This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft File: OhsBRND2_wuDzON2eUYxdFt8p6A.mft (raw, json) Hash identifier: 7s1Hs1ognM9OXRaJRlsatfjAXYu2qGFCzh6yaDJaOTE= Subject key identifier: BE:C5:29:E2:6D:B5:48:1D:1D:28:03:AB:AA:38:61:D9:A2:0A:BB:6C Authority key identifier: 3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0 Certificate issuer: /CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0 Certificate serial: 019BAF144A3048D0D9B042511A7DC02241B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft Manifest number: 12F4 Signing time: Sun 11 Jan 2026 22:01:40 +0000 Manifest this update: Sun 11 Jan 2026 22:01:40 +0000 Manifest next update: Mon 12 Jan 2026 22:01:40 +0000 Files and hashes: 1: OhsBRND2_wuDzON2eUYxdFt8p6A.crl (hash: 8aTV8tWJUgB/4O1qRvN4+PxefTAyHckg8XDG/R71FtY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:af:14:4a:30:48:d0:d9:b0:42:51:1a:7d:c0:22:41:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1b0144d0f6ff0b83cce376794631745b7ca7a0 Validity Not Before: Jan 11 22:01:40 2026 GMT Not After : Jan 12 22:01:40 2026 GMT Subject: CN=bec529e26db5481d1d2803abaa3861d9a20abb6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f6:ac:76:3c:95:1e:b8:6b:64:db:76:f6:e4: 46:29:f7:a2:e7:e1:8c:14:55:4c:b0:6d:5f:85:67: 50:e1:a0:8e:3c:b1:eb:f3:5d:5f:db:c5:f5:53:1d: 79:04:2f:18:e6:ef:2e:35:4b:28:22:2e:8a:b5:9b: ac:10:c9:31:53:63:b1:8e:f5:0e:7e:78:d9:0e:a2: 60:78:0d:21:0e:75:66:80:62:c6:0c:c6:71:12:8a: 0c:4e:53:2e:ab:1a:c0:eb:a6:f7:30:d5:8e:55:ab: 9c:30:8a:f4:6b:e5:d5:d8:82:e5:fc:46:0e:d5:dc: e8:4e:07:de:21:fb:a5:99:4b:1b:02:09:d6:c7:62: d4:ec:1b:9d:01:93:8d:5a:a6:60:07:fb:9c:66:94: 2a:96:57:79:b5:51:0b:8f:04:ee:d3:18:4e:3c:9c: b9:62:73:27:af:84:ae:0d:95:aa:34:93:62:d1:c8: b5:2e:19:da:65:65:6d:0d:48:5c:ab:5d:c4:59:bb: f9:a5:d7:f9:90:b5:24:c5:b0:a8:5f:15:17:8e:d6: b7:fd:7f:05:20:e5:4a:5f:5e:fa:a3:ac:b5:98:eb: ca:d7:b0:42:3c:13:61:2f:07:bc:11:27:20:2e:48: a6:14:02:3c:a3:d9:97:9d:12:d6:82:3f:1b:67:1a: 84:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C5:29:E2:6D:B5:48:1D:1D:28:03:AB:AA:38:61:D9:A2:0A:BB:6C X509v3 Authority Key Identifier: keyid:3A:1B:01:44:D0:F6:FF:0B:83:CC:E3:76:79:46:31:74:5B:7C:A7:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhsBRND2_wuDzON2eUYxdFt8p6A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/628406-3e2c-4896-82ea-250544277d5c/1/OhsBRND2_wuDzON2eUYxdFt8p6A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:42:f2:98:8a:95:99:f8:1d:00:69:e0:a6:a5:4e:ee:ee:6d: