This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft File: o8lj0aEdANOEre35u4blOEmpsYw.mft (raw, json) Hash identifier: xgJiIHF8afs3Y2GMQkspH6+dG2w8tkgwqyq76AZlkyY= Subject key identifier: B3:43:FA:9A:D3:B2:17:23:00:E6:D9:BB:16:A8:0D:88:C1:C3:90:ED Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c Certificate serial: 019BAD256C076A44C37F8C6E781A9C84E5C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft Manifest number: 17C6 Signing time: Sun 11 Jan 2026 13:01:09 +0000 Manifest this update: Sun 11 Jan 2026 13:01:09 +0000 Manifest next update: Mon 12 Jan 2026 13:01:09 +0000 Files and hashes: 1: o8lj0aEdANOEre35u4blOEmpsYw.crl (hash: BdCp+s976dDKSjaTKiAConD1zqkgQ6ejHEXMhrAaVH0=) 2: sbWj3cDEvspo2pzFM90qmBN7XGY.roa (hash: ZCuFftw5Wl2QKtDaCFVmcabJrAkBRibR6g/1SyLs2gs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:25:6c:07:6a:44:c3:7f:8c:6e:78:1a:9c:84:e5:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c Validity Not Before: Jan 11 13:01:09 2026 GMT Not After : Jan 12 13:01:09 2026 GMT Subject: CN=b343fa9ad3b2172300e6d9bb16a80d88c1c390ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:20:7c:52:8b:06:59:76:69:62:d7:1c:1a:a9: 3b:cc:03:6a:5a:ac:2d:04:8f:3c:a2:41:36:e0:21: 03:13:02:5e:cc:21:af:52:de:e2:49:0e:76:56:c4: e2:c0:c4:ec:18:f4:96:46:92:3e:d0:04:3e:63:93: 14:4f:ac:02:b4:3a:94:29:31:7a:b9:80:1a:e0:ee: f2:d1:6a:15:69:b2:b9:55:87:dd:42:00:ae:17:79: 67:16:e0:13:e2:1a:2e:2e:36:8e:89:21:84:14:92: de:28:9f:e0:a9:75:3f:fc:c6:cb:fc:0f:1e:30:eb: 49:d9:62:3a:bb:45:6d:9b:9b:fe:b3:d8:26:f6:93: 7f:c2:e0:b7:c5:a2:40:97:94:7a:63:dd:7e:28:e1: 5d:11:95:2b:eb:0e:c6:20:4e:3a:fc:a2:0f:7b:32: 74:c9:5a:3c:83:f7:8e:28:cc:54:05:5f:a4:c1:dd: 8e:11:c8:f4:0d:37:d6:06:1b:18:3e:77:56:57:84: a8:3e:5b:51:9a:84:6b:83:9a:51:10:dc:40:1c:6e: bb:af:c5:a9:ae:a6:93:ab:11:83:99:f8:f6:cb:39: 17:ad:c3:f3:3e:73:1d:bc:a1:17:36:14:eb:fc:8e: f2:ee:c6:0e:81:5d:e0:3e:5d:3a:ad:a2:ba:46:eb: fe:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:43:FA:9A:D3:B2:17:23:00:E6:D9:BB:16:A8:0D:88:C1:C3:90:ED X509v3 Authority Key Identifier: keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:d1:97:d1:ae:3f:0d:71:2b:30:a3:1d:1f:75:13:a9:58:6a: cf:32:4a:48:7f:0b:be:88:e9:4a:2d:d6:9e:2e:33:8a:8b:27: ef:f5:87:e4:0c:5b:64:02:74:f0:ba:2e:4e:8f:d6:42:76:5b: 1b:29:dc:13:76:e9:06:9b:fa:68:fe:01:b9:01:24:2f:4b:9b: 77:f1:85:e6:f4:48:2f:4c:d8:4c:b9:a4:e4:4b:a0:8e:3f:72: 93:bf:41:7b:94:5d:44:76:94:3f:51:f5:fe:bc:2f:28:1a:29: 15:0b:6b:b8:69:a2:c2:46:65:29:03:cc:6a:42:9d:26:06:59: 50:84:ed:2e:68:2d:b4:22:18:dc:ed:9c:ed:f3:59:ce:63:b9: 24:63:c2:7b:ab:69:c2:b3:a4:24:09:1b:3d:bb:46:29:9f:1c: 95:cd:fc:b3:80:ea:d4:06:dc:a4:c2:32:2a:78:16:73:7d:3e: 3e:30:28:56:74:51:48:34:55:32:9f:55:1a:f4:08:54:2b:2f: 35:fc:44:60:fd:e2:a1:c0:34:e3:bc:72:c1:3d:04:bc:3d:6d: 63:a9:f2:2f:14:cd:6a:84:01:8d:5c:54:c7:d9:63:19:85:f3: d8:f6:cb:b9:e6:24:19:fa:cd:97:d3:3a:46:b0:7d:6e:0e:6e: d7:02:3b:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutJWwHakTDf4xueBqchOXAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzYzk2M2QxYTExZDAwZDM4NGFkZWRmOWJiODZlNTM4NDlh OWIxOGMwHhcNMjYwMTExMTMwMTA5WhcNMjYwMTEyMTMwMTA5WjAzMTEwLwYDVQQD EyhiMzQzZmE5YWQzYjIxNzIzMDBlNmQ5YmIxNmE4MGQ4OGMxYzM5MGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiB8UosGWXZpYtccGqk7zANqWqwt BI88okE24CEDEwJezCGvUt7iSQ52VsTiwMTsGPSWRpI+0AQ+Y5MUT6wCtDqUKTF6 uYAa4O7y0WoVabK5VYfdQgCuF3lnFuAT4houLjaOiSGEFJLeKJ/gqXU//MbL/A8e MOtJ2WI6u0Vtm5v+s9gm9pN/wuC3xaJAl5R6Y91+KOFdEZUr6w7GIE46/KIPezJ0 yVo8g/eOKMxUBV+kwd2OEcj0DTfWBhsYPndWV4SoPltRmoRrg5pRENxAHG67r8Wp rqaTqxGDmfj2yzkXrcPzPnMdvKEXNhTr/I7y7sYOgV3gPl06raK6Ruv+cQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLND+prTshcjAObZuxaoDYjBw5DtMB8GA1UdIwQY MBaAFKPJY9GhHQDThK3t+buG5ThJqbGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2Qt MTA0MmVhOGUzYmZiLzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mYzUyYTAtZTBmNy00ODBiLWJhN2QtMTA0MmVhOGUzYmZi LzEvbzhsajBhRWRBTk9FcmUzNXU0YmxPRW1wc1l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC9GX0a4/ DXErMKMdH3UTqVhqzzJKSH8LvojpSi3Wni4ziosn7/WH5AxbZAJ08LouTo/WQnZb GyncE3bpBpv6aP4BuQEkL0ubd/GF5vRIL0zYTLmk5Eugjj9yk79Be5RdRHaUP1H1 /rwvKBopFQtruGmiwkZlKQPMakKdJgZZUITtLmgttCIY3O2c7fNZzmO5JGPCe6tp wrOkJAkbPbtGKZ8clc38s4Dq1AbcpMIyKngWc30+PjAoVnRRSDRVMp9VGvQIVCsv NfxEYP3iocA047xywT0EvD1tY6nyLxTNaoQBjVxUx9ljGYXz2PbLueYkGfrNl9M6 RrB9bg5u1wI7bQ== -----END CERTIFICATE-----Generated at Sun Jan 11 22:28:41 2026 by rpki-client