This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.mft File: OAonDZR7c0BD17LSUhTx3DDwEd8.mft (raw, json) Hash identifier: WBQJpL9Yo/fLY3PnBN744ONqMNSl3m+aYTS6Lu+EtjQ= Subject key identifier: 3B:92:B2:1D:D1:8F:0E:1A:97:80:5A:CA:D6:7C:FF:AD:74:56:58:E3 Authority key identifier: 38:0A:27:0D:94:7B:73:40:43:D7:B2:D2:52:14:F1:DC:30:F0:11:DF Certificate issuer: /CN=380a270d947b734043d7b2d25214f1dc30f011df Certificate serial: 019C4321CE3EDD43D99FA7654D432BF5E1D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAonDZR7c0BD17LSUhTx3DDwEd8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.mft Manifest number: 11 Signing time: Mon 09 Feb 2026 16:00:14 +0000 Manifest this update: Mon 09 Feb 2026 16:00:14 +0000 Manifest next update: Tue 10 Feb 2026 16:00:14 +0000 Files and hashes: 1: OAonDZR7c0BD17LSUhTx3DDwEd8.crl (hash: 1r2OU/VFWddSGwLAm0lVpt/6YyVyeXcWwxcmAvIgCJ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.crl rsync://rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.mft rsync://rpki.ripe.net/repository/DEFAULT/OAonDZR7c0BD17LSUhTx3DDwEd8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:ce:3e:dd:43:d9:9f:a7:65:4d:43:2b:f5:e1:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=380a270d947b734043d7b2d25214f1dc30f011df Validity Not Before: Feb 9 16:00:14 2026 GMT Not After : Feb 10 16:00:14 2026 GMT Subject: CN=3b92b21dd18f0e1a97805acad67cffad745658e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:37:e3:13:ee:b8:d0:71:0f:22:6b:ec:74:0a: f8:a0:f2:a8:4d:de:0c:b8:3d:f4:42:1f:29:ec:0a: 0a:3c:a9:26:ac:28:9a:0f:56:54:94:f0:eb:a8:8d: ca:89:0e:54:8c:17:39:2a:20:d6:6e:e8:2b:52:4f: 4a:9f:22:f6:00:4a:0e:b0:a5:f4:b8:f2:0b:a4:17: 47:25:8d:5e:3f:82:37:f6:5e:4e:04:c9:54:eb:d0: f8:11:51:9c:21:57:a3:07:9c:ae:43:c7:64:a2:70: b3:62:9d:a6:2e:79:31:26:02:00:81:b5:45:0d:bf: b9:1b:c1:74:43:c9:ff:4d:05:06:a0:3b:1a:73:ac: da:47:e3:2e:c7:c9:53:84:85:43:d4:97:60:8b:56: 50:6c:4f:e6:f8:87:f7:eb:79:c1:8a:5e:dd:c0:1b: 57:c3:3d:e7:97:18:7d:9b:4f:11:44:6f:b0:ff:e8: f9:6a:f7:32:07:65:4b:93:a1:93:79:bb:a3:2d:f1: 99:89:85:2f:09:39:67:b5:4f:2e:93:6a:9e:b8:8d: 83:3f:38:8f:10:20:96:b5:02:c8:fd:e4:fd:70:23: 84:35:68:b2:5b:b3:03:65:0a:5f:1d:80:b1:02:1e: d8:b4:81:0a:4e:d3:68:8d:14:f6:8c:8b:78:80:86: 4f:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:92:B2:1D:D1:8F:0E:1A:97:80:5A:CA:D6:7C:FF:AD:74:56:58:E3 X509v3 Authority Key Identifier: keyid:38:0A:27:0D:94:7B:73:40:43:D7:B2:D2:52:14:F1:DC:30:F0:11:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAonDZR7c0BD17LSUhTx3DDwEd8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/453ce9-7389-4951-a76e-890d0bbea624/1/OAonDZR7c0BD17LSUhTx3DDwEd8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:e8:55:77:e3:09:f0:44:d6:fe:dd:fd:35:e7:cd:02:c7:f1: