This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft File: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json) Hash identifier: hjbruI4FMzRleiAWhkPOwkt8D3+Ub5Ewrsz/E3MOyY8= Subject key identifier: 46:CA:36:81:DC:8A:36:7C:0E:40:CA:C0:81:8E:BE:CB:49:A0:CC:AC Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A Certificate issuer: /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Certificate serial: 019B79A540DD1CB3D764A56751301563DD78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft Manifest number: 17A5 Signing time: Thu 01 Jan 2026 13:00:31 +0000 Manifest this update: Thu 01 Jan 2026 13:00:31 +0000 Manifest next update: Fri 02 Jan 2026 13:00:31 +0000 Files and hashes: 1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: gy8mshewlFh8RmY0e/BPMHIPHv4OpTZRX0BTnUhi5Oc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:a5:40:dd:1c:b3:d7:64:a5:67:51:30:15:63:dd:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a Validity Not Before: Jan 1 13:00:31 2026 GMT Not After : Jan 2 13:00:31 2026 GMT Subject: CN=46ca3681dc8a367c0e40cac0818ebecb49a0ccac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3f:d5:6d:90:18:43:70:44:14:23:2a:47:c0: cf:8d:d6:eb:04:3f:17:6f:e5:fd:a2:a5:45:9e:0d: 4e:e7:03:a2:2f:2e:aa:07:a1:39:f0:01:85:48:a4: 10:9d:79:e1:08:24:d1:74:3e:06:7d:15:f3:28:5c: af:29:aa:e1:e5:c2:ca:c0:5c:41:ed:7c:52:eb:4e: 6f:c2:68:d5:3f:3b:4f:e6:ac:06:81:b9:2b:6b:23: 9f:82:bf:f4:70:11:c4:de:4e:5a:f4:cb:e2:b7:c5: 18:44:f5:9a:0a:8b:6c:b1:4f:a1:7b:0c:32:06:29: d9:c2:0e:c5:24:9c:7e:3c:b0:41:b7:2c:08:c6:81: c8:05:6f:a6:45:d1:79:78:a0:3e:1b:62:52:7d:41: 27:6f:47:ce:93:4e:9f:b0:25:d1:5a:96:b2:ae:ba: 1c:eb:ea:e0:dd:97:f7:35:94:14:54:75:b5:2c:8a: 23:63:85:5c:e6:ba:15:d3:4e:6c:c8:ee:2d:35:8c: 49:90:68:13:40:ee:95:70:2f:56:5a:ee:c9:e5:a0: 2d:1e:58:96:18:39:c2:f9:94:1e:4c:9d:67:bf:5b: 93:48:55:30:61:c6:3a:f9:94:c0:fb:ce:65:14:10: 97:09:8d:4a:3c:77:e5:13:f9:15:27:da:b6:1d:70: 56:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:CA:36:81:DC:8A:36:7C:0E:40:CA:C0:81:8E:BE:CB:49:A0:CC:AC X509v3 Authority Key Identifier: keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:d6:23:2e:f7:ff:af:3f:77:89:9c:35:aa:82:bf:74:11:02: 9a:91:8b:76:d5:b1:6b:bb:a9:66:dd:6c:b8:ba:61:29:61:62: e3:12:07:c9:1d:55:f5:9c:fc:59:c5:51:78:14:b0:c4:a8:c7: b9:d3:5d:1b:a5:b7:80:03:23:47:c1:ec:e2:b5:4e:6e:36:de: 50:15:16:4f:20:10:e9:86:f4:c5:38:09:e9:c6:7a:ff:2f:02: a5:ad:18:40:6f:76:e3:8c:21:2e:03:1e:f9:7f:da:45:0e:31: 4b:e3:63:f0:63:a1:11:ba:c9:79:14:1c:cf:9b:33:f7:dd:3c: 74:63:47:36:af:f3:32:3c:69:7f:40:e0:6e:d8:19:eb:ab:64: 71:f7:f9:27:0f:1f:fb:df:38:cc:ca:6d:fd:76:99:8d:18:c3: bc:a4:04:e1:80:02:ff:b0:0d:26:bd:8f:2a:73:54:9b:15:cb: 4a:53:f1:2e:e2:cb:8e:85:df:56:6f:c2:ff:b0:fa:6d:2a:32: 33:e6:7f:13:e4:e8:ab:30:98:c2:ec:16:77:bd:34:1f:a1:9f: 38:b0:2a:23:46:61:ab:07:0f:fa:5a:63:2a:3d:48:f2:b6:9d: c2:a3:ff:8f:e5:db:26:1b:6d:6d:76:db:ed:30:3e:9a:25:d3: ca:d1:bb:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt5pUDdHLPXZKVnUTAVY914MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw Mzk0MWEwHhcNMjYwMTAxMTMwMDMxWhcNMjYwMTAyMTMwMDMxWjAzMTEwLwYDVQQD Eyg0NmNhMzY4MWRjOGEzNjdjMGU0MGNhYzA4MThlYmVjYjQ5YTBjY2FjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT/VbZAYQ3BEFCMqR8DPjdbrBD8X b+X9oqVFng1O5wOiLy6qB6E58AGFSKQQnXnhCCTRdD4GfRXzKFyvKarh5cLKwFxB 7XxS605vwmjVPztP5qwGgbkrayOfgr/0cBHE3k5a9Mvit8UYRPWaCotssU+hewwy BinZwg7FJJx+PLBBtywIxoHIBW+mRdF5eKA+G2JSfUEnb0fOk06fsCXRWpayrroc 6+rg3Zf3NZQUVHW1LIojY4Vc5roV005syO4tNYxJkGgTQO6VcC9WWu7J5aAtHliW GDnC+ZQeTJ1nv1uTSFUwYcY6+ZTA+85lFBCXCY1KPHflE/kVJ9q2HXBWfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbKNoHcijZ8DkDKwIGOvstJoMysMB8GA1UdIwQY MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFdYjLvf/ rz93iZw1qoK/dBECmpGLdtWxa7upZt1suLphKWFi4xIHyR1V9Zz8WcVReBSwxKjH udNdG6W3gAMjR8Hs4rVObjbeUBUWTyAQ6Yb0xTgJ6cZ6/y8Cpa0YQG9244whLgMe +X/aRQ4xS+Nj8GOhEbrJeRQcz5sz9908dGNHNq/zMjxpf0DgbtgZ66tkcff5Jw8f +984zMpt/XaZjRjDvKQE4YAC/7ANJr2PKnNUmxXLSlPxLuLLjoXfVm/C/7D6bSoy M+Z/E+ToqzCYwuwWd700H6GfOLAqI0ZhqwcP+lpjKj1I8radwqP/j+XbJhttbXbb 7TA+miXTytG7Zg== -----END CERTIFICATE-----Generated at Thu Jan 1 19:46:49 2026 by rpki-client