This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft File: OBssWXKaU7hBEqryyhIo80JHo5s.mft (raw, json) Hash identifier: mBg6V7FkGaHT6gSYD2odC5UN6Ih8MmOBkTpSeSeHH4I= Subject key identifier: 99:B2:64:8D:0C:72:BC:C1:C9:F8:C8:6D:24:29:53:DC:6B:88:1E:40 Authority key identifier: 38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B Certificate issuer: /CN=381b2c59729a53b84112aaf2ca1228f34247a39b Certificate serial: 019B785BB4DC0208EE2B1FD97E88AE5CBC21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft Manifest number: 17A3 Signing time: Thu 01 Jan 2026 07:00:34 +0000 Manifest this update: Thu 01 Jan 2026 07:00:34 +0000 Manifest next update: Fri 02 Jan 2026 07:00:34 +0000 Files and hashes: 1: OBssWXKaU7hBEqryyhIo80JHo5s.crl (hash: YX15k74tTdan0EiGgFK1B+FMcWAZMoF+k9IE37IMH6Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 07:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:5b:b4:dc:02:08:ee:2b:1f:d9:7e:88:ae:5c:bc:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=381b2c59729a53b84112aaf2ca1228f34247a39b Validity Not Before: Jan 1 07:00:34 2026 GMT Not After : Jan 2 07:00:34 2026 GMT Subject: CN=99b2648d0c72bcc1c9f8c86d242953dc6b881e40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6e:24:8d:c5:6d:e1:51:b4:32:5b:bb:2b:d9: 18:a6:f8:16:10:f9:b0:46:9e:d6:5e:79:9e:e5:15: f0:37:56:98:2c:da:ee:bc:34:ab:ee:fa:22:56:2d: 4d:b6:cd:ab:be:37:28:8e:8e:22:7d:fa:2b:4c:f9: 5f:73:d7:26:78:79:78:03:fd:da:5d:65:ee:84:25: b5:19:04:c7:97:13:17:68:c8:34:a5:8a:39:88:05: 08:8d:4f:00:3b:d5:17:df:d1:11:d8:20:70:b0:6a: ef:60:b3:61:cf:da:55:54:5d:58:eb:58:e9:f2:d2: ba:d5:eb:26:b0:cd:b1:5b:98:21:e9:3b:4b:ac:b3: 71:bf:32:cb:af:03:14:e5:b8:f3:57:90:4f:18:51: 18:1f:6f:75:7a:11:6b:2b:46:07:69:99:1e:56:66: 1c:a8:e1:39:c4:91:9b:f5:24:a1:64:aa:30:2e:3d: d3:f5:5d:32:ef:b6:a4:3a:97:14:67:1e:1b:e2:5c: f7:ff:f1:ab:60:ec:8d:93:a3:d3:12:88:b7:77:b8: 7b:d5:2b:bf:da:ee:65:c0:ec:14:c6:8c:c6:b1:30: f9:54:3b:85:81:82:ee:5d:18:be:51:ec:53:17:ff: 8b:a6:06:14:97:cb:10:73:65:50:ec:e7:2f:bd:ce: db:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:B2:64:8D:0C:72:BC:C1:C9:F8:C8:6D:24:29:53:DC:6B:88:1E:40 X509v3 Authority Key Identifier: keyid:38:1B:2C:59:72:9A:53:B8:41:12:AA:F2:CA:12:28:F3:42:47:A3:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBssWXKaU7hBEqryyhIo80JHo5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/14917a-4911-4c3b-b2a7-27d5ace0307f/1/OBssWXKaU7hBEqryyhIo80JHo5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:73:fa:91:76:5b:88:c7:70:8a:38:b0:bf:a4:c4:a4:c1:68: 