG9hQWcAP-FozruWU.roa (hash: yszzGKzH2Y3utLHy31Xungt79IkdPWx2rbVckLVltxM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:bf:65:b8:10:69:5b:26:d1:be:7b:e9:ab:65:32:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b Validity Not Before: Jan 25 20:01:37 2026 GMT Not After : Jan 26 20:01:37 2026 GMT Subject: CN=f9426e7c89da713695a4ca6c8a0d6557f08c04fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:bb:45:9d:b0:60:0f:c7:1e:4c:59:3e:e2:46: 65:96:9c:23:41:88:56:08:0b:56:53:bd:bd:39:aa: 4a:c4:f1:a5:16:20:98:50:f8:5c:56:94:14:f8:fa: e8:6c:3c:74:4b:a2:92:34:26:a4:9f:c5:93:cb:52: 86:b2:be:e1:db:e6:8a:78:83:51:8b:3a:1e:58:d3: 5f:fd:37:c1:0b:43:0b:4b:83:92:ce:a1:a6:22:19: cc:76:13:74:92:9c:cb:1c:df:0b:c7:3d:d8:9e:23: 53:3c:1c:39:40:b2:4b:31:dc:02:d4:df:5e:1e:11: 9d:39:c6:a3:4f:1b:99:b4:2b:33:03:54:96:04:93: 7d:20:46:39:4e:cb:87:9e:38:f5:03:94:05:32:db: 0e:b6:cb:82:80:47:a7:de:23:88:27:58:8b:54:9e: f3:c0:c8:7e:b7:e7:da:5b:19:1f:b7:66:be:fc:f3: 78:79:19:da:76:3f:38:53:da:0d:60:0d:be:a7:37: 55:2a:a7:d3:26:04:b2:55:b3:f2:6d:b8:e9:bd:b1: f1:80:ff:e4:81:a3:a2:05:c3:f6:df:5a:b8:7c:df: 77:21:aa:28:00:9c:ca:c3:9a:c1:01:c9:7c:4e:bf: df:ac:4c:4a:24:39:d9:f2:cb:31:0f:1a:19:80:4d: 84:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:42:6E:7C:89:DA:71:36:95:A4:CA:6C:8A:0D:65:57:F0:8C:04:FD X509v3 Authority Key Identifier: keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:0b:60:34:fb:5b:86:0a:0e:be:b4:e3:18:eb:dd:a9:f4:91: 18:30:81:4b:f1:99:c8:f6:57:22:f6:07:dc:84:bc:99:ab:64: d0:34:8f:31:70:17:0d:06:d1:5f:07:a0:87:e2:fc:70:f1:ab: 1c:bb:3e:a1:e3:c3:f3:a2:45:cc:18:d7:eb:5d:fd:26:18:5e: 63:56:c7:22:08:66:01:66:c3:73:75:0b:dd:18:e7:e5:bc:07: 0e:62:a3:c6:52:56:81:91:3b:e5:d4:ef:26:60:59:71:ce:0b: 07:d1:ab:ee:f1:97:da:6f:d9:39:cf:74:77:9e:3a:f1:16:76: b3:3d:4a:1f:17:83:71:db:61:79:28:13:cc:a8:6c:1f:3b:3c: d5:50:0a:7e:fe:f0:26:ec:e9:3f:1e:aa:86:67:6c:5d:d1:35: 89:97:05:43:8e:13:cc:64:aa:92:61:7c:05:3d:62:0d:36:e3: 5e:d3:f0:d5:37:df:86:b7:1f:e4:3a:fb:bf:9f:72:01:c5:14: e5:e4:86:9d:be:8f:b8:8a:b9:e0:20:53:49:88:e3:01:8b:0e: 51:c3:3b:e8:c3:7d:33:85:67:da:f4:ca:ca:48:a6:b0:69:27: 8a:b9:ae:b7:3b:e6:ab:3f:1f:c0:f4:04:c4:27:7f:74:fe:2c: 13:81:51:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2v2W4EGlbJtG+e+mrZTJsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk ODI0MGIwHhcNMjYwMTI1MjAwMTM3WhcNMjYwMTI2MjAwMTM3WjAzMTEwLwYDVQQD EyhmOTQyNmU3Yzg5ZGE3MTM2OTVhNGNhNmM4YTBkNjU1N2YwOGMwNGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLtFnbBgD8ceTFk+4kZllpwjQYhW CAtWU729OapKxPGlFiCYUPhcVpQU+ProbDx0S6KSNCakn8WTy1KGsr7h2+aKeINR izoeWNNf/TfBC0MLS4OSzqGmIhnMdhN0kpzLHN8Lxz3YniNTPBw5QLJLMdwC1N9e HhGdOcajTxuZtCszA1SWBJN9IEY5TsuHnjj1A5QFMtsOtsuCgEen3iOIJ1iLVJ7z wMh+t+faWxkft2a+/PN4eRnadj84U9oNYA2+pzdVKqfTJgSyVbPybbjpvbHxgP/k gaOiBcP231q4fN93IaooAJzKw5rBAcl8Tr/frExKJDnZ8ssxDxoZgE2ETQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPlCbnyJ2nE2laTKbIoNZVfwjAT9MB8GA1UdIwQY MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt MWQ3MDNiNDk2NjM0LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0 LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgtgNPtb hgoOvrTjGOvdqfSRGDCBS/GZyPZXIvYH3IS8matk0DSPMXAXDQbRXwegh+L8cPGr HLs+oePD86JFzBjX6139JhheY1bHIghmAWbDc3UL3Rjn5bwHDmKjxlJWgZE75dTv JmBZcc4LB9Gr7vGX2m/ZOc90d5468RZ2sz1KHxeDcdtheSgTzKhsHzs81VAKfv7w JuzpPx6qhmdsXdE1iZcFQ44TzGSqkmF8BT1iDTbjXtPw1Tffhrcf5Dr7v59yAcUU 5eSGnb6PuIq54CBTSYjjAYsOUcM76MN9M4Vn2vTKykimsGknirmutzvmqz8fwPQE xCd/dP4sE4FRzQ== -----END CERTIFICATE-----Generated at Mon Jan 26 03:32:52 2026 by rpki-client