This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft File: O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json) Hash identifier: vTlF2eARqd3Z9ADjD5OQE3e0sZTDXSYbX/Dll4kmHvI= Subject key identifier: E0:9C:46:78:07:DC:00:70:1C:AE:44:10:A7:FC:DE:EE:41:5A:BC:E8 Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 Certificate issuer: /CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Certificate serial: 019BAE6FB9A159021592430300AE2CF8B95C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft Manifest number: 0954 Signing time: Sun 11 Jan 2026 19:01:56 +0000 Manifest this update: Sun 11 Jan 2026 19:01:56 +0000 Manifest next update: Mon 12 Jan 2026 19:01:56 +0000 Files and hashes: 1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: OiaW5TT3lxTtm2UktnMfJ78HsQRcjxNnx69xKnMGJAY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:6f:b9:a1:59:02:15:92:43:03:00:ae:2c:f8:b9:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Validity Not Before: Jan 11 19:01:56 2026 GMT Not After : Jan 12 19:01:56 2026 GMT Subject: CN=e09c467807dc00701cae4410a7fcdeee415abce8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:45:33:47:61:dd:a1:32:f8:72:9e:6b:50:dd: f7:f4:e0:d6:bf:a1:d4:fd:f4:1b:2c:06:60:29:a2: 34:c3:c0:72:7b:53:1b:8a:77:8d:40:8c:76:23:dd: 4c:cc:fc:a4:93:51:f2:4a:b8:32:ed:e2:1b:e5:7b: 22:a0:d7:69:c7:d9:63:ae:2d:b9:eb:b4:30:4c:d3: 00:b2:60:ba:72:84:15:44:7d:9c:78:61:d6:fa:47: 34:5e:1b:5d:ad:1d:d3:19:7e:06:c5:11:c4:4d:63: d3:6e:9f:58:0f:d0:80:cb:de:60:a8:be:85:ab:d1: 92:08:56:73:cc:f2:f7:c0:e2:05:80:83:09:ba:2d: dc:39:dc:0d:be:ef:c2:19:09:08:3e:ca:63:22:2b: b6:d4:83:e0:86:52:27:d3:b2:11:43:24:92:08:96: ca:65:df:b4:14:6e:8a:93:74:ec:56:70:94:0e:66: cd:df:27:35:a3:18:aa:7c:29:9d:53:31:b3:e0:5c: 2f:61:dd:3f:a5:fb:03:dd:4b:7f:0e:af:27:5d:04: 18:78:91:42:34:d7:61:d3:81:73:a0:a1:f5:ed:01: bc:e9:b8:5e:ae:dd:7a:29:fc:42:36:c3:90:dc:c3: 49:aa:14:bc:a6:56:54:6e:e6:23:7e:f1:af:a2:12: 83:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:9C:46:78:07:DC:00:70:1C:AE:44:10:A7:FC:DE:EE:41:5A:BC:E8 X509v3 Authority Key Identifier: keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:68:d7:86:9c:e0:83:11:d8:ab:2a:c3:79:4b:d9:89:6e:c4: 18:ab:d1:e2:a3:c3:6e:87:96:a3:29:24:b7:36:fc:43:44:5d: 83:a9:2f:ba:51:22:19:59:61:42:be:26:b6:74:1b:99:0a:46: c5:0b:75:0b:9c:d8:36:ab:08:d0:99:be:1d:04:60:94:d5:20: ee:56:25:1d:7d:cf:61:a5:5d:a0:32:a7:80:1a:4e:19:86:68: a3:8a:e2:97:1d:e2:01:37:ce:88:51:65:69:07:f8:c0:a7:5b: bf:ab:11:af:55:72:3d:c8:38:11:59:11:1b:d9:61:34:ad:19: 37:49:94:d2:f9:77:1c:7c:9a:f7:38:55:da:ca:8e:ee:56:01: 2e:92:b6:3e:01:c7:ba:f9:23:99:1b:b7:fe:3f:cf:0f:51:ba: 5e:87:ba:b2:d7:3f:88:09:26:e1:20:94:76:e2:a7:54:47:a6: 7e:6a:71:5a:e8:76:62:24:cf:4a:ab:4d:2f:82:87:17:8d:fc: c1:2d:84:33:20:7c:21:16:84:c5:bf:cd:88:5c:b9:87:0a:03: 8a:48:c3:25:28:3e:d8:b0:e5:4b:b4:96:08:c6:33:87:5f:dd: 08:af:49:e6:fb:70:17:ce:da:87:3b:4d:9a:09:06:e8:f7:9f: 65:44:6c:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuub7mhWQIVkkMDAK4s+LlcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl MDdiNTQwHhcNMjYwMTExMTkwMTU2WhcNMjYwMTEyMTkwMTU2WjAzMTEwLwYDVQQD EyhlMDljNDY3ODA3ZGMwMDcwMWNhZTQ0MTBhN2ZjZGVlZTQxNWFiY2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEUzR2HdoTL4cp5rUN339ODWv6HU /fQbLAZgKaI0w8Bye1MbineNQIx2I91MzPykk1HySrgy7eIb5XsioNdpx9ljri25 67QwTNMAsmC6coQVRH2ceGHW+kc0XhtdrR3TGX4GxRHETWPTbp9YD9CAy95gqL6F q9GSCFZzzPL3wOIFgIMJui3cOdwNvu/CGQkIPspjIiu21IPghlIn07IRQySSCJbK Zd+0FG6Kk3TsVnCUDmbN3yc1oxiqfCmdUzGz4FwvYd0/pfsD3Ut/Dq8nXQQYeJFC NNdh04FzoKH17QG86bhert16KfxCNsOQ3MNJqhS8plZUbuYjfvGvohKD+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOCcRngH3ABwHK5EEKf83u5BWrzoMB8GA1UdIwQY MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5 LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2jXhpzg gxHYqyrDeUvZiW7EGKvR4qPDboeWoykktzb8Q0Rdg6kvulEiGVlhQr4mtnQbmQpG xQt1C5zYNqsI0Jm+HQRglNUg7lYlHX3PYaVdoDKngBpOGYZoo4rilx3iATfOiFFl aQf4wKdbv6sRr1VyPcg4EVkRG9lhNK0ZN0mU0vl3HHya9zhV2sqO7lYBLpK2PgHH uvkjmRu3/j/PD1G6Xoe6stc/iAkm4SCUduKnVEemfmpxWuh2YiTPSqtNL4KHF438 wS2EMyB8IRaExb/NiFy5hwoDikjDJSg+2LDlS7SWCMYzh1/dCK9J5vtwF87ahztN mgkG6PefZURsag== -----END CERTIFICATE-----Generated at Mon Jan 12 02:35:35 2026 by rpki-client