c8:6f:87:b1:59:49:5b:4d:b7:7b:d3:fc:c4:5a:3d:45:b2:f9: 38:55:fa:61:ec:c9:50:f6:06:62:f5:0a:54:96:31:f0:f8:99: 5e:4a:c8:9d:90:7b:1a:1d:92:d6:dc:9d:fc:d7:55:c4:e1:92: 47:a6:92:76:12:d9:3b:2c:9a:7c:54:0b:96:73:f4:4f:bd:c7: d6:f3:19:64:8f:1c:d8:b5:f3:95:65:09:81:aa:ee:e3:a3:68: 24:c8:f9:de:2c:4c:04:61:be:4d:cf:f6:2b:8f:79:a5:47:4d: 11:86:36:b2:2f:04:ad:0b:5d:cc:17:bb:77:31:5a:f0:ff:53: 62:d0:a8:38:27:8c:94:1b:d7:f9:5f:e6:03:8a:20:f9:34:59: 42:f3:f2:41:ba:57:a3:f1:ce:61:f9:af:18:81:ea:27:19:3b: 6e:c0:33:0b:e3:fc:56:4e:79:22:48:14:0e:7c:2c:0f:76:fd: 65:5e:9f:66:43:02:62:f8:fc:54:40:c2:cd:d7:a6:73:43:16: c6:d2:f3:a8:e7:31:5d:86:80:9d:4c:1a:fd:40:5a:df:d2:95: 6f:c4:79:8c:42:f8:8c:8d:1c:56:e0:9b:cf:2d:52:7c:6f:06: bb:a9:59:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuvFEowSNDZsEJRGn3AIkGzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMWIwMTQ0ZDBmNmZmMGI4M2NjZTM3Njc5NDYzMTc0NWI3 Y2E3YTAwHhcNMjYwMTExMjIwMTQwWhcNMjYwMTEyMjIwMTQwWjAzMTEwLwYDVQQD EyhiZWM1MjllMjZkYjU0ODFkMWQyODAzYWJhYTM4NjFkOWEyMGFiYjZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvasdjyVHrhrZNt29uRGKfei5+GM FFVMsG1fhWdQ4aCOPLHr811f28X1Ux15BC8Y5u8uNUsoIi6KtZusEMkxU2OxjvUO fnjZDqJgeA0hDnVmgGLGDMZxEooMTlMuqxrA66b3MNWOVaucMIr0a+XV2ILl/EYO 1dzoTgfeIfulmUsbAgnWx2LU7BudAZONWqZgB/ucZpQqlld5tVELjwTu0xhOPJy5 YnMnr4SuDZWqNJNi0ci1LhnaZWVtDUhcq13EWbv5pdf5kLUkxbCoXxUXjta3/X8F IOVKX176o6y1mOvK17BCPBNhLwe8EScgLkimFAI8o9mXnRLWgj8bZxqEiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL7FKeJttUgdHSgDq6o4YdmiCrtsMB8GA1UdIwQY MBaAFDobAUTQ9v8Lg8zjdnlGMXRbfKegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEt MjUwNTQ0Mjc3ZDVjLzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82Mjg0MDYtM2UyYy00ODk2LTgyZWEtMjUwNTQ0Mjc3ZDVj LzEvT2hzQlJORDJfd3VEek9OMmVVWXhkRnQ4cDZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdkLymIqV mfgdAGngpqVO7u5tyG+HsVlJW023e9P8xFo9RbL5OFX6YezJUPYGYvUKVJYx8PiZ XkrInZB7Gh2S1tyd/NdVxOGSR6aSdhLZOyyafFQLlnP0T73H1vMZZI8c2LXzlWUJ garu46NoJMj53ixMBGG+Tc/2K495pUdNEYY2si8ErQtdzBe7dzFa8P9TYtCoOCeM lBvX+V/mA4og+TRZQvPyQbpXo/HOYfmvGIHqJxk7bsAzC+P8Vk55IkgUDnwsD3b9 ZV6fZkMCYvj8VEDCzdemc0MWxtLzqOcxXYaAnUwa/UBa39KVb8R5jEL4jI0cVuCb zy1SfG8Gu6lZOQ== -----END CERTIFICATE-----Generated at Mon Jan 12 02:23:54 2026 by rpki-client