This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft File: oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json) Hash identifier: +TFUgVbrQDxoOe2DCItCif4rHoHMFkpx2dXln0biEhw= Subject key identifier: 6D:A2:2E:DB:7B:67:A5:06:7E:0D:FB:37:C9:35:05:DA:91:CF:C5:CD Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 Certificate issuer: /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Certificate serial: 019BB696C57026D677F0359D8142987F04E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft Manifest number: 17C3 Signing time: Tue 13 Jan 2026 09:01:32 +0000 Manifest this update: Tue 13 Jan 2026 09:01:32 +0000 Manifest next update: Wed 14 Jan 2026 09:01:32 +0000 Files and hashes: 1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: sIWUy2vLV+83IJwk59YN31J0v8ETLyf3XBYpv9maf4g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 01:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b6:96:c5:70:26:d6:77:f0:35:9d:81:42:98:7f:04:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474 Validity Not Before: Jan 13 09:01:32 2026 GMT Not After : Jan 14 09:01:32 2026 GMT Subject: CN=6da22edb7b67a5067e0dfb37c93505da91cfc5cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:6a:e2:81:55:3b:09:c2:f9:71:80:68:50:52: 78:b1:89:f2:3c:88:7d:98:1c:57:a8:a7:1e:04:29: 95:02:55:8f:c5:8b:c0:14:c0:80:d0:93:5f:48:d4: b7:be:0b:4c:e7:2c:0d:f1:27:0e:8e:ed:e9:75:25: fc:cc:1b:bf:59:2a:1c:09:32:32:70:3c:8e:e6:dc: 81:b1:32:3f:1d:c1:72:98:17:a0:74:5d:87:da:32: 51:99:65:22:3e:60:ff:01:62:e8:14:2d:b1:44:03: 36:df:b9:29:53:fb:27:27:8a:6a:ee:aa:90:eb:ed: 6b:73:01:7f:93:15:e4:48:a6:58:ba:2d:40:b2:e5: 4a:0d:b8:d2:ed:c3:53:b9:9b:b7:60:2f:29:78:ea: ef:f1:39:b9:da:33:14:ef:55:9d:58:1f:d3:c3:18: d8:f2:e9:76:f4:e3:f6:de:5d:d9:ea:9b:85:c2:63: 20:ad:2f:d0:94:b5:a5:03:3e:ae:a8:53:05:6e:37: 09:dd:68:33:69:cd:c0:65:44:d2:58:b5:68:d2:94: 05:13:e0:8a:c0:75:a6:6b:1d:79:a2:55:36:ef:a4: d7:cb:8f:7c:2d:65:78:32:2a:2d:7f:81:81:85:2f: a2:84:b1:78:16:98:53:93:2d:36:f9:59:af:6b:73: d2:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:A2:2E:DB:7B:67:A5:06:7E:0D:FB:37:C9:35:05:DA:91:CF:C5:CD X509v3 Authority Key Identifier: keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:f1:d1:34:f8:07:41:67:67:23:aa:35:7b:cf:0f:f1:81:a5: f3:5a:c5:6f:29:a7:c6:50:44:b6:82:4f:d8:69:0a:77:91:81: 3e:47:a6:5f:51:29:a1:50:12:01:4b:9a:fb:f8:9a:34:ca:6a: 10:92:61:fd:4a:39:1e:64:7d:ba:dc:6c:cf:a8:d1:e8:f6:ec: 4e:3a:79:9b:6c:85:f1:3d:f4:3c:36:3f:91:e3:59:72:fb:42: 9d:23:dd:73:47:af:ef:26:37:12:37:22:97:e7:11:b3:37:3a: f8:c7:56:28:fd:a6:69:ac:00:a4:b1:23:98:c5:f1:52:81:47: 41:b1:70:95:4a:75:1c:03:43:70:27:08:e5:08:37:22:9b:aa: d3:1f:44:d7:2d:60:2a:47:e9:77:9b:bf:1e:2b:bb:94:44:55: c0:b4:e0:5a:85:2f:3c:79:4b:34:a4:68:cb:ef:bf:9a:24:c3: d8:51:82:87:6e:a3:5d:cc:72:78:fc:97:9d:2d:34:28:b6:b1: 24:50:39:d7:3c:c3:80:bc:81:af:5b:38:fa:a0:3f:80:84:cd: 75:fc:8a:62:8f:5f:b2:66:80:c3:d1:ae:42:8c:b9:db:32:7e: 6c:8d:b1:cc:01:30:35:e5:eb:96:71:a8:63:cb:6f:c5:89:51: 0d:1b:31:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZu2lsVwJtZ38DWdgUKYfwTiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm MjI0NzQwHhcNMjYwMTEzMDkwMTMyWhcNMjYwMTE0MDkwMTMyWjAzMTEwLwYDVQQD Eyg2ZGEyMmVkYjdiNjdhNTA2N2UwZGZiMzdjOTM1MDVkYTkxY2ZjNWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWrigVU7CcL5cYBoUFJ4sYnyPIh9 mBxXqKceBCmVAlWPxYvAFMCA0JNfSNS3vgtM5ywN8ScOju3pdSX8zBu/WSocCTIy cDyO5tyBsTI/HcFymBegdF2H2jJRmWUiPmD/AWLoFC2xRAM237kpU/snJ4pq7qqQ 6+1rcwF/kxXkSKZYui1AsuVKDbjS7cNTuZu3YC8peOrv8Tm52jMU71WdWB/TwxjY 8ul29OP23l3Z6puFwmMgrS/QlLWlAz6uqFMFbjcJ3Wgzac3AZUTSWLVo0pQFE+CK wHWmax15olU276TXy498LWV4Miotf4GBhS+ihLF4FphTky02+Vmva3PS3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG2iLtt7Z6UGfg37N8k1BdqRz8XNMB8GA1UdIwQY MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1 LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/HRNPgH QWdnI6o1e88P8YGl81rFbymnxlBEtoJP2GkKd5GBPkemX1EpoVASAUua+/iaNMpq EJJh/Uo5HmR9utxsz6jR6PbsTjp5m2yF8T30PDY/keNZcvtCnSPdc0ev7yY3Ejci l+cRszc6+MdWKP2maawApLEjmMXxUoFHQbFwlUp1HANDcCcI5Qg3Ipuq0x9E1y1g Kkfpd5u/Hiu7lERVwLTgWoUvPHlLNKRoy++/miTD2FGCh26jXcxyePyXnS00KLax JFA51zzDgLyBr1s4+qA/gITNdfyKYo9fsmaAw9GuQoy52zJ+bI2xzAEwNeXrlnGo Y8tvxYlRDRsxSQ== -----END CERTIFICATE-----Generated at Tue Jan 13 11:03:28 2026 by rpki-client