f4:e8:c0:5d:dd:45:d7:7a:94:5e:2e:d3:12:f2:62:24:56:21: 8c:cc:79:21:6c:d3:53:03:f5:ac:c8:6c:6a:0b:42:ff:3d:57: 13:8d:62:91:f1:00:39:63:9b:5a:30:dc:b3:e3:75:20:57:0f: cb:67:a8:95:d9:2f:c7:7f:f6:12:09:1c:61:4f:33:31:3b:40: 74:e2:47:e7:4c:3d:f4:de:92:c0:6e:04:6f:f0:86:fd:26:6e: 50:68:a4:12:ea:d2:cc:06:b8:ee:09:0d:6c:34:80:72:51:59: 53:aa:2f:03:c4:f6:f0:d4:a1:45:35:ed:23:e1:33:36:16:0f: b9:c4:d2:fa:a0:17:09:2a:fe:f5:2f:b2:4a:96:3d:16:0f:fb: 77:54:9a:e9:74:81:d9:43:6a:08:42:2d:a9:62:77:ed:b1:da: fc:32:36:a9:a5:ad:22:63:c6:b7:22:57:74:d1:b5:a8:a9:7c: e4:42:a2:2c:d2:df:dc:3b:f5:b2:2e:44:70:5d:0a:07:21:e9: e6:a5:c1:0f:b2:a1:58:c9:68:b0:8e:e8:16:2e:0b:c3:a0:94: 19:a2:16:4f:56:47:70:d0:c0:05:7a:9b:92:44:79:b3:2e:8a: b6:f1:90:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIc4+3UPZn6dlTUMr9eHXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MGEyNzBkOTQ3YjczNDA0M2Q3YjJkMjUyMTRmMWRjMzBm MDExZGYwHhcNMjYwMjA5MTYwMDE0WhcNMjYwMjEwMTYwMDE0WjAzMTEwLwYDVQQD EygzYjkyYjIxZGQxOGYwZTFhOTc4MDVhY2FkNjdjZmZhZDc0NTY1OGUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljfjE+640HEPImvsdAr4oPKoTd4M uD30Qh8p7AoKPKkmrCiaD1ZUlPDrqI3KiQ5UjBc5KiDWbugrUk9KnyL2AEoOsKX0 uPILpBdHJY1eP4I39l5OBMlU69D4EVGcIVejB5yuQ8dkonCzYp2mLnkxJgIAgbVF Db+5G8F0Q8n/TQUGoDsac6zaR+Mux8lThIVD1Jdgi1ZQbE/m+If363nBil7dwBtX wz3nlxh9m08RRG+w/+j5avcyB2VLk6GTebujLfGZiYUvCTlntU8uk2qeuI2DPziP ECCWtQLI/eT9cCOENWiyW7MDZQpfHYCxAh7YtIEKTtNojRT2jIt4gIZPpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDuSsh3Rjw4al4BaytZ8/610VljjMB8GA1UdIwQY MBaAFDgKJw2Ue3NAQ9ey0lIU8dww8BHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0FvbkRaUjdjMEJEMTdMU1VoVHgzRER3RWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTNjZTktNzM4OS00OTUxLWE3NmUt ODkwZDBiYmVhNjI0LzEvT0FvbkRaUjdjMEJEMTdMU1VoVHgzRER3RWQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi80NTNjZTktNzM4OS00OTUxLWE3NmUtODkwZDBiYmVhNjI0 LzEvT0FvbkRaUjdjMEJEMTdMU1VoVHgzRER3RWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuhVd+MJ 8ETW/t39NefNAsfx9OjAXd1F13qUXi7TEvJiJFYhjMx5IWzTUwP1rMhsagtC/z1X E41ikfEAOWObWjDcs+N1IFcPy2eoldkvx3/2EgkcYU8zMTtAdOJH50w99N6SwG4E b/CG/SZuUGikEurSzAa47gkNbDSAclFZU6ovA8T28NShRTXtI+EzNhYPucTS+qAX CSr+9S+ySpY9Fg/7d1Sa6XSB2UNqCEItqWJ37bHa/DI2qaWtImPGtyJXdNG1qKl8 5EKiLNLf3Dv1si5EcF0KByHp5qXBD7KhWMlosI7oFi4Lw6CUGaIWT1ZHcNDABXqb kkR5sy6KtvGQWg== -----END CERTIFICATE-----Generated at Mon Feb 9 19:39:23 2026 by rpki-client