This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.mft File: OA-TW80EhiXnAVXPLMKCniwgcqY.mft (raw, json) Hash identifier: gqMwM9VFs+HfuVEBZTPUQU8jwWLEyp4BsuHv4fa3uBg= Subject key identifier: 00:D3:74:82:56:8F:AC:72:0B:DA:75:8A:15:A6:E8:1B:D3:D6:0A:80 Authority key identifier: 38:0F:93:5B:CD:04:86:25:E7:01:55:CF:2C:C2:82:9E:2C:20:72:A6 Certificate issuer: /CN=380f935bcd048625e70155cf2cc2829e2c2072a6 Certificate serial: 019BAD25A754753D099520E4C0E99801BB6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA-TW80EhiXnAVXPLMKCniwgcqY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.mft Manifest number: 04A8 Signing time: Sun 11 Jan 2026 13:01:24 +0000 Manifest this update: Sun 11 Jan 2026 13:01:24 +0000 Manifest next update: Mon 12 Jan 2026 13:01:24 +0000 Files and hashes: 1: OA-TW80EhiXnAVXPLMKCniwgcqY.crl (hash: DgOKod3lZ2DEQLBkPr3NXCireyCfp1xDj/Sx9P/0UOk=) 2: Q9r_G5mN-fpHCEEziTRaRU3KmFI.roa (hash: hXNMo0ooe3x7ylZ3iHUiRzE6Xm2lDI4+UmM5cDjZux0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.mft rsync://rpki.ripe.net/repository/DEFAULT/OA-TW80EhiXnAVXPLMKCniwgcqY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 13:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:25:a7:54:75:3d:09:95:20:e4:c0:e9:98:01:bb:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=380f935bcd048625e70155cf2cc2829e2c2072a6 Validity Not Before: Jan 11 13:01:24 2026 GMT Not After : Jan 12 13:01:24 2026 GMT Subject: CN=00d37482568fac720bda758a15a6e81bd3d60a80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:10:9a:05:ac:4d:aa:96:68:8c:d1:e3:dc:a1: 16:fc:e8:bc:83:c0:50:2c:e5:01:89:cb:6d:41:ee: 33:22:d9:e2:73:76:69:07:d6:1d:50:99:e8:f5:d3: e1:f5:3c:c5:f3:79:44:be:58:ca:9b:9c:09:ff:a3: 74:f2:93:8a:5f:16:bd:b1:11:34:8f:35:a3:95:98: 64:95:b5:91:64:7f:de:d8:5b:95:25:25:d7:2a:50: 14:30:2a:dc:c9:bd:f1:0f:a8:6b:97:96:ec:d9:9a: 76:a0:8c:88:31:b1:77:f6:44:d9:a4:52:00:e8:fd: 51:3c:17:e8:c1:cb:e9:39:b0:e2:44:72:02:01:46: e2:6a:9a:64:40:37:aa:46:cb:db:5d:6d:1a:e1:36: bb:a8:7a:82:e8:6d:a1:ae:26:56:64:a3:db:c6:ff: 2e:3b:9d:1c:0e:e9:df:a6:f4:47:b9:db:ff:d5:51: c2:7e:90:8b:e7:80:46:69:06:da:2d:24:e8:95:e2: c8:36:d6:17:36:1a:b9:2b:d6:70:b5:2b:9e:3f:cc: 6a:ac:b8:97:f5:e0:f4:39:0f:e7:e4:57:ff:e8:82: 49:25:e5:ab:51:37:dd:60:dc:ff:2d:a8:8f:72:2b: cc:78:59:a4:14:71:40:6f:93:e6:25:99:65:d6:e5: 81:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:D3:74:82:56:8F:AC:72:0B:DA:75:8A:15:A6:E8:1B:D3:D6:0A:80 X509v3 Authority Key Identifier: