This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft File: obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json) Hash identifier: KIsUHhaoU7ukE1VU2+ZULKBV17C9mEB0AoouYe3qPc8= Subject key identifier: EC:F8:02:EC:A8:4A:75:95:8A:A9:3A:DA:F9:85:1D:AD:9C:0D:A5:BC Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A Certificate issuer: /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a Certificate serial: 019B9064A2757E7DAA91FB93A4BF8FB0A431 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft Manifest number: 07C8 Signing time: Mon 05 Jan 2026 23:01:12 +0000 Manifest this update: Mon 05 Jan 2026 23:01:12 +0000 Manifest next update: Tue 06 Jan 2026 23:01:12 +0000 Files and hashes: 1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: LRoasXXK44e4BNqJFS/xRPY8NNdZ8/0N8SlotEziQKY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 17:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:90:64:a2:75:7e:7d:aa:91:fb:93:a4:bf:8f:b0:a4:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a Validity Not Before: Jan 5 23:01:12 2026 GMT Not After : Jan 6 23:01:12 2026 GMT Subject: CN=ecf802eca84a75958aa93adaf9851dad9c0da5bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:cb:a1:b0:cf:9b:24:00:a9:e6:9d:b0:fb:87: 44:65:f8:67:d8:d3:bf:09:91:ca:2d:26:05:8c:92: 1e:77:49:e8:b9:51:b8:d6:0f:5f:c2:4a:54:f0:77: dc:63:d8:1e:ef:77:8b:1e:a8:c1:0b:20:71:ac:a7: 34:3d:1d:6e:d5:30:ba:7f:83:f1:00:59:8c:1c:1f: cd:16:8c:3c:45:bf:72:7f:92:36:7c:63:dc:f0:50: c8:36:46:f2:d1:a4:78:09:73:e6:66:2f:be:78:b4: 85:2b:b9:03:1d:03:a4:73:cc:13:b0:c9:71:2e:62: 7e:08:3a:9c:83:3b:bb:5e:6f:32:1f:e1:c5:17:f4: b3:f7:27:9f:b6:65:ab:80:35:0b:63:65:eb:68:25: 9d:83:5e:03:a6:36:80:b0:7d:4c:9a:27:b3:a7:98: f3:d8:8e:81:3b:7e:18:1e:66:7b:23:dd:aa:26:f0: a2:72:17:6c:0b:a3:e4:5f:3e:f5:98:7f:a6:c6:c2: 89:93:6d:41:44:94:72:4a:fd:0d:77:64:de:f7:f1: 4e:d3:75:56:67:b3:9f:0b:df:73:f0:95:71:8d:98: cd:64:51:24:6e:d7:ed:ff:48:da:a9:5d:9a:85:57: ea:c3:2b:e6:4a:d2:88:18:38:60:23:ad:49:92:47: aa:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:F8:02:EC:A8:4A:75:95:8A:A9:3A:DA:F9:85:1D:AD:9C:0D:A5:BC X509v3 Authority Key Identifier: keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:dd:e2:d7:89:06:3f:1f:40:86:93:5a:97:f1:98:b1:c8:a7: df:81:3f:be:d9:c7:62:b8:b0:bc:a7:e7:69:53:76:d5:e3:6a: aa:dc:48:eb:91:d0:27:d2:f3:2a:bc:d5:05:4f:16:16:1b:32: 0a:47:08:7f:13:df:39:50:f3:e1:46:03:6a:35:5b:46:ff:14: ba:60:89:cd:1e:42:08:7f:26:f3:97:ef:dc:52:ab:76:63:f3: ba:e5:ab:a9:0e:37:f1:11:39:6d:a2:46:c6:dd:8e:e1:16:52: 59:fe:64:a8:ea:41:2c:ba:9d:8b:ca:8c:02:e8:34:a1:a4:c8: cc:be:dc:e9:b3:25:e6:c8:eb:3a:c7:92:00:e8:cd:b7:fd:c5: 04:e6:0e:3d:e6:84:c6:22:10:d5:db:df:59:64:8d:56:7a:49: 03:b1:e9:81:8e:23:eb:a7:c8:00:68:fd:3c:76:68:46:bd:b7: 1d:2d:af:d8:b9:91:35:3b:3d:f8:5a:e5:ae:c7:ca:ba:9c:67: 87:27:94:cf:10:bf:a4:66:05:40:c3:ba:5c:a0:b8:66:33:a2: 20:6c:40:73:87:04:bb:09:22:2e:70:ed:a3:ec:cb:31:c4:0f: bb:e1:5e:aa:83:91:a7:24:9c:16:41:07:07:14:cc:7f:f1:28: 0e:ac:36:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuQZKJ1fn2qkfuTpL+PsKQxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5 MDQzMGEwHhcNMjYwMTA1MjMwMTEyWhcNMjYwMTA2MjMwMTEyWjAzMTEwLwYDVQQD EyhlY2Y4MDJlY2E4NGE3NTk1OGFhOTNhZGFmOTg1MWRhZDljMGRhNWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8uhsM+bJACp5p2w+4dEZfhn2NO/ CZHKLSYFjJIed0nouVG41g9fwkpU8HfcY9ge73eLHqjBCyBxrKc0PR1u1TC6f4Px AFmMHB/NFow8Rb9yf5I2fGPc8FDINkby0aR4CXPmZi++eLSFK7kDHQOkc8wTsMlx LmJ+CDqcgzu7Xm8yH+HFF/Sz9yeftmWrgDULY2XraCWdg14DpjaAsH1Mmiezp5jz 2I6BO34YHmZ7I92qJvCichdsC6PkXz71mH+mxsKJk21BRJRySv0Nd2Te9/FO03VW Z7OfC99z8JVxjZjNZFEkbtft/0jaqV2ahVfqwyvmStKIGDhgI61JkkeqwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOz4AuyoSnWViqk62vmFHa2cDaW8MB8GA1UdIwQY MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXt3i14kG Px9AhpNal/GYscin34E/vtnHYriwvKfnaVN21eNqqtxI65HQJ9LzKrzVBU8WFhsy CkcIfxPfOVDz4UYDajVbRv8UumCJzR5CCH8m85fv3FKrdmPzuuWrqQ438RE5baJG xt2O4RZSWf5kqOpBLLqdi8qMAug0oaTIzL7c6bMl5sjrOseSAOjNt/3FBOYOPeaE xiIQ1dvfWWSNVnpJA7HpgY4j66fIAGj9PHZoRr23HS2v2LmRNTs9+FrlrsfKupxn hyeUzxC/pGYFQMO6XKC4ZjOiIGxAc4cEuwkiLnDto+zLMcQPu+FeqoORpyScFkEH BxTMf/EoDqw21A== -----END CERTIFICATE-----Generated at Tue Jan 6 01:47:47 2026 by rpki-client