This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json) Hash identifier: FzRQn8e1m4fBD5fgPhagT6ZK26VZ0nC8EazFBlOFDhw= Subject key identifier: 5A:3C:62:56:8E:BE:0F:71:E2:D1:0D:1A:F5:5D:F8:86:61:4E:E7:B6 Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11 Certificate serial: 019B9D445AB9ACBF80C63E77C26E4CB61097 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft Manifest number: 0AF2 Signing time: Thu 08 Jan 2026 11:01:01 +0000 Manifest this update: Thu 08 Jan 2026 11:01:01 +0000 Manifest next update: Fri 09 Jan 2026 11:01:01 +0000 Files and hashes: 1: Gt-80zXqf_s_u6U1np0ZyLE5Z40.roa (hash: xo9qKHdsqyfJiaN4I/AOjnmYmRnO4exFxr4FsuIGykQ=) 2: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: JDHjqSTKv2UsYCpnGenZewz1+IlUKJ7e4/84uk4QPTs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:44:5a:b9:ac:bf:80:c6:3e:77:c2:6e:4c:b6:10:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11 Validity Not Before: Jan 8 11:01:01 2026 GMT Not After : Jan 9 11:01:01 2026 GMT Subject: CN=5a3c62568ebe0f71e2d10d1af55df886614ee7b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c4:28:23:a1:a9:cd:7f:ff:d1:d2:c9:eb:a7: 5b:fe:39:40:12:93:fe:f3:12:85:e7:f0:c7:d7:63: 3f:25:17:0c:e7:e9:cb:d1:2d:93:b4:a8:55:08:de: ea:58:f0:83:63:cc:ec:48:d1:d0:f3:0a:d5:ca:b6: 61:95:3f:63:ac:e2:f1:ee:50:88:97:c9:2d:c6:f7: 3a:14:33:05:b2:64:2c:65:f3:c0:3a:62:37:26:8d: 2e:27:ed:09:cb:df:05:71:57:2d:31:05:8b:0c:11: aa:eb:a8:40:aa:af:77:a6:9a:3d:5f:1f:d8:af:c4: 39:ed:33:11:2f:0e:57:c7:55:e3:e0:62:91:4b:d4: d4:2e:aa:e4:6a:0f:14:95:4d:ae:da:3e:bb:8f:e3: d6:a1:ee:fe:aa:25:8e:62:fd:90:21:06:aa:b8:0a: 54:c9:cf:f5:de:53:40:6b:96:43:93:39:a5:05:89: 11:28:3f:7d:aa:7f:57:0e:67:d7:d5:b4:94:90:71: 62:5d:a4:21:89:7f:bf:ea:ce:a9:eb:db:8e:8e:c2: 45:ac:f8:aa:67:c1:84:1f:42:60:17:48:81:41:36: b1:f0:11:8f:7c:8c:0a:c4:74:1d:34:46:f5:bb:ed: b2:66:9c:34:66:2e:c2:88:75:fb:91:98:2e:6e:bf: 9d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:3C:62:56:8E:BE:0F:71:E2:D1:0D:1A:F5:5D:F8:86:61:4E:E7:B6 X509v3 Authority Key Identifier: keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:8b:fc:0e:17:1c:8e:10:55:5c:31:ed:6f:0b:c8:9f:fa:53: fd:17:34:2c:a8:0e:d6:c3:c0:ac:ec:b0:ca:88:1a:7c:c8:67: 57:6d:45:b5:6e:f0:ca:5c:76:47:d6:8f:61:59:99:9c:8a:64: 0f:cf:54:d9:23:49:85:6d:a5:a2:ab:e2:3d:16:e2:2b:c6:91: 76:64:f9:66:1a:8e:e2:dd:76:98:d7:56:dd:aa:b6:c1:de:f7: 98:a3:90:50:ed:7d:03:2a:c4:1c:8c:bf:6b:99:3f:cc:aa:60: ed:f6:cc:9b:7d:a9:49:a9:e9:d5:1b:46:74:a5:c9:3f:19:7a: 68:27:c6:21:a5:0f:6b:3e:e9:ed:79:b6:dd:d4:1f:5a:9f:34: 16:dd:3d:86:55:42:f7:43:2f:82:4f:86:fd:77:8b:42:2f:a1: c3:42:5c:ff:ff:cb:2f:0b:7d:c4:0a:0d:47:4d:c7:c3:07:89: 33:0f:d7:03:0e:3c:9a:cf:b8:60:8a:6e:7e:2a:81:f6:91:4f: 5f:80:22:42:1e:54:fc:46:eb:09:50:35:cb:e4:36:50:00:40: 7b:c4:90:ff:94:33:94:fe:ff:a3:1d:40:6b:95:4e:b6:d0:9e: 6c:b2:88:4c:93:0d:1b:e5:29:1d:b8:29:a4:2a:fa:b1:d2:97: 13:8b:fd:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZudRFq5rL+Axj53wm5MthCXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi ZWJiMTEwHhcNMjYwMTA4MTEwMTAxWhcNMjYwMTA5MTEwMTAxWjAzMTEwLwYDVQQD Eyg1YTNjNjI1NjhlYmUwZjcxZTJkMTBkMWFmNTVkZjg4NjYxNGVlN2I2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQoI6GpzX//0dLJ66db/jlAEpP+ 8xKF5/DH12M/JRcM5+nL0S2TtKhVCN7qWPCDY8zsSNHQ8wrVyrZhlT9jrOLx7lCI l8ktxvc6FDMFsmQsZfPAOmI3Jo0uJ+0Jy98FcVctMQWLDBGq66hAqq93ppo9Xx/Y r8Q57TMRLw5Xx1Xj4GKRS9TULqrkag8UlU2u2j67j+PWoe7+qiWOYv2QIQaquApU yc/13lNAa5ZDkzmlBYkRKD99qn9XDmfX1bSUkHFiXaQhiX+/6s6p69uOjsJFrPiq Z8GEH0JgF0iBQTax8BGPfIwKxHQdNEb1u+2yZpw0Zi7CiHX7kZgubr+dbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFo8YlaOvg9x4tENGvVd+IZhTue2MB8GA1UdIwQY MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADov8Dhcc jhBVXDHtbwvIn/pT/Rc0LKgO1sPArOywyogafMhnV21FtW7wylx2R9aPYVmZnIpk D89U2SNJhW2loqviPRbiK8aRdmT5ZhqO4t12mNdW3aq2wd73mKOQUO19AyrEHIy/ a5k/zKpg7fbMm32pSanp1RtGdKXJPxl6aCfGIaUPaz7p7Xm23dQfWp80Ft09hlVC 90Mvgk+G/XeLQi+hw0Jc///LLwt9xAoNR03HwweJMw/XAw48ms+4YIpufiqB9pFP X4AiQh5U/EbrCVA1y+Q2UABAe8SQ/5QzlP7/ox1Aa5VOttCebLKITJMNG+UpHbgp pCr6sdKXE4v9Zg== -----END CERTIFICATE-----Generated at Thu Jan 8 18:09:01 2026 by rpki-client