This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft File: O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json) Hash identifier: 6dBciVmk9Boymikok9NN5WJQo12U5pDUmGAEEOsRfPg= Subject key identifier: EE:0C:40:1A:88:D6:C8:27:57:DA:CE:B0:95:93:5E:DC:88:F0:1A:B9 Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 Certificate issuer: /CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Certificate serial: 019C4321E73CDD6CDDF03CF0991633120ED5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft Manifest number: 09A1 Signing time: Mon 09 Feb 2026 16:00:21 +0000 Manifest this update: Mon 09 Feb 2026 16:00:21 +0000 Manifest next update: Tue 10 Feb 2026 16:00:21 +0000 Files and hashes: 1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: c8ajBr5zwdut6yefZ+MSQ7av5691LRJ5MUF/v9hkjrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:e7:3c:dd:6c:dd:f0:3c:f0:99:16:33:12:0e:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54 Validity Not Before: Feb 9 16:00:21 2026 GMT Not After : Feb 10 16:00:21 2026 GMT Subject: CN=ee0c401a88d6c82757daceb095935edc88f01ab9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:02:d7:a5:d1:9c:61:76:cf:53:64:5e:9b:f9: 9c:af:44:b9:f7:3b:7d:22:69:7e:78:ec:3e:d5:a1: f8:44:f0:74:72:3c:eb:ea:2f:29:6d:c7:71:de:32: b4:d6:2c:f0:bc:00:a0:44:20:fb:88:50:f8:39:e4: 88:59:bb:10:d1:ba:7c:b2:d4:f4:80:60:4c:fd:f0: ac:e7:33:e6:ea:50:90:e7:bc:73:6a:6a:c3:46:a0: de:23:6e:9d:8f:e9:42:06:1a:61:aa:b4:81:16:80: 14:08:4e:e8:a9:9d:9c:6d:42:ec:7a:7f:c0:6e:83: 9e:f1:5b:56:23:66:30:63:88:26:79:37:64:df:5b: 61:42:a2:18:10:bc:d5:c0:ab:75:10:dd:06:70:f1: ff:6c:68:be:0f:e6:1d:d5:65:f8:b4:3b:9d:ca:5b: ed:63:44:58:c3:42:b0:8b:d5:f7:0b:a8:74:80:90: e0:14:b0:48:ea:84:c5:11:e1:6d:c4:09:6f:3e:9c: cf:30:c3:aa:f0:17:eb:d5:db:8a:1a:54:fa:19:2f: f5:a9:18:9f:65:a6:09:2a:20:1a:7e:54:44:3e:12: ec:35:b1:71:89:0c:d2:35:a4:1a:81:2b:d7:1b:2a: 75:45:8b:9c:d4:73:56:4b:2d:14:01:41:a0:17:51: 91:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:0C:40:1A:88:D6:C8:27:57:DA:CE:B0:95:93:5E:DC:88:F0:1A:B9 X509v3 Authority Key Identifier: keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:95:ef:d7:c8:1a:78:34:20:28:ea:c0:06:07:b1:4f:26:5a: 15:9d:f8:bb:f1:1c:ce:6f:1e:6e:d8:b5:84:93:dd:a6:52:58: db:57:a9:f5:cc:d0:15:21:26:47:df:37:ad:57:01:ff:c6:e2: ce:c6:75:3b:68:e6:21:86:e7:a1:6c:61:88:91:0e:82:d9:cb: b0:72:1d:c3:8d:e4:af:b9:da:fc:28:e0:b5:9d:02:94:a4:f8: f4:ed:2a:46:04:4e:98:cf:1c:4a:be:86:cd:6e:ea:e8:91:5e: c4:b3:39:79:60:95:0e:9a:10:85:35:9a:39:42:9d:59:fa:4a: 34:9d:18:7d:a1:33:8c:61:8d:d2:da:38:04:cc:d0:73:19:8f: c3:c4:a2:25:bc:f4:b0:b1:7f:dc:aa:49:11:7c:4d:9b:0e:69: 50:b0:8c:59:92:54:ed:8d:59:b9:68:48:db:6d:13:bc:40:88: d9:3b:44:98:04:3c:73:fb:49:b8:76:46:0b:4b:28:78:85:84: 4e:69:74:95:93:40:1c:a7:7e:30:aa:30:12:06:9f:a3:87:e7: 1c:3e:44:99:cd:06:5b:25:02:8f:45:ff:10:ab:5a:ce:e8:c2: dc:6d:de:64:0f:36:a9:70:9e:e0:bd:8b:d6:58:03:5e:8c:b0: 9b:fa:6a:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIec83Wzd8DzwmRYzEg7VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl MDdiNTQwHhcNMjYwMjA5MTYwMDIxWhcNMjYwMjEwMTYwMDIxWjAzMTEwLwYDVQQD EyhlZTBjNDAxYTg4ZDZjODI3NTdkYWNlYjA5NTkzNWVkYzg4ZjAxYWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ALXpdGcYXbPU2Rem/mcr0S59zt9 Iml+eOw+1aH4RPB0cjzr6i8pbcdx3jK01izwvACgRCD7iFD4OeSIWbsQ0bp8stT0 gGBM/fCs5zPm6lCQ57xzamrDRqDeI26dj+lCBhphqrSBFoAUCE7oqZ2cbULsen/A boOe8VtWI2YwY4gmeTdk31thQqIYELzVwKt1EN0GcPH/bGi+D+Yd1WX4tDudylvt Y0RYw0Kwi9X3C6h0gJDgFLBI6oTFEeFtxAlvPpzPMMOq8Bfr1duKGlT6GS/1qRif ZaYJKiAaflREPhLsNbFxiQzSNaQagSvXGyp1RYuc1HNWSy0UAUGgF1GRwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO4MQBqI1sgnV9rOsJWTXtyI8Bq5MB8GA1UdIwQY MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5 LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5Xv18ga eDQgKOrABgexTyZaFZ34u/Eczm8ebti1hJPdplJY21ep9czQFSEmR983rVcB/8bi zsZ1O2jmIYbnoWxhiJEOgtnLsHIdw43kr7na/CjgtZ0ClKT49O0qRgROmM8cSr6G zW7q6JFexLM5eWCVDpoQhTWaOUKdWfpKNJ0YfaEzjGGN0to4BMzQcxmPw8SiJbz0 sLF/3KpJEXxNmw5pULCMWZJU7Y1ZuWhI220TvECI2TtEmAQ8c/tJuHZGC0soeIWE Tml0lZNAHKd+MKowEgafo4fnHD5Emc0GWyUCj0X/EKtazujC3G3eZA82qXCe4L2L 1lgDXoywm/pqkw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:48:11 2026 by rpki-client