keyid:38:0F:93:5B:CD:04:86:25:E7:01:55:CF:2C:C2:82:9E:2C:20:72:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA-TW80EhiXnAVXPLMKCniwgcqY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/22744a-8588-4290-b23c-6c0771f25396/1/OA-TW80EhiXnAVXPLMKCniwgcqY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:4a:13:01:b2:2a:a0:e5:5e:21:d1:0a:1c:ae:67:dd:5c:e3: f4:9a:5c:d2:d2:d0:59:d4:1f:3f:5d:52:43:56:7a:2b:f7:fa: ae:a3:0d:c7:b4:93:89:a7:3f:c7:ff:ac:21:76:cd:4b:b2:c2: 54:ac:4a:b6:c6:2a:31:5d:75:d6:a1:82:c1:dd:5d:e8:73:79: 16:48:37:97:d7:c0:47:cf:ed:36:a0:99:74:ff:5e:96:35:b6: e7:07:1b:92:93:e2:ab:36:c8:4a:53:e4:71:1c:60:f9:4d:e9: 3a:8c:8c:a6:9e:1a:80:85:a8:55:70:9d:0a:f4:dd:ea:5e:90: fc:51:01:a2:e4:b6:09:d4:5c:43:6f:f4:06:d4:d7:78:1e:5c: 51:33:ba:02:60:bc:d5:a8:51:0a:9c:1e:9a:ec:77:aa:a1:bc: 92:55:c5:4c:63:4e:9f:c0:67:66:69:ef:8c:04:32:17:a3:80: 33:37:96:52:e7:15:66:4e:18:fd:c1:71:d0:d9:18:d8:c4:9f: cd:fe:f4:ae:58:69:dd:e3:92:ab:3a:cc:55:51:4e:d8:39:97: 49:ff:b7:4c:4f:5d:e2:6a:e6:a8:8b:b2:de:61:fb:25:53:f0: 30:e8:1e:8f:4c:1d:a4:c8:9e:0d:22:01:46:9e:8d:54:f4:ea: 58:e0:c1:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutJadUdT0JlSDkwOmYAbtrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MGY5MzViY2QwNDg2MjVlNzAxNTVjZjJjYzI4MjllMmMy MDcyYTYwHhcNMjYwMTExMTMwMTI0WhcNMjYwMTEyMTMwMTI0WjAzMTEwLwYDVQQD EygwMGQzNzQ4MjU2OGZhYzcyMGJkYTc1OGExNWE2ZTgxYmQzZDYwYTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hCaBaxNqpZojNHj3KEW/Oi8g8BQ LOUBicttQe4zItnic3ZpB9YdUJno9dPh9TzF83lEvljKm5wJ/6N08pOKXxa9sRE0 jzWjlZhklbWRZH/e2FuVJSXXKlAUMCrcyb3xD6hrl5bs2Zp2oIyIMbF39kTZpFIA 6P1RPBfowcvpObDiRHICAUbiappkQDeqRsvbXW0a4Ta7qHqC6G2hriZWZKPbxv8u O50cDunfpvRHudv/1VHCfpCL54BGaQbaLSToleLINtYXNhq5K9ZwtSueP8xqrLiX 9eD0OQ/n5Ff/6IJJJeWrUTfdYNz/LaiPcivMeFmkFHFAb5PmJZll1uWBbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFADTdIJWj6xyC9p1ihWm6BvT1gqAMB8GA1UdIwQY MBaAFDgPk1vNBIYl5wFVzyzCgp4sIHKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0EtVFc4MEVoaVhuQVZYUExNS0NuaXdnY3FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yMjc0NGEtODU4OC00MjkwLWIyM2Mt NmMwNzcxZjI1Mzk2LzEvT0EtVFc4MEVoaVhuQVZYUExNS0NuaXdnY3FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8yMjc0NGEtODU4OC00MjkwLWIyM2MtNmMwNzcxZjI1Mzk2 LzEvT0EtVFc4MEVoaVhuQVZYUExNS0NuaXdnY3FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkoTAbIq oOVeIdEKHK5n3Vzj9Jpc0tLQWdQfP11SQ1Z6K/f6rqMNx7STiac/x/+sIXbNS7LC VKxKtsYqMV111qGCwd1d6HN5Fkg3l9fAR8/tNqCZdP9eljW25wcbkpPiqzbISlPk cRxg+U3pOoyMpp4agIWoVXCdCvTd6l6Q/FEBouS2CdRcQ2/0BtTXeB5cUTO6AmC8 1ahRCpwemux3qqG8klXFTGNOn8BnZmnvjAQyF6OAMzeWUucVZk4Y/cFx0NkY2MSf zf70rlhp3eOSqzrMVVFO2DmXSf+3TE9d4mrmqIuy3mH7JVPwMOgej0wdpMieDSIB Rp6NVPTqWODBew== -----END CERTIFICATE-----Generated at Sun Jan 11 23:04:46 2026 by rpki-client