This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft File: oUx52o8IwpnEYya3m55CTkmmh1s.mft (raw, json) Hash identifier: mA0eBJeqUpe36EMZ83Box6ZsWOXZi1f6RdFq1fNcT0M= Subject key identifier: 92:04:42:B9:17:46:B1:95:E5:C6:E9:D3:D9:5F:01:B4:F0:7F:43:33 Authority key identifier: A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B Certificate issuer: /CN=a14c79da8f08c299c46326b79b9e424e49a6875b Certificate serial: 019BAC81468435E7B95DC801E253B542B1FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft Manifest number: 1752 Signing time: Sun 11 Jan 2026 10:01:51 +0000 Manifest this update: Sun 11 Jan 2026 10:01:51 +0000 Manifest next update: Mon 12 Jan 2026 10:01:51 +0000 Files and hashes: 1: oUx52o8IwpnEYya3m55CTkmmh1s.crl (hash: aoAZz0RnKNW3FRu/PLUBDgEkN1CykWvobK0labw6Z8E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ac:81:46:84:35:e7:b9:5d:c8:01:e2:53:b5:42:b1:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a14c79da8f08c299c46326b79b9e424e49a6875b Validity Not Before: Jan 11 10:01:51 2026 GMT Not After : Jan 12 10:01:51 2026 GMT Subject: CN=920442b91746b195e5c6e9d3d95f01b4f07f4333 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a4:b2:c6:d3:13:ec:08:f9:55:da:1b:95:62: 23:22:54:2e:ec:3a:8e:01:8f:ec:7c:36:84:94:f8: 7c:59:d9:52:15:f9:02:bc:e4:87:18:1a:ec:56:32: cd:fc:7a:94:aa:ff:cd:30:8a:65:da:72:14:ab:eb: fd:17:ab:fd:9e:45:6c:7e:e7:40:9e:8c:97:ba:f0: 7b:15:05:9d:41:46:38:6a:1b:8f:63:05:2c:54:d6: 44:88:0a:1d:88:b6:8a:7d:8b:e8:98:05:72:37:c7: 04:71:2a:d5:55:1f:21:0d:cb:94:56:1d:ab:ec:5c: 9c:64:49:9b:0f:57:f2:98:22:6d:a0:2a:b7:0c:e9: 77:02:e5:6a:73:c8:14:1c:67:38:cb:85:f8:37:fd: f5:fd:f0:e7:f1:b9:0e:47:ad:1a:13:35:c5:a7:72: 8a:99:ec:13:2c:77:21:a1:6c:87:3b:a8:c4:e8:eb: 58:fe:6e:37:c8:d3:6b:df:fe:df:34:f6:0f:99:c8: 9b:37:42:8b:66:83:27:7c:10:59:3c:35:63:29:d8: 1b:e7:c5:10:11:79:2b:a8:20:00:e9:ce:2f:d2:84: a2:79:fe:6e:16:8e:cd:67:44:19:60:05:53:41:94: a3:51:e8:7d:a1:66:f1:0c:33:a4:de:f6:55:34:66: bd:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:04:42:B9:17:46:B1:95:E5:C6:E9:D3:D9:5F:01:B4:F0:7F:43:33 X509v3 Authority Key Identifier: keyid:A1:4C:79:DA:8F:08:C2:99:C4:63:26:B7:9B:9E:42:4E:49:A6:87:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUx52o8IwpnEYya3m55CTkmmh1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/22eb53-4f60-411b-8409-d4c97ff6e11e/1/oUx52o8IwpnEYya3m55CTkmmh1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:76:4c:e2:c6:ea:a9:0b:5d:54:41:15:03:79:a4:43:ea:18: