This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft File: cOKzQXw5wP47u7xNUj7UN7KcWhw.mft (raw, json) Hash identifier: Ez6WbbtupCIcTReVNUeVRmCOSkowdWrMjnAFGbv9LOY= Subject key identifier: 2A:69:EF:79:45:60:36:2B:F4:2B:19:8B:3C:1F:3B:A0:0C:4D:C1:F9 Authority key identifier: 70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C Certificate issuer: /CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c Certificate serial: 019B7A4AB7A16FC518430ECCD06397A53392 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft Manifest number: 173A Signing time: Thu 01 Jan 2026 16:01:15 +0000 Manifest this update: Thu 01 Jan 2026 16:01:15 +0000 Manifest next update: Fri 02 Jan 2026 16:01:15 +0000 Files and hashes: 1: cOKzQXw5wP47u7xNUj7UN7KcWhw.crl (hash: EGkllLTpL+yi6Iom0lvlj8T6dJpDktKqFav6pqYAgLw=) 2: wZl766gEgIlD1PBWErT8JXtbQ6E.roa (hash: GJKy6CeHDJyN+o1oRpRHchOhI0KPIFrY454WKeTW5CM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:4a:b7:a1:6f:c5:18:43:0e:cc:d0:63:97:a5:33:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70e2b3417c39c0fe3bbbbc4d523ed437b29c5a1c Validity Not Before: Jan 1 16:01:15 2026 GMT Not After : Jan 2 16:01:15 2026 GMT Subject: CN=2a69ef794560362bf42b198b3c1f3ba00c4dc1f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:71:f3:70:05:70:a5:a8:59:3f:94:8b:99:0a: a3:58:5e:90:00:49:08:41:59:41:af:47:03:5e:dc: ba:47:31:a4:23:c1:0e:57:41:a7:5e:04:f1:d5:c2: 13:40:b6:a1:e5:7b:e3:b5:49:1c:67:cd:5b:cb:ef: 94:17:71:0a:17:02:e2:7c:a9:69:fb:23:79:96:2d: 1b:5c:c8:0a:19:3a:1b:87:a1:2a:a3:35:25:30:e7: ef:1e:7b:80:db:83:78:96:4b:a3:0e:e0:99:38:af: 51:86:79:22:70:74:c0:e7:4c:c2:23:cb:4f:5e:ed: 22:9b:50:3d:07:48:85:24:18:7d:f2:2d:df:34:85: 77:b1:89:8f:47:ef:13:b3:4e:0a:d9:7a:60:e3:38: c6:fc:46:ed:c6:b0:08:22:22:e9:1d:df:b8:f4:e2: 52:cd:96:1c:f7:75:46:38:bd:ff:3f:ff:be:79:4d: 49:d3:16:a9:39:c0:50:d3:d7:22:62:65:7c:93:a6: 54:d8:34:10:cb:8f:df:a6:d5:eb:f1:37:59:04:09: 6c:89:d6:4d:af:72:04:c9:04:57:bb:fc:e4:68:95: b9:ac:03:83:a1:b0:9e:8d:51:08:6b:45:7d:52:34: c5:20:a1:1c:57:2e:b2:c9:b8:da:28:da:03:bc:49: 8d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:69:EF:79:45:60:36:2B:F4:2B:19:8B:3C:1F:3B:A0:0C:4D:C1:F9 X509v3 Authority Key Identifier: keyid:70:E2:B3:41:7C:39:C0:FE:3B:BB:BC:4D:52:3E:D4:37:B2:9C:5A:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOKzQXw5wP47u7xNUj7UN7KcWhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8760ad-62c9-483f-bd2f-dc3b632e9e2b/1/cOKzQXw5wP47u7xNUj7UN7KcWhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:fb:24:39:df:96:42:ed:8d:0c:2c:b1:0b:01:68:1d:b1:13: