This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft File: 02JOkIx0mP22E1QnU-9Wx1zXBL0.mft (raw, json) Hash identifier: iKLVuijdCYwEe3Quhmm7lzyjjZX0gLWbdKarq6HTGko= Subject key identifier: B8:B6:40:5B:BF:72:30:2F:C7:0F:D8:75:78:AB:E8:75:68:C3:53:6D Authority key identifier: D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD Certificate issuer: /CN=d3624e908c7498fdb613542753ef56c75cd704bd Certificate serial: 019B7900864073C8B3FF0453AFC5F3F31029 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft Manifest number: 0BE3 Signing time: Thu 01 Jan 2026 10:00:35 +0000 Manifest this update: Thu 01 Jan 2026 10:00:35 +0000 Manifest next update: Fri 02 Jan 2026 10:00:35 +0000 Files and hashes: 1: 02JOkIx0mP22E1QnU-9Wx1zXBL0.crl (hash: fdYZX5PNxPBLh+9vN2FDvvx+I+ndBMu1dDx7yoI2Njw=) 2: _l8jrf0myWSyZHEusIZ6cmnQafE.roa (hash: gjseV+JPjv3tCrp8kMrsCJYjL6BjqLfcHlxvbKTgJog=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:00:86:40:73:c8:b3:ff:04:53:af:c5:f3:f3:10:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3624e908c7498fdb613542753ef56c75cd704bd Validity Not Before: Jan 1 10:00:35 2026 GMT Not After : Jan 2 10:00:35 2026 GMT Subject: CN=b8b6405bbf72302fc70fd87578abe87568c3536d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:ab:18:d3:97:90:04:3c:8f:7c:16:b5:6f:d1: 20:a8:03:70:dd:17:8a:d5:9f:12:36:63:62:47:fd: 71:5c:bd:cc:bf:72:a1:c8:80:51:cb:df:82:8e:08: b5:c7:0a:a8:0f:20:c1:cb:c0:34:86:2f:eb:1c:4e: 78:60:58:65:62:c3:76:62:eb:9c:8e:34:29:39:e1: e1:d9:bb:c3:d3:17:41:d9:ad:a2:1b:f3:8f:e6:f2: bc:42:64:fa:db:5b:47:09:3c:0a:9b:52:41:9a:70: 85:87:fd:67:5e:72:33:79:ee:cf:d6:94:26:82:4d: 4f:f2:8f:b8:fb:43:d7:42:9c:4f:86:d5:b5:27:cc: 73:a2:71:23:38:f1:84:85:a7:19:d6:5e:0f:7a:00: bc:c3:82:54:7d:b9:7d:8a:76:7b:30:36:9d:6a:65: ac:c5:b5:5f:00:34:1d:73:53:fe:c0:c8:38:52:1f: 68:d8:a1:08:b8:fe:65:bf:a4:4f:bd:12:39:5b:3d: 85:cb:e0:c9:9b:30:ef:2f:0f:6e:f2:ad:ed:f5:26: a7:44:32:7b:ec:57:08:fa:20:5d:d7:83:f8:8b:b2: e8:2d:ca:e1:0f:8d:6d:90:34:17:a5:31:fb:0e:2b: 08:97:5b:50:a4:61:f9:51:61:fb:6b:b6:33:a2:74: b8:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:B6:40:5B:BF:72:30:2F:C7:0F:D8:75:78:AB:E8:75:68:C3:53:6D X509v3 Authority Key Identifier: keyid:D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:70:76:8c:54:88:4a:0f:d1:5c:4f:ae:bf:fd:dc:ea:8a:79: 3e:c7:05:5e:5f:80:de:17:89:b1:2f:65:af:55:f6:16:34:f3: 35:2d:58:fd:3c:83:a4:0c:97:34:82:bb:fe:f1:70:66:43:8d: dd:a6:d9:08:24:84:30:c4:51:db:1f:87:42:13:d4:23:a0:07: 45:4d:81:f8:f0:8c:3e:39:d7:59:ab:62:95:8c:a3:c0:00:60: 7f:b8:04:53:17:36:90:53:28:41:d6:25:5e:5b:b6:7d:d1:5c: d4:24:e8:5d:56:87:50:37:62:c8:d0:24:b4:33:ea:1e:83:e0: 5d:3d:16:a4:79:f5:41:3a:16:96:f8:9a:fe:da:3e:d8:3c:a8: b9:cd:5c:54:71:34:18:3f:01:5a:27:5f:ee:49:06:a8:2c:0d: b8:7f:86:26:e4:4d:e3:d0:cb:b2:6f:72:71:48:5c:f0:4b:76: d1:e1:19:e5:6e:81:27:df:b4:15:e0:c3:b6:2d:d8:2b:09:7b: ba:0a:b4:eb:58:91:16:cc:a2:8d:15:cc:bb:38:01:d6:ca:b6: b6:f2:c8:7b:22:d3:c9:1e:53:85:ec:bc:08:2d:fb:49:3c:f6: 1d:c1:43:c2:38:ce:70:72:1f:80:c6:33:5c:0f:55:eb:7f:7b: d9:82:ad:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt5AIZAc8iz/wRTr8Xz8xApMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjI0ZTkwOGM3NDk4ZmRiNjEzNTQyNzUzZWY1NmM3NWNk NzA0YmQwHhcNMjYwMTAxMTAwMDM1WhcNMjYwMTAyMTAwMDM1WjAzMTEwLwYDVQQD EyhiOGI2NDA1YmJmNzIzMDJmYzcwZmQ4NzU3OGFiZTg3NTY4YzM1MzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6sY05eQBDyPfBa1b9EgqANw3ReK 1Z8SNmNiR/1xXL3Mv3KhyIBRy9+Cjgi1xwqoDyDBy8A0hi/rHE54YFhlYsN2Yuuc jjQpOeHh2bvD0xdB2a2iG/OP5vK8QmT621tHCTwKm1JBmnCFh/1nXnIzee7P1pQm gk1P8o+4+0PXQpxPhtW1J8xzonEjOPGEhacZ1l4PegC8w4JUfbl9inZ7MDadamWs xbVfADQdc1P+wMg4Uh9o2KEIuP5lv6RPvRI5Wz2Fy+DJmzDvLw9u8q3t9SanRDJ7 7FcI+iBd14P4i7LoLcrhD41tkDQXpTH7DisIl1tQpGH5UWH7a7YzonS4NwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLi2QFu/cjAvxw/YdXir6HVow1NtMB8GA1UdIwQY MBaAFNNiTpCMdJj9thNUJ1PvVsdc1wS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMt NjQ1MGYxODQxMTIyLzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMtNjQ1MGYxODQxMTIy LzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfHB2jFSI Sg/RXE+uv/3c6op5PscFXl+A3heJsS9lr1X2FjTzNS1Y/TyDpAyXNIK7/vFwZkON 3abZCCSEMMRR2x+HQhPUI6AHRU2B+PCMPjnXWatilYyjwABgf7gEUxc2kFMoQdYl Xlu2fdFc1CToXVaHUDdiyNAktDPqHoPgXT0WpHn1QToWlvia/to+2Dyouc1cVHE0 GD8BWidf7kkGqCwNuH+GJuRN49DLsm9ycUhc8Et20eEZ5W6BJ9+0FeDDti3YKwl7 ugq061iRFsyijRXMuzgB1sq2tvLIeyLTyR5They8CC37STz2HcFDwjjOcHIfgMYz XA9V63972YKtIQ== -----END CERTIFICATE-----Generated at Thu Jan 1 12:33:28 2026 by rpki-client