This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft File: onIAVE-TpnX8jHhBhWmA44o1Kcs.mft (raw, json) Hash identifier: lnRKa6OS8GMwjzZ6CKfh9ARyf/ORPFm3fsz6yxrTRQE= Subject key identifier: 12:54:39:82:3B:0F:71:19:71:4A:9B:3A:A8:12:53:9B:5A:2C:CA:21 Authority key identifier: A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB Certificate issuer: /CN=a27200544f93a675fc8c7841856980e38a3529cb Certificate serial: 019BF462EA5AD1DD6B9EFBF75FD551856CC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft Manifest number: 1283 Signing time: Sun 25 Jan 2026 09:01:21 +0000 Manifest this update: Sun 25 Jan 2026 09:01:21 +0000 Manifest next update: Mon 26 Jan 2026 09:01:21 +0000 Files and hashes: 1: Z2uEQbE7L2pDV1J90F-WHp-FeRc.roa (hash: gG4qjMeD/GD4iye01V4m4U9isqUINl3gT+i69LWAi7I=) 2: onIAVE-TpnX8jHhBhWmA44o1Kcs.crl (hash: ow17Jqobr1K2KVBzPGmWcuubSmSK2hQmZNPKc8rqzzU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:62:ea:5a:d1:dd:6b:9e:fb:f7:5f:d5:51:85:6c:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a27200544f93a675fc8c7841856980e38a3529cb Validity Not Before: Jan 25 09:01:21 2026 GMT Not After : Jan 26 09:01:21 2026 GMT Subject: CN=125439823b0f7119714a9b3aa812539b5a2cca21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a8:24:49:ed:53:5f:b6:d0:9f:ca:11:89:de: 36:66:1d:c3:00:07:91:1b:f7:3b:ca:86:42:7b:47: b5:e0:b9:05:9f:9a:28:28:4f:b6:1b:a5:c3:c7:b2: bd:54:96:94:f4:a9:9c:13:1a:8e:eb:25:9f:ca:b9: 8b:1a:90:b5:e1:1b:ec:08:4d:e5:12:d8:ec:61:d3: 1d:88:ea:78:65:52:a1:92:f3:3b:01:59:49:18:15: 20:79:4d:90:0e:5c:4c:b2:f9:12:93:ac:39:48:22: f6:91:01:94:8a:44:e5:56:f9:34:e4:4b:8c:31:21: ef:cb:c8:f6:d1:63:a2:b0:a5:28:5c:ee:6a:67:43: ad:b7:6f:09:be:96:78:7a:3d:f1:c5:91:99:2b:08: 28:d1:62:ad:3c:3a:d3:a8:84:90:62:5d:2e:a8:4d: 2b:9d:42:aa:ac:17:c6:15:ff:c2:fd:7a:9a:23:9f: 30:e0:09:55:5e:dd:00:80:54:f2:c3:bd:ed:49:12: 3b:af:d0:64:e9:d6:a0:34:a5:4f:94:a9:57:81:51: b4:34:31:21:86:8d:19:93:2f:6a:31:c8:51:14:fb: 8f:8c:ee:f7:7c:26:8c:5a:db:e1:86:36:aa:7b:06: ef:c2:f7:27:92:b1:9b:03:f7:8c:1c:67:23:30:6d: d5:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:54:39:82:3B:0F:71:19:71:4A:9B:3A:A8:12:53:9B:5A:2C:CA:21 X509v3 Authority Key Identifier: keyid:A2:72:00:54:4F:93:A6:75:FC:8C:78:41:85:69:80:E3:8A:35:29:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onIAVE-TpnX8jHhBhWmA44o1Kcs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bc1c74-1e0a-4055-80b8-efa7f89bd0b9/1/onIAVE-TpnX8jHhBhWmA44o1Kcs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:10:78:c7:ba:cc:d0:9d:f5:a6:41:ec:f1:d4:60:dc:95:5f: 