This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft File: Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft (raw, json) Hash identifier: PY3BDJdmo18NVgl8wVnB9BKpyOrvw5k9GHyRR4VRBQQ= Subject key identifier: B4:DE:79:E6:73:A8:40:AF:8B:12:DE:81:0E:BA:67:55:15:A9:FC:05 Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Certificate serial: 019C446BA622F19DD70D7462B4F1D05FC8D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft Manifest number: 0957 Signing time: Mon 09 Feb 2026 22:00:31 +0000 Manifest this update: Mon 09 Feb 2026 22:00:31 +0000 Manifest next update: Tue 10 Feb 2026 22:00:31 +0000 Files and hashes: 1: Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl (hash: 1Kkvhbz0uT9f9aSYG5AbjpS9XWRxGDLQ/Oli2VtbBgM=) 2: yCYfu-nQ-r5mmuWB4csYdJl_brA.roa (hash: bFBh8jKzarYm0VKcZxzPkcXMAVEV0oykNxP7fDtsTwM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:6b:a6:22:f1:9d:d7:0d:74:62:b4:f1:d0:5f:c8:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Validity Not Before: Feb 9 22:00:31 2026 GMT Not After : Feb 10 22:00:31 2026 GMT Subject: CN=b4de79e673a840af8b12de810eba675515a9fc05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:22:31:ad:0d:df:9a:4f:b2:b3:34:cc:14:ff: b6:ab:84:26:a7:54:6e:b4:a8:07:74:da:79:5e:49: 8d:ae:ef:c9:7b:4b:f1:8d:d9:c5:8a:d9:bc:7c:f7: 52:9d:50:3e:f4:7f:65:35:d1:fe:83:20:c3:66:e7: b6:64:8f:95:15:82:43:bd:b7:06:83:0f:b3:12:78: 27:d4:2a:be:4c:5e:8f:24:18:6c:e4:7f:96:db:3b: 4b:26:91:32:4a:b3:f7:d6:a8:31:09:b5:2b:c2:19: 95:57:b0:f2:46:fa:66:55:fa:c8:51:43:50:19:2b: c7:da:0b:b2:32:19:f5:8a:7f:eb:a0:7b:f2:b6:d6: 04:55:71:26:eb:8f:7d:26:54:f0:bd:6b:70:cf:b5: 89:0d:63:1b:19:32:a2:35:30:66:e1:60:56:ae:e9: 5a:05:91:36:b6:55:c3:37:fd:f7:aa:27:20:0d:0a: f3:8d:e0:e8:58:fb:1c:7b:79:08:db:3d:90:69:cd: a7:98:41:24:3b:9c:af:61:4f:c6:ab:6a:89:64:bb: 4d:ba:36:6a:41:43:67:bd:5b:d7:9b:57:d3:43:ac: 89:47:5f:6d:31:73:8e:fd:f5:33:f6:03:ea:2d:18: 35:cc:c2:7d:41:7b:dd:2d:21:07:1f:b6:16:c6:fb: 92:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:DE:79:E6:73:A8:40:AF:8B:12:DE:81:0E:BA:67:55:15:A9:FC:05 X509v3 Authority Key Identifier: keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:e6:6b:ae:8a:f9:93:f7:bb:0a:d3:82:89:95:39:05:dc:57: 8b:c5:ba:62:71:f6:c6:af:7e:22:1c:3a:ec:df:83:bd:8b:df: b8:d4:1c:b0:8f:87:93:d5:70:d5:27:19:71:d9:ca:8e:9f:78: b7:52:f2:5a:70:b2:31:20:8d:d3:8b:da:a3:68:48:b8:65:4a: 23:d5:f4:fb:c3:91:61:2a:ed:ac:65:4d:ee:4a:4c:e3:4a:5b: 51:67:82:cd:ca:e7:9f:e0:9a:da:67:85:fd:fe:f0:5f:19:7b: 8c:79:0b:f7:6d:dc:48:80:9d:c9:8f:0c:81:37:41:75:30:24: 43:3e:c4:30:9e:c3:7d:e6:8e:83:2e:51:5d:52:51:11:ac:67: bf:93:8d:5d:22:bb:d9:75:87:15:27:d8:e4:27:4b:b0:c4:f0: a0:31:8d:5f:2b:ea:f0:d3:7d:d5:0b:2d:7d:c7:fd:fb:3c:b6: b0:e7:60:80:86:02:1d:3f:40:1f:45:87:28:71:90:55:e5:df: c5:69:61:ad:cf:02:db:ce:97:99:a7:1d:a0:5d:91:94:43:fc: 5a:6f:3b:14:eb:8e:19:37:26:b6:b2:d8:c2:c1:92:0d:da:a6: 90:a9:03:6f:7d:7e:3b:9e:4e:3d:fd:de:2f:75:16:a9:2a:8e: 62:7f:84:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxEa6Yi8Z3XDXRitPHQX8jVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj NGRhMjAwHhcNMjYwMjA5MjIwMDMxWhcNMjYwMjEwMjIwMDMxWjAzMTEwLwYDVQQD EyhiNGRlNzllNjczYTg0MGFmOGIxMmRlODEwZWJhNjc1NTE1YTlmYzA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyIxrQ3fmk+yszTMFP+2q4Qmp1Ru tKgHdNp5XkmNru/Je0vxjdnFitm8fPdSnVA+9H9lNdH+gyDDZue2ZI+VFYJDvbcG gw+zEngn1Cq+TF6PJBhs5H+W2ztLJpEySrP31qgxCbUrwhmVV7DyRvpmVfrIUUNQ GSvH2guyMhn1in/roHvyttYEVXEm6499JlTwvWtwz7WJDWMbGTKiNTBm4WBWrula BZE2tlXDN/33qicgDQrzjeDoWPsce3kI2z2Qac2nmEEkO5yvYU/Gq2qJZLtNujZq QUNnvVvXm1fTQ6yJR19tMXOO/fUz9gPqLRg1zMJ9QXvdLSEHH7YWxvuSRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLTeeeZzqECvixLegQ66Z1UVqfwFMB8GA1UdIwQY MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt YWJmODM3YWNlOGU0LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0 LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXOZrror5 k/e7CtOCiZU5BdxXi8W6YnH2xq9+Ihw67N+DvYvfuNQcsI+Hk9Vw1ScZcdnKjp94 t1LyWnCyMSCN04vao2hIuGVKI9X0+8ORYSrtrGVN7kpM40pbUWeCzcrnn+Ca2meF /f7wXxl7jHkL923cSICdyY8MgTdBdTAkQz7EMJ7DfeaOgy5RXVJREaxnv5ONXSK7 2XWHFSfY5CdLsMTwoDGNXyvq8NN91Qstfcf9+zy2sOdggIYCHT9AH0WHKHGQVeXf xWlhrc8C286XmacdoF2RlEP8Wm87FOuOGTcmtrLYwsGSDdqmkKkDb31+O55OPf3e L3UWqSqOYn+Eag== -----END CERTIFICATE-----Generated at Tue Feb 10 02:58:55 2026 by rpki-client