This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json) Hash identifier: k+oPDJQ7+boE4bDKl9HV5/pTUwKv2kiBke1zdzdW4F8= Subject key identifier: 27:49:C7:01:28:92:E3:CB:28:0F:D8:E2:F8:37:29:C8:83:1D:C4:5B Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51 Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451 Certificate serial: 019B7D826CCBBD45473EACA942ECD697BBF3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft Manifest number: 09B6 Signing time: Fri 02 Jan 2026 07:00:58 +0000 Manifest this update: Fri 02 Jan 2026 07:00:58 +0000 Manifest next update: Sat 03 Jan 2026 07:00:58 +0000 Files and hashes: 1: MCQJgOH0F61zyqort3aDkrCqcME.roa (hash: dFlLGTPXyNVZq9IJXBt9j7cJ/cyhu9qP1civtpo4hwY=) 2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: MSE3oVCHDdRcFDPefDD0N77TnKWfg96gNrZWN66FFQc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:82:6c:cb:bd:45:47:3e:ac:a9:42:ec:d6:97:bb:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451 Validity Not Before: Jan 2 07:00:58 2026 GMT Not After : Jan 3 07:00:58 2026 GMT Subject: CN=2749c7012892e3cb280fd8e2f83729c8831dc45b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:71:7c:99:ed:2d:48:49:44:03:f5:70:f8:06: 0e:ca:63:77:a2:37:cc:8e:71:7f:14:6e:6c:85:15: 10:f6:2a:a2:1c:95:ff:aa:e3:bf:e3:21:a5:73:3c: 03:31:24:25:0f:bc:5f:27:e1:9b:26:5e:71:ba:d9: 26:11:38:6b:90:7c:80:63:38:ad:1d:a2:6c:84:2f: ec:25:91:59:8b:c4:99:71:74:18:18:1d:23:12:e2: c1:cd:49:ff:f9:5b:8c:22:83:bd:71:0f:d7:3f:cf: 58:a3:92:b8:1c:0a:c0:b4:b5:ea:93:10:72:e2:0a: f2:03:5e:54:e4:d9:d6:52:e0:b0:09:42:f1:24:02: c4:e4:66:1d:6b:0e:f3:f8:43:7f:47:56:84:20:9d: 50:c5:e7:09:9a:55:e8:b2:5c:4a:2d:0c:98:99:f9: 02:3a:f3:4c:86:80:d0:07:ff:ee:f0:97:fe:29:4d: fe:c3:de:73:cb:43:8a:50:90:2d:f8:cf:d4:8e:18: eb:47:de:9d:8a:ab:d7:36:67:63:35:45:fe:22:f8: af:9f:25:2b:bd:82:5e:fc:26:f1:58:e1:30:92:5f: 41:82:b0:62:ed:99:e2:b4:59:07:8d:c3:08:37:37: bb:ff:2a:01:f6:bd:9e:5d:51:ef:e7:65:80:e0:d9: ed:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:49:C7:01:28:92:E3:CB:28:0F:D8:E2:F8:37:29:C8:83:1D:C4:5B X509v3 Authority Key Identifier: keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:cb:85:8f:dd:72:84:e9:1b:e5:5b:1c:98:39:72:d8:cd:61: c3:9e:92:65:f0:11:31:c7:b2:4c:4f:25:4f:9a:2a:8f:6c:44: 2f:61:ba:26:f5:5d:59:c1:61:1b:c9:0f:f0:9e:17:7c:b9:d9: 0c:f9:bd:90:fc:bc:b8:fd:52:76:91:be:44:77:a5:3a:f4:2c: 2c:ff:3e:e3:39:81:c9:0e:af:dc:12:ef:79:6c:68:24:a6:3b: a7:92:45:17:65:52:c4:50:5d:b8:b1:95:75:8b:8a:01:91:a6: 7c:e2:74:af:50:ef:15:71:1d:f1:33:3f:03:2d:46:a2:4c:9c: 76:16:ec:f8:f7:c2:1b:b7:24:e3:98:28:f1:55:d9:d1:71:ac: 4e:0b:e8:ee:de:93:48:15:db:a9:0b:4e:cf:c3:b5:8d:de:90: ed:99:5b:f6:4a:70:36:7a:6d:12:98:72:88:4f:30:3a:8a:c8: 2f:74:16:34:0c:bf:d5:11:b0:48:ac:ba:08:26:b8:d6:50:78: 26:9e:d1:6a:9e:e5:80:8f:9b:f2:69:31:6b:f2:f5:cc:ef:fc: 26:65:98:be:12:e1:e2:55:83:61:14:12:d4:fe:5a:36:5b:86: 85:e0:0e:a9:5e:3a:3f:02:e9:a2:50:dd:f6:95:88:6d:73:61: 6b:0c:df:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt9gmzLvUVHPqypQuzWl7vzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3 Yjk0NTEwHhcNMjYwMTAyMDcwMDU4WhcNMjYwMTAzMDcwMDU4WjAzMTEwLwYDVQQD EygyNzQ5YzcwMTI4OTJlM2NiMjgwZmQ4ZTJmODM3MjljODgzMWRjNDViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXF8me0tSElEA/Vw+AYOymN3ojfM jnF/FG5shRUQ9iqiHJX/quO/4yGlczwDMSQlD7xfJ+GbJl5xutkmEThrkHyAYzit HaJshC/sJZFZi8SZcXQYGB0jEuLBzUn/+VuMIoO9cQ/XP89Yo5K4HArAtLXqkxBy 4gryA15U5NnWUuCwCULxJALE5GYdaw7z+EN/R1aEIJ1QxecJmlXoslxKLQyYmfkC OvNMhoDQB//u8Jf+KU3+w95zy0OKUJAt+M/UjhjrR96diqvXNmdjNUX+IvivnyUr vYJe/CbxWOEwkl9BgrBi7ZnitFkHjcMINze7/yoB9r2eXVHv52WA4Nnt/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCdJxwEokuPLKA/Y4vg3KciDHcRbMB8GA1UdIwQY MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4 LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMuFj91y hOkb5VscmDly2M1hw56SZfARMceyTE8lT5oqj2xEL2G6JvVdWcFhG8kP8J4XfLnZ DPm9kPy8uP1SdpG+RHelOvQsLP8+4zmByQ6v3BLveWxoJKY7p5JFF2VSxFBduLGV dYuKAZGmfOJ0r1DvFXEd8TM/Ay1Gokycdhbs+PfCG7ck45go8VXZ0XGsTgvo7t6T SBXbqQtOz8O1jd6Q7Zlb9kpwNnptEphyiE8wOorIL3QWNAy/1RGwSKy6CCa41lB4 Jp7Rap7lgI+b8mkxa/L1zO/8JmWYvhLh4lWDYRQS1P5aNluGheAOqV46PwLpolDd 9pWIbXNhawzfSg== -----END CERTIFICATE-----Generated at Fri Jan 2 13:06:55 2026 by rpki-client