89:fe:ee:ad:a1:32:8d:2c:0a:e2:7a:1c:fb:7b:96:45:c0:55: 24:a6:e2:da:29:ac:1d:a0:72:de:ca:3a:3b:80:c6:8d:35:21: 7c:42:dc:16:41:b4:f6:bf:08:41:75:30:92:3a:1c:50:df:ec: 1f:c9:25:36:d6:b8:36:f0:0f:55:10:2a:01:0c:69:97:b7:7d: db:ac:3b:59:d3:0b:c4:24:98:5f:60:63:04:68:e2:80:43:e4: 91:89:5e:e7:c8:c6:47:ac:00:e8:4c:e8:97:31:82:b2:31:71: 05:18:d9:9e:48:2b:cb:b7:ce:f8:e3:96:32:75:c7:3d:33:a1: f5:39:42:c7:23:a9:ee:bd:9c:35:a1:5d:5e:15:90:64:b2:12: 44:af:52:c3:0e:5a:a4:22:c3:c9:b8:b7:0e:f3:71:3d:01:59: a8:72:d3:e1:93:5e:f6:fe:c7:d1:ec:4d:cc:ae:c9:8f:b3:d1: 7d:1c:2a:78:39:15:02:d3:7c:4c:7f:fe:35:50:78:d4:ed:57: 61:3d:d5:d5:2a:29:97:b1:50:53:f3:86:57:1c:cb:ee:3e:e7: 91:4b:85:c4:eb:32:d0:b8:79:5e:05:b1:1c:f2:45:ac:02:96: 0b:27:b2:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt4W7TcAgjuKx/ZfoiuXLwhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MWIyYzU5NzI5YTUzYjg0MTEyYWFmMmNhMTIyOGYzNDI0 N2EzOWIwHhcNMjYwMTAxMDcwMDM0WhcNMjYwMTAyMDcwMDM0WjAzMTEwLwYDVQQD Eyg5OWIyNjQ4ZDBjNzJiY2MxYzlmOGM4NmQyNDI5NTNkYzZiODgxZTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG4kjcVt4VG0Mlu7K9kYpvgWEPmw Rp7WXnme5RXwN1aYLNruvDSr7voiVi1Nts2rvjcojo4ifforTPlfc9cmeHl4A/3a XWXuhCW1GQTHlxMXaMg0pYo5iAUIjU8AO9UX39ER2CBwsGrvYLNhz9pVVF1Y61jp 8tK61esmsM2xW5gh6TtLrLNxvzLLrwMU5bjzV5BPGFEYH291ehFrK0YHaZkeVmYc qOE5xJGb9SShZKowLj3T9V0y77akOpcUZx4b4lz3//GrYOyNk6PTEoi3d7h71Su/ 2u5lwOwUxozGsTD5VDuFgYLuXRi+UexTF/+LpgYUl8sQc2VQ7Ocvvc7bWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJmyZI0McrzByfjIbSQpU9xriB5AMB8GA1UdIwQY MBaAFDgbLFlymlO4QRKq8soSKPNCR6ObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTct MjdkNWFjZTAzMDdmLzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8xNDkxN2EtNDkxMS00YzNiLWIyYTctMjdkNWFjZTAzMDdm LzEvT0Jzc1dYS2FVN2hCRXFyeXloSW84MEpIbzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjXP6kXZb iMdwijiwv6TEpMFoif7uraEyjSwK4noc+3uWRcBVJKbi2imsHaBy3so6O4DGjTUh fELcFkG09r8IQXUwkjocUN/sH8klNta4NvAPVRAqAQxpl7d926w7WdMLxCSYX2Bj BGjigEPkkYle58jGR6wA6EzolzGCsjFxBRjZnkgry7fO+OOWMnXHPTOh9TlCxyOp 7r2cNaFdXhWQZLISRK9Sww5apCLDybi3DvNxPQFZqHLT4ZNe9v7H0exNzK7Jj7PR fRwqeDkVAtN8TH/+NVB41O1XYT3V1Sopl7FQU/OGVxzL7j7nkUuFxOsy0Lh5XgWx HPJFrAKWCyey9A== -----END CERTIFICATE-----Generated at Thu Jan 1 11:04:44 2026 by rpki-client