ea:5c:5d:5f:eb:26:2f:d5:a8:87:55:60:ed:f0:9d:bf:14:c8: 8d:c9:d5:f9:8d:33:c7:f0:51:5a:11:30:8f:88:07:b7:bb:88: 98:6e:45:82:33:0c:23:63:7d:aa:28:cf:4e:7f:e7:06:c2:54: 77:13:53:9f:de:1c:7f:b7:a4:62:d0:d1:ac:31:54:6e:96:2c: e3:80:ca:ba:d7:b7:81:e4:23:0d:91:c8:f6:0c:23:0b:7d:d7: cb:5b:35:97:e0:d4:dc:d8:a4:e9:46:62:48:b5:39:3d:82:fc: ad:9a:17:23:59:a4:95:5a:04:87:b9:a2:4b:ce:ae:3e:31:d9: 27:01:12:a8:13:a4:a4:dd:ad:ca:9e:6b:26:43:a0:0d:ed:9c: 02:b9:74:35:85:c7:a7:e7:17:5c:8b:0f:77:8e:32:91:43:2e: f0:39:f4:7b:42:19:86:f4:5e:c4:56:05:c6:9e:04:02:f8:e9: 8d:db:6b:0a:e7:6c:0d:45:6c:26:ad:e6:65:a1:cf:7a:8d:f4: 1d:33:76:d8:8f:dd:e6:43:47:d7:79:41:cd:c4:6f:ca:14:54: 49:90:71:92:08:72:56:1f:e7:71:63:a2:4d:3f:cc:fa:02:ff: 75:ad:df:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt6Srehb8UYQw7M0GOXpTOSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZTJiMzQxN2MzOWMwZmUzYmJiYmM0ZDUyM2VkNDM3YjI5 YzVhMWMwHhcNMjYwMTAxMTYwMTE1WhcNMjYwMTAyMTYwMTE1WjAzMTEwLwYDVQQD EygyYTY5ZWY3OTQ1NjAzNjJiZjQyYjE5OGIzYzFmM2JhMDBjNGRjMWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3HzcAVwpahZP5SLmQqjWF6QAEkI QVlBr0cDXty6RzGkI8EOV0GnXgTx1cITQLah5XvjtUkcZ81by++UF3EKFwLifKlp +yN5li0bXMgKGTobh6EqozUlMOfvHnuA24N4lkujDuCZOK9RhnkicHTA50zCI8tP Xu0im1A9B0iFJBh98i3fNIV3sYmPR+8Ts04K2Xpg4zjG/EbtxrAIIiLpHd+49OJS zZYc93VGOL3/P/++eU1J0xapOcBQ09ciYmV8k6ZU2DQQy4/fptXr8TdZBAlsidZN r3IEyQRXu/zkaJW5rAODobCejVEIa0V9UjTFIKEcVy6yybjaKNoDvEmNrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCpp73lFYDYr9CsZizwfO6AMTcH5MB8GA1UdIwQY MBaAFHDis0F8OcD+O7u8TVI+1DeynFocMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYt ZGMzYjYzMmU5ZTJiLzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC84NzYwYWQtNjJjOS00ODNmLWJkMmYtZGMzYjYzMmU5ZTJi LzEvY09LelFYdzV3UDQ3dTd4TlVqN1VON0tjV2h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw/skOd+W Qu2NDCyxCwFoHbET6lxdX+smL9Woh1Vg7fCdvxTIjcnV+Y0zx/BRWhEwj4gHt7uI mG5FgjMMI2N9qijPTn/nBsJUdxNTn94cf7ekYtDRrDFUbpYs44DKute3geQjDZHI 9gwjC33Xy1s1l+DU3Nik6UZiSLU5PYL8rZoXI1mklVoEh7miS86uPjHZJwESqBOk pN2typ5rJkOgDe2cArl0NYXHp+cXXIsPd44ykUMu8Dn0e0IZhvRexFYFxp4EAvjp jdtrCudsDUVsJq3mZaHPeo30HTN22I/d5kNH13lBzcRvyhRUSZBxkghyVh/ncWOi TT/M+gL/da3fIg== -----END CERTIFICATE-----Generated at Thu Jan 1 17:31:35 2026 by rpki-client