b6:db:53:b2:7e:e6:29:23:f1:bb:a2:3f:67:b0:06:ac:00:3c: 28:a2:13:09:76:3a:64:fc:62:33:f8:59:30:e1:29:79:0c:a9: 5e:9e:a2:7a:37:c9:73:9e:7d:c2:fd:4e:31:20:8d:91:82:81: 0c:19:65:9f:25:5b:db:4a:7e:e0:2e:fc:88:9b:31:df:65:ad: 17:99:33:4d:e8:e8:d4:1e:f9:02:7a:78:c1:7f:04:a6:c0:6a: 3a:ad:16:f5:d0:07:23:0e:f4:98:8b:a4:f4:59:50:48:bb:74: 87:8a:20:7f:4c:e4:d9:ee:6f:d7:b2:2f:04:f1:4e:98:2c:70: 6d:06:98:b7:b4:dd:73:cc:dc:09:a9:72:b0:7a:44:a0:2b:ab: 3d:1e:3a:90:06:e1:02:3f:e0:05:2b:d5:23:1d:45:78:da:78: b6:e1:0b:96:ed:98:e5:25:94:a6:03:bb:20:20:50:cf:6e:a6: 30:37:21:62:e6:f3:bc:7e:cb:2d:5f:8a:2b:09:e8:9d:34:01: 57:4a:ba:3d:73:d0:fe:c0:aa:7e:c4:73:28:4e:d6:f4:53:bc: 8a:40:ad:76:08:f7:22:ce:c7:a9:c4:6d:a5:94:b5:c5:92:11: f7:9d:2e:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZusgUaENee5XcgB4lO1QrH6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNGM3OWRhOGYwOGMyOTljNDYzMjZiNzliOWU0MjRlNDlh Njg3NWIwHhcNMjYwMTExMTAwMTUxWhcNMjYwMTEyMTAwMTUxWjAzMTEwLwYDVQQD Eyg5MjA0NDJiOTE3NDZiMTk1ZTVjNmU5ZDNkOTVmMDFiNGYwN2Y0MzMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaSyxtMT7Aj5VdoblWIjIlQu7DqO AY/sfDaElPh8WdlSFfkCvOSHGBrsVjLN/HqUqv/NMIpl2nIUq+v9F6v9nkVsfudA noyXuvB7FQWdQUY4ahuPYwUsVNZEiAodiLaKfYvomAVyN8cEcSrVVR8hDcuUVh2r 7FycZEmbD1fymCJtoCq3DOl3AuVqc8gUHGc4y4X4N/31/fDn8bkOR60aEzXFp3KK mewTLHchoWyHO6jE6OtY/m43yNNr3/7fNPYPmcibN0KLZoMnfBBZPDVjKdgb58UQ EXkrqCAA6c4v0oSief5uFo7NZ0QZYAVTQZSjUeh9oWbxDDOk3vZVNGa9CQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJIEQrkXRrGV5cbp09lfAbTwf0MzMB8GA1UdIwQY MBaAFKFMedqPCMKZxGMmt5ueQk5JpodbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDkt ZDRjOTdmZjZlMTFlLzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8yMmViNTMtNGY2MC00MTFiLTg0MDktZDRjOTdmZjZlMTFl LzEvb1V4NTJvOEl3cG5FWXlhM201NUNUa21taDFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnZM4sbq qQtdVEEVA3mkQ+oYtttTsn7mKSPxu6I/Z7AGrAA8KKITCXY6ZPxiM/hZMOEpeQyp Xp6iejfJc559wv1OMSCNkYKBDBllnyVb20p+4C78iJsx32WtF5kzTejo1B75Anp4 wX8EpsBqOq0W9dAHIw70mIuk9FlQSLt0h4ogf0zk2e5v17IvBPFOmCxwbQaYt7Td c8zcCalysHpEoCurPR46kAbhAj/gBSvVIx1FeNp4tuELlu2Y5SWUpgO7ICBQz26m MDchYubzvH7LLV+KKwnonTQBV0q6PXPQ/sCqfsRzKE7W9FO8ikCtdgj3Is7HqcRt pZS1xZIR950udA== -----END CERTIFICATE-----Generated at Sun Jan 11 15:08:34 2026 by rpki-client