This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft File: OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft (raw, json) Hash identifier: QH6dqFH8KMJYaX508Sp9+dLZPUG/wd/qwQYjw5gahyA= Subject key identifier: FE:71:BB:9C:E3:FA:D1:33:9A:D5:1C:D5:3F:D4:E2:4D:91:38:4F:D5 Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d Certificate serial: 019B804C1BC9935B4837FAF2F91EEFA06DE8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft Manifest number: 17C2 Signing time: Fri 02 Jan 2026 20:00:30 +0000 Manifest this update: Fri 02 Jan 2026 20:00:30 +0000 Manifest next update: Sat 03 Jan 2026 20:00:30 +0000 Files and hashes: 1: JgeqMp-5oO_S80v0VekWcg72-Eg.roa (hash: tVMPOaelruFEfeEIzj1RQOAzlajxyQUW4rwlWncH9tQ=) 2: OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl (hash: +lwqusPtkeodF7odeKnHNrNFQK6N+pqbWQt7HV5WKQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:80:4c:1b:c9:93:5b:48:37:fa:f2:f9:1e:ef:a0:6d:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d Validity Not Before: Jan 2 20:00:30 2026 GMT Not After : Jan 3 20:00:30 2026 GMT Subject: CN=fe71bb9ce3fad1339ad51cd53fd4e24d91384fd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3b:dd:87:3a:2d:d0:e9:7f:0e:18:ce:dd:f9: fd:d7:5e:8d:e5:91:54:af:fd:27:76:3b:ee:cb:54: 4e:1d:15:08:51:5c:b7:7f:29:50:0a:e1:04:5f:71: 20:bb:da:65:03:13:ce:51:25:ff:ce:1f:cc:13:2e: e3:8c:f0:d9:c2:d2:cc:82:14:c2:77:2d:26:1a:4a: 32:4a:c4:70:dd:87:c6:d3:38:fb:9f:39:64:c3:e5: 6b:42:95:4c:34:c3:fd:4d:af:04:04:72:ac:69:d7: a6:e1:72:ad:65:57:f1:8e:0e:c8:7f:63:87:8d:64: c7:50:64:71:6b:bb:16:0a:e3:b4:1b:38:7b:23:f1: 19:37:80:38:ad:8f:87:ca:44:f5:ba:e9:ca:88:bc: 31:c4:d3:95:fa:1a:00:fc:ac:67:2a:8b:96:e8:36: 72:3f:db:34:5a:0e:e9:3e:1a:29:2f:7b:24:2f:9d: 18:20:06:70:e8:33:fe:1f:97:b4:60:81:48:f0:3f: fe:bf:94:c6:97:b7:99:38:81:0b:f8:e5:d1:fd:f4: f5:6c:b1:84:f5:92:42:14:05:1e:09:cc:83:16:20: 7c:b1:1a:f5:34:79:30:41:ea:af:b1:9c:7d:d7:64: 39:6b:9c:ed:57:b0:dd:6c:ee:55:51:31:58:73:de: bc:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:71:BB:9C:E3:FA:D1:33:9A:D5:1C:D5:3F:D4:E2:4D:91:38:4F:D5 X509v3 Authority Key Identifier: keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:ea:68:bb:d3:cf:cd:2d:35:10:f0:b0:2b:06:a4:3c:8d:54: 2d:20:d3:f7:12:15:56:93:55:8e:00:53:8b:59:c7:cd:6d:80: 55:11:08:5f:b1:08:34:9f:eb:db:e6:4b:11:0f:54:1e:2f:83: 15:49:4f:16:0d:e4:b2:9e:b4:a1:11:59:92:96:78:14:67:5b: d2:a5:8f:ed:41:a2:4b:20:60:9d:e9:a6:e8:ca:4a:1a:13:1f: f7:8f:0f:37:e1:af:d9:4d:19:a7:9a:dd:81:6f:b0:f1:7f:af: 27:c1:f9:6f:f9:19:d3:9f:b7:b1:13:43:ea:11:9d:ce:41:6b: e0:dc:8c:48:47:00:6c:58:62:96:76:38:89:e9:cc:0c:65:ec: 2a:65:50:23:07:14:9b:3f:ca:15:ce:70:0e:0d:31:30:80:37: 60:f1:32:78:92:d8:c0:b7:79:3d:65:c3:d2:83:2e:b7:f3:74: 9d:fc:bd:ee:92:6f:76:50:64:f7:17:82:e3:89:3a:dd:f3:fd: 59:81:13:74:9f:fc:e4:65:28:e2:76:a8:9b:8f:b2:23:5f:47: 15:8e:64:db:de:23:89:c6:72:c3:b8:67:a1:7f:a4:e0:02:63: ce:03:d8:7d:24:2e:20:3b:b8:ef:24:0d:1e:54:2c:7f:f4:bc: 84:8b:1d:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuATBvJk1tIN/ry+R7voG3oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh YzY5MGQwHhcNMjYwMTAyMjAwMDMwWhcNMjYwMTAzMjAwMDMwWjAzMTEwLwYDVQQD EyhmZTcxYmI5Y2UzZmFkMTMzOWFkNTFjZDUzZmQ0ZTI0ZDkxMzg0ZmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDvdhzot0Ol/DhjO3fn9116N5ZFU r/0ndjvuy1ROHRUIUVy3fylQCuEEX3Egu9plAxPOUSX/zh/MEy7jjPDZwtLMghTC dy0mGkoySsRw3YfG0zj7nzlkw+VrQpVMNMP9Ta8EBHKsadem4XKtZVfxjg7If2OH jWTHUGRxa7sWCuO0Gzh7I/EZN4A4rY+HykT1uunKiLwxxNOV+hoA/KxnKouW6DZy P9s0Wg7pPhopL3skL50YIAZw6DP+H5e0YIFI8D/+v5TGl7eZOIEL+OXR/fT1bLGE 9ZJCFAUeCcyDFiB8sRr1NHkwQeqvsZx912Q5a5ztV7DdbO5VUTFYc9681wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP5xu5zj+tEzmtUc1T/U4k2ROE/VMB8GA1UdIwQY MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt NzEyZmE2NWEyNWJhLzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOpou9PP zS01EPCwKwakPI1ULSDT9xIVVpNVjgBTi1nHzW2AVREIX7EINJ/r2+ZLEQ9UHi+D FUlPFg3ksp60oRFZkpZ4FGdb0qWP7UGiSyBgnemm6MpKGhMf948PN+Gv2U0Zp5rd gW+w8X+vJ8H5b/kZ05+3sRND6hGdzkFr4NyMSEcAbFhilnY4ienMDGXsKmVQIwcU mz/KFc5wDg0xMIA3YPEyeJLYwLd5PWXD0oMut/N0nfy97pJvdlBk9xeC44k63fP9 WYETdJ/85GUo4naom4+yI19HFY5k294jicZyw7hnoX+k4AJjzgPYfSQuIDu47yQN HlQsf/S8hIsdow== -----END CERTIFICATE-----Generated at Sat Jan 3 00:59:52 2026 by rpki-client