This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft File: oKrlhQo22yiCKmwa_F_6z_AH7vI.mft (raw, json) Hash identifier: oyJi0qF/w3jg0jh7VSbHyj7e9eTJCG36i1YQabaT9UU= Subject key identifier: F9:BF:BC:D8:8B:2B:0E:92:50:DF:44:4F:4A:8D:B6:FF:15:C8:C6:48 Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Certificate serial: 019BB1023F457263B3F699DFF9C781312164 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft Manifest number: 0ABB Signing time: Mon 12 Jan 2026 07:01:13 +0000 Manifest this update: Mon 12 Jan 2026 07:01:13 +0000 Manifest next update: Tue 13 Jan 2026 07:01:13 +0000 Files and hashes: 1: A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa (hash: GGeYGfyoQGlOlTO2uMYQdKl/MdtFY8veEw/Zc71doVs=) 2: oKrlhQo22yiCKmwa_F_6z_AH7vI.crl (hash: Rliq2ZW4CPmN4f1Ulx9rEAHUe42MsXqWWyCHok17JxI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 07:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b1:02:3f:45:72:63:b3:f6:99:df:f9:c7:81:31:21:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Validity Not Before: Jan 12 07:01:13 2026 GMT Not After : Jan 13 07:01:13 2026 GMT Subject: CN=f9bfbcd88b2b0e9250df444f4a8db6ff15c8c648 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:28:33:79:30:29:4f:b9:7c:49:26:c2:d5:dd: dc:7f:56:db:65:0d:6d:49:6d:aa:62:62:2b:d8:36: fa:37:43:73:79:ee:a6:e2:cf:b7:ae:4e:7c:e2:44: 9a:ef:4a:f4:06:0e:6b:7c:e9:07:0d:bf:1d:92:40: af:23:b6:56:4d:c2:c5:75:5a:8f:05:9c:87:55:5e: 57:42:b6:b8:20:f6:f1:0a:64:c0:66:9e:de:05:95: 9a:c7:56:83:72:24:6f:b7:a8:40:fa:12:df:8c:c0: 6e:ed:83:8b:4b:1b:49:03:65:98:bd:6a:8a:49:cb: 36:dd:64:ff:2a:70:10:10:4e:a5:b1:23:e8:05:93: 57:b6:cc:37:da:cd:53:9a:34:7b:6a:cc:45:51:c0: 03:da:bb:07:fc:02:07:77:08:55:c5:9d:fd:a0:3f: b5:3d:4c:14:aa:5b:12:f2:df:58:72:e5:a9:9b:d2: f4:35:83:34:ec:3b:83:3d:35:88:28:ca:06:17:44: 02:4b:e4:79:9b:3f:61:41:a2:24:8c:ad:8c:ab:b6: 0d:51:88:ff:68:fd:06:f6:a9:2a:52:53:63:71:97: 7c:10:a5:69:20:86:f8:8a:ba:97:97:b2:61:95:6f: 4d:a7:d4:76:a6:4f:3b:ff:c9:76:16:12:ba:51:6f: 60:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:BF:BC:D8:8B:2B:0E:92:50:DF:44:4F:4A:8D:B6:FF:15:C8:C6:48 X509v3 Authority Key Identifier: keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:70:62:59:07:aa:ba:5b:3e:04:4a:52:55:77:30:f3:f5:a3: af:3a:21:4c:cd:2c:bb:d8:eb:4f:80:0b:31:fd:34:a8:16:b1: 84:35:e1:97:d9:67:99:5d:a7:4e:3b:3c:29:8f:03:4e:f6:37: 09:4f:b5:93:90:7e:9b:2e:b7:1e:aa:ae:4e:6e:46:59:45:e4: de:19:1d:0f:52:55:92:ca:31:3e:9f:c6:56:35:43:2f:3f:e3: 69:d8:3e:b9:af:2d:7e:03:9e:16:c1:b9:3f:a7:c0:df:ad:2a: e3:a0:02:b2:7f:48:95:18:b4:06:1e:0b:d9:79:fd:4d:a9:03: cd:21:f4:49:99:64:a4:0f:81:f4:14:30:a2:6e:e6:01:67:d6: e1:0d:75:93:3d:2a:62:39:1b:cd:a6:4b:6b:80:f7:6c:df:b0: 4b:f0:2d:dd:d5:a7:84:2e:1d:84:7d:44:7a:2a:41:e1:89:f3: 7e:9a:ad:14:33:2e:b6:22:d6:14:8e:34:b0:f4:8b:a9:11:50: a8:aa:9f:9e:56:09:8c:fd:06:00:62:c9:0f:64:6a:98:c8:10: d9:83:0d:de:a9:0e:e7:9d:ad:79:33:6f:50:80:b0:7c:32:cf: 4b:a9:71:13:f2:80:a0:71:eb:38:f8:04:57:a1:f0:37:19:c0: b2:0d:af:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuxAj9FcmOz9pnf+ceBMSFkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw N2VlZjIwHhcNMjYwMTEyMDcwMTEzWhcNMjYwMTEzMDcwMTEzWjAzMTEwLwYDVQQD EyhmOWJmYmNkODhiMmIwZTkyNTBkZjQ0NGY0YThkYjZmZjE1YzhjNjQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSgzeTApT7l8SSbC1d3cf1bbZQ1t SW2qYmIr2Db6N0Nzee6m4s+3rk584kSa70r0Bg5rfOkHDb8dkkCvI7ZWTcLFdVqP BZyHVV5XQra4IPbxCmTAZp7eBZWax1aDciRvt6hA+hLfjMBu7YOLSxtJA2WYvWqK Scs23WT/KnAQEE6lsSPoBZNXtsw32s1TmjR7asxFUcAD2rsH/AIHdwhVxZ39oD+1 PUwUqlsS8t9YcuWpm9L0NYM07DuDPTWIKMoGF0QCS+R5mz9hQaIkjK2Mq7YNUYj/ aP0G9qkqUlNjcZd8EKVpIIb4irqXl7JhlW9Np9R2pk87/8l2FhK6UW9gzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPm/vNiLKw6SUN9ET0qNtv8VyMZIMB8GA1UdIwQY MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt MjgxOWU0YzVmMTIzLzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHBiWQeq uls+BEpSVXcw8/WjrzohTM0su9jrT4ALMf00qBaxhDXhl9lnmV2nTjs8KY8DTvY3 CU+1k5B+my63HqquTm5GWUXk3hkdD1JVksoxPp/GVjVDLz/jadg+ua8tfgOeFsG5 P6fA360q46ACsn9IlRi0Bh4L2Xn9TakDzSH0SZlkpA+B9BQwom7mAWfW4Q11kz0q YjkbzaZLa4D3bN+wS/At3dWnhC4dhH1EeipB4YnzfpqtFDMutiLWFI40sPSLqRFQ qKqfnlYJjP0GAGLJD2RqmMgQ2YMN3qkO552teTNvUICwfDLPS6lxE/KAoHHrOPgE V6HwNxnAsg2vEw== -----END CERTIFICATE-----Generated at Mon Jan 12 15:47:08 2026 by rpki-client