8c:d1:f0:15:5f:50:e6:ab:6b:2d:42:a7:e1:0b:05:3d:18:55: 59:08:e1:67:02:2c:99:1e:2b:65:b7:79:fd:2b:57:ad:de:c5: bb:2f:71:89:52:0e:b3:b3:99:f7:33:25:06:44:7a:b1:1a:ae: 41:02:8f:88:9a:6f:1e:19:77:ad:05:7a:8a:47:a9:e0:3c:19: 4a:e2:92:90:b2:55:16:3f:35:3e:09:5e:a5:bf:f1:ca:d8:33: 8e:db:fd:20:35:a1:94:c7:c8:97:a5:22:b8:27:75:f8:b2:f6: 48:5c:b6:3e:d2:49:e6:37:f0:d1:49:13:01:8a:ff:f5:64:96: 15:80:00:40:10:43:25:7e:b1:61:c2:e0:7c:0f:db:cc:8e:bc: 1c:46:32:97:68:23:f3:6e:ab:59:68:c3:be:c2:7a:09:70:24: 0d:c8:e0:b2:37:6d:c1:0d:61:0a:00:64:be:7c:0e:25:bb:ba: c2:a6:53:c1:ce:51:13:27:a7:4e:44:a9:f3:4f:f1:b5:9e:72: ef:8a:29:77:0d:52:14:7d:ea:a7:e1:17:96:7e:c8:04:42:52: 8c:b5:70:92:ad:0d:39:6a:d5:5d:6c:1e:57:d1:c1:53:d6:d0: 25:44:d8:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0Yupa0d1rnvv3X9VRhWzGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNzIwMDU0NGY5M2E2NzVmYzhjNzg0MTg1Njk4MGUzOGEz NTI5Y2IwHhcNMjYwMTI1MDkwMTIxWhcNMjYwMTI2MDkwMTIxWjAzMTEwLwYDVQQD EygxMjU0Mzk4MjNiMGY3MTE5NzE0YTliM2FhODEyNTM5YjVhMmNjYTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6gkSe1TX7bQn8oRid42Zh3DAAeR G/c7yoZCe0e14LkFn5ooKE+2G6XDx7K9VJaU9KmcExqO6yWfyrmLGpC14RvsCE3l EtjsYdMdiOp4ZVKhkvM7AVlJGBUgeU2QDlxMsvkSk6w5SCL2kQGUikTlVvk05EuM MSHvy8j20WOisKUoXO5qZ0Ott28JvpZ4ej3xxZGZKwgo0WKtPDrTqISQYl0uqE0r nUKqrBfGFf/C/XqaI58w4AlVXt0AgFTyw73tSRI7r9Bk6dagNKVPlKlXgVG0NDEh ho0Zky9qMchRFPuPjO73fCaMWtvhhjaqewbvwvcnkrGbA/eMHGcjMG3VWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBJUOYI7D3EZcUqbOqgSU5taLMohMB8GA1UdIwQY MBaAFKJyAFRPk6Z1/Ix4QYVpgOOKNSnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgt ZWZhN2Y4OWJkMGI5LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9iYzFjNzQtMWUwYS00MDU1LTgwYjgtZWZhN2Y4OWJkMGI5 LzEvb25JQVZFLVRwblg4akhoQmhXbUE0NG8xS2NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBB4x7rM 0J31pkHs8dRg3JVfjNHwFV9Q5qtrLUKn4QsFPRhVWQjhZwIsmR4rZbd5/StXrd7F uy9xiVIOs7OZ9zMlBkR6sRquQQKPiJpvHhl3rQV6ikep4DwZSuKSkLJVFj81Pgle pb/xytgzjtv9IDWhlMfIl6UiuCd1+LL2SFy2PtJJ5jfw0UkTAYr/9WSWFYAAQBBD JX6xYcLgfA/bzI68HEYyl2gj826rWWjDvsJ6CXAkDcjgsjdtwQ1hCgBkvnwOJbu6 wqZTwc5REyenTkSp80/xtZ5y74opdw1SFH3qp+EXln7IBEJSjLVwkq0NOWrVXWwe V9HBU9bQJUTYbQ== -----END CERTIFICATE-----Generated at Sun Jan 25 16:46:22 2026 by rpki-client