This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft File: kOszbVYE1HuugXI4sNu0l3HiRyk.mft (raw, json) Hash identifier: 9nWVywlp3hPluD6y2H26yG7VrH9E7W1VqFkm7QFjxYU= Subject key identifier: 29:03:65:9F:6D:B3:5D:3B:19:FE:DF:C3:B1:16:58:23:E0:13:D3:51 Authority key identifier: 90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29 Certificate issuer: /CN=90eb336d5604d47bae817238b0dbb49771e24729 Certificate serial: 019BAD5CC6B91683168F4281CA951EB775CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft Manifest number: 17C3 Signing time: Sun 11 Jan 2026 14:01:37 +0000 Manifest this update: Sun 11 Jan 2026 14:01:37 +0000 Manifest next update: Mon 12 Jan 2026 14:01:37 +0000 Files and hashes: 1: kOszbVYE1HuugXI4sNu0l3HiRyk.crl (hash: 8IeaKpmWcN4BkLJwWfFzxtdAtcICLPVATYUwJLBdwgw=) 2: mKOuhDb0lNg_dJ83TTrmFYMNIeA.roa (hash: Om4b1zrUyorfRjmzpKplEidWPKteQvqXZcg+Z0i4g3Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 14:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:5c:c6:b9:16:83:16:8f:42:81:ca:95:1e:b7:75:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90eb336d5604d47bae817238b0dbb49771e24729 Validity Not Before: Jan 11 14:01:37 2026 GMT Not After : Jan 12 14:01:37 2026 GMT Subject: CN=2903659f6db35d3b19fedfc3b1165823e013d351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:79:7a:9e:e9:d0:18:f3:06:5c:3a:92:57:59: 7a:a7:42:5a:fe:ed:41:c1:b1:8e:f8:9a:46:41:38: 59:4a:d1:84:02:12:73:f3:b0:fe:4e:bd:ad:d5:91: b9:6b:eb:ca:f2:b7:33:98:43:cb:0b:09:2f:ed:e2: 26:33:1e:d6:6e:19:71:4d:a5:f5:f2:d5:ef:da:19: ad:1c:39:00:84:c8:f4:9d:83:a8:d2:73:82:52:df: a9:bd:d8:96:7e:62:01:18:0d:41:c5:bc:7a:69:66: 1a:68:7a:78:02:95:27:93:0c:3b:b8:a0:a2:2c:41: 9b:8a:e4:20:18:40:7f:de:eb:04:4a:ac:a3:68:2c: 8b:2d:b1:0c:e3:b9:74:fb:41:d0:20:73:9d:88:1b: b0:a9:a6:25:c1:68:a0:ce:61:6c:ca:f5:d9:e5:a0: 93:10:55:e4:0c:bb:f1:95:74:79:bc:ee:9b:5a:8f: a3:56:cb:9f:ac:c6:34:10:cc:ee:38:0d:f0:56:47: ab:aa:7b:91:d6:18:7e:69:6c:bd:3b:39:f4:a8:ff: e0:57:2d:ab:68:90:7d:c6:86:36:5b:2c:ff:5c:51: 40:ce:61:6f:76:9c:1a:b4:26:85:d6:e6:58:68:c8: 48:02:24:27:5b:d8:a2:0a:09:7d:50:4c:fa:c2:5f: 43:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:03:65:9F:6D:B3:5D:3B:19:FE:DF:C3:B1:16:58:23:E0:13:D3:51 X509v3 Authority Key Identifier: keyid:90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:2b:02:ec:f1:4a:a7:86:e8:bc:5a:a9:a8:16:09:11:30:8d: ba:77:a9:93:6e:3c:aa:bf:53:b0:7c:3d:a7:c1:e8:b8:6c:59: e7:6c:aa:3e:06:93:2c:db:cc:c1:c7:33:d6:20:42:5d:8f:b8: 8a:f3:fe:03:84:57:86:4d:98:6c:c7:9b:4f:9f:46:c3:8a:97: 4e:c7:cc:0b:6c:85:f0:73:c4:1d:49:ff:c8:fe:21:96:76:61: 3c:3b:47:07:8e:ee:e3:e1:7c:3d:46:13:8b:c8:eb:c0:a9:56: c8:2b:5c:b4:82:d2:c4:42:81:4a:c7:bb:d8:33:5d:31:2b:2b: ae:2d:6f:54:54:d7:0f:46:47:f4:63:b7:ec:41:d6:dd:80:07: ed:4e:4c:e1:0e:3d:74:b4:eb:a9:d4:75:b0:ef:84:0a:aa:c5: 73:99:8f:31:cf:c3:5e:f9:71:2a:01:4a:22:95:8e:7e:01:93: f4:d2:71:92:0d:cb:0a:fb:ec:59:50:7b:0c:bc:a0:08:b6:0a: 0a:0a:05:70:21:57:3a:f9:6d:eb:2e:db:84:ac:7d:00:e3:03: 0f:15:64:65:67:39:c2:36:ca:61:bf:9d:5f:5c:15:49:e7:ab: f7:5c:d0:c8:5f:cc:7e:7f:91:13:50:1a:f6:b3:f0:b0:29:ae: f8:97:f0:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutXMa5FoMWj0KBypUet3XLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZWIzMzZkNTYwNGQ0N2JhZTgxNzIzOGIwZGJiNDk3NzFl MjQ3MjkwHhcNMjYwMTExMTQwMTM3WhcNMjYwMTEyMTQwMTM3WjAzMTEwLwYDVQQD EygyOTAzNjU5ZjZkYjM1ZDNiMTlmZWRmYzNiMTE2NTgyM2UwMTNkMzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHl6nunQGPMGXDqSV1l6p0Ja/u1B wbGO+JpGQThZStGEAhJz87D+Tr2t1ZG5a+vK8rczmEPLCwkv7eImMx7WbhlxTaX1 8tXv2hmtHDkAhMj0nYOo0nOCUt+pvdiWfmIBGA1Bxbx6aWYaaHp4ApUnkww7uKCi LEGbiuQgGEB/3usESqyjaCyLLbEM47l0+0HQIHOdiBuwqaYlwWigzmFsyvXZ5aCT EFXkDLvxlXR5vO6bWo+jVsufrMY0EMzuOA3wVkerqnuR1hh+aWy9Ozn0qP/gVy2r aJB9xoY2Wyz/XFFAzmFvdpwatCaF1uZYaMhIAiQnW9iiCgl9UEz6wl9DHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCkDZZ9ts107Gf7fw7EWWCPgE9NRMB8GA1UdIwQY MBaAFJDrM21WBNR7roFyOLDbtJdx4kcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWIt YjExOTI3NGFkNjU0LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWItYjExOTI3NGFkNjU0 LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCsC7PFK p4bovFqpqBYJETCNunepk248qr9TsHw9p8HouGxZ52yqPgaTLNvMwccz1iBCXY+4 ivP+A4RXhk2YbMebT59Gw4qXTsfMC2yF8HPEHUn/yP4hlnZhPDtHB47u4+F8PUYT i8jrwKlWyCtctILSxEKBSse72DNdMSsrri1vVFTXD0ZH9GO37EHW3YAH7U5M4Q49 dLTrqdR1sO+ECqrFc5mPMc/DXvlxKgFKIpWOfgGT9NJxkg3LCvvsWVB7DLygCLYK CgoFcCFXOvlt6y7bhKx9AOMDDxVkZWc5wjbKYb+dX1wVSeer91zQyF/Mfn+RE1Aa 9rPwsCmu+JfwVQ== -----END CERTIFICATE-----Generated at Sun Jan 11 23:58:27 2026 by rpki-client