This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft File: O33D0CKCjk9bNr3vehiwuwz7rgk.mft (raw, json) Hash identifier: WSQ8zb9+cVk5FH4HjUKVuogxS4KVHpFWQ3XKvnBu4ZE= Subject key identifier: 38:40:D8:60:4C:DD:F2:60:3D:C9:1C:47:B5:BC:E0:47:EB:23:3F:B1 Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09 Certificate issuer: /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09 Certificate serial: 019B95F87C9359D25380CD3D576DB1821B6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft Manifest number: 0FCB Signing time: Wed 07 Jan 2026 01:00:48 +0000 Manifest this update: Wed 07 Jan 2026 01:00:48 +0000 Manifest next update: Thu 08 Jan 2026 01:00:48 +0000 Files and hashes: 1: CJjsxGugLLvFbEHWxKghiGCE6lc.roa (hash: cOhc+r4MNkPP5359GE1QtRWPIxNlJ+rMixUIriIgwqM=) 2: O33D0CKCjk9bNr3vehiwuwz7rgk.crl (hash: h7jbBcHaIZD604q2wI0FN8rqV4+2q3GXRRHxSUtAdIU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 23:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:95:f8:7c:93:59:d2:53:80:cd:3d:57:6d:b1:82:1b:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09 Validity Not Before: Jan 7 01:00:48 2026 GMT Not After : Jan 8 01:00:48 2026 GMT Subject: CN=3840d8604cddf2603dc91c47b5bce047eb233fb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d1:fe:1d:13:e0:95:bf:90:af:bc:1c:59:5b: fe:70:75:c5:a9:ae:bc:ad:1e:bd:f3:b4:52:88:e8: 8a:3e:1c:b9:30:76:d5:24:6e:4e:4f:b4:aa:b8:79: 65:ed:f5:4b:54:b1:5d:b7:77:8e:76:09:e6:80:3e: 1a:d6:3e:ea:f8:ef:e3:5a:19:96:7d:29:08:46:f8: 68:38:09:df:39:de:48:f2:11:8a:32:61:3f:66:93: 51:e8:84:2c:dd:a0:a8:f8:a1:c0:9c:47:87:74:32: 51:a0:f2:72:f6:ea:fb:a1:aa:9a:28:e3:e4:f6:8c: 57:0d:b0:a1:20:02:f1:1f:56:09:81:61:b8:b7:85: 53:47:d6:fc:c4:c4:7c:f4:56:81:83:be:0e:9b:a1: 57:ea:95:a2:75:61:ea:ac:3d:a8:46:2f:6c:fc:38: 28:1a:e2:6e:68:6d:88:6c:b7:60:e3:f2:f4:c2:52: d5:c7:aa:64:fd:24:98:23:b0:72:59:9e:c3:08:4f: a2:1c:d5:39:43:3e:7b:a3:8e:77:df:d7:b8:37:32: bc:52:74:90:8c:aa:6e:b8:98:37:84:22:60:58:76: 50:45:f6:4d:d8:6c:2f:dc:65:c4:67:f0:af:30:19: 53:91:c2:48:2d:07:d9:f1:c2:36:50:64:ad:6e:62: bf:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:40:D8:60:4C:DD:F2:60:3D:C9:1C:47:B5:BC:E0:47:EB:23:3F:B1 X509v3 Authority Key Identifier: keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:f8:e3:01:f9:b1:79:29:07:5b:e9:a0:61:32:37:7b:28:23: 14:6b:8b:89:5c:0a:85:78:f5:2b:9e:1e:16:1e:04:32:2b:a6: ab:cf:93:be:24:ab:77:fc:f2:4f:cb:64:15:42:b4:97:80:77: 9a:7c:97:ac:86:52:64:15:36:69:2b:9e:5f:f8:74:2b:fb:0a: 48:0c:ef:8e:ca:b8:b6:e5:51:e0:85:30:8e:45:8f:31:f0:4c: 2d:1c:9c:05:07:9d:d7:6c:20:4f:b0:09:13:b7:ef:7b:05:a5: c8:8f:31:97:11:98:91:b2:ba:e0:6d:91:d3:79:95:85:bb:08: c9:86:46:8a:e2:c0:ed:4e:23:0b:46:8f:7b:9d:fc:ab:50:02: 34:c5:dc:f6:45:9c:44:10:ca:23:4a:d8:ea:60:48:e7:07:a7: eb:79:bb:fd:4a:34:66:7c:f5:77:b2:bc:ef:88:0b:a2:58:dd: 8e:63:4c:50:07:27:aa:de:cc:3f:71:89:62:55:f3:17:22:5e: c7:15:69:36:fa:b8:8d:2f:86:2b:44:de:39:ae:31:fa:8c:c4: c4:be:0c:3f:67:d8:82:8d:bc:2e:64:9c:ed:51:28:19:5e:90: 10:c3:e2:8b:90:dc:72:81:da:4e:a2:40:8d:16:9a:c6:d5:a2: b6:26:bb:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuV+HyTWdJTgM09V22xghtrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiN2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNm YmFlMDkwHhcNMjYwMTA3MDEwMDQ4WhcNMjYwMTA4MDEwMDQ4WjAzMTEwLwYDVQQD EygzODQwZDg2MDRjZGRmMjYwM2RjOTFjNDdiNWJjZTA0N2ViMjMzZmIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstH+HRPglb+Qr7wcWVv+cHXFqa68 rR6987RSiOiKPhy5MHbVJG5OT7SquHll7fVLVLFdt3eOdgnmgD4a1j7q+O/jWhmW fSkIRvhoOAnfOd5I8hGKMmE/ZpNR6IQs3aCo+KHAnEeHdDJRoPJy9ur7oaqaKOPk 9oxXDbChIALxH1YJgWG4t4VTR9b8xMR89FaBg74Om6FX6pWidWHqrD2oRi9s/Dgo GuJuaG2IbLdg4/L0wlLVx6pk/SSYI7ByWZ7DCE+iHNU5Qz57o45339e4NzK8UnSQ jKpuuJg3hCJgWHZQRfZN2Gwv3GXEZ/CvMBlTkcJILQfZ8cI2UGStbmK/RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDhA2GBM3fJgPckcR7W84EfrIz+xMB8GA1UdIwQY MBaAFDt9w9Aigo5PWza973oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGIt NzE5NDhlM2M5YWQ0LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0 LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABvjjAfmx eSkHW+mgYTI3eygjFGuLiVwKhXj1K54eFh4EMiumq8+TviSrd/zyT8tkFUK0l4B3 mnyXrIZSZBU2aSueX/h0K/sKSAzvjsq4tuVR4IUwjkWPMfBMLRycBQed12wgT7AJ E7fvewWlyI8xlxGYkbK64G2R03mVhbsIyYZGiuLA7U4jC0aPe538q1ACNMXc9kWc RBDKI0rY6mBI5wen63m7/Uo0Znz1d7K874gLoljdjmNMUAcnqt7MP3GJYlXzFyJe xxVpNvq4jS+GK0TeOa4x+ozExL4MP2fYgo28LmSc7VEoGV6QEMPii5DccoHaTqJA jRaaxtWitia7Aw== -----END CERTIFICATE-----Generated at Wed Jan 7 07:00:16 2026 by rpki-client