This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.mft File: ohnbVSO9ORRQqdzPbVDOWfsV360.mft (raw, json) Hash identifier: 6Ji1wp1rYbGAAJgwjlm1x/+JPyLQqv36+5bV0Iqi5G0= Subject key identifier: BE:01:B8:5F:71:70:28:E0:D5:B7:E0:4D:0A:90:40:07:DC:58:34:8E Authority key identifier: A2:19:DB:55:23:BD:39:14:50:A9:DC:CF:6D:50:CE:59:FB:15:DF:AD Certificate issuer: /CN=a219db5523bd391450a9dccf6d50ce59fb15dfad Certificate serial: 019BFB7793F7C7B45D58E38DC45AFA3C309C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ohnbVSO9ORRQqdzPbVDOWfsV360.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.mft Manifest number: 03 Signing time: Mon 26 Jan 2026 18:01:16 +0000 Manifest this update: Mon 26 Jan 2026 18:01:16 +0000 Manifest next update: Tue 27 Jan 2026 18:01:16 +0000 Files and hashes: 1: 4HbGMj--iSuFHvb28GOkJ8Rfj9k.roa (hash: kmfueJIenPQ4kLIaUYdb59+cHEhbnikmEU4eCsrl8uU=) 2: ohnbVSO9ORRQqdzPbVDOWfsV360.crl (hash: 1X5hwQOVov0VktBbrBV2EkUpCpBBYMVdJAve8r+vBDY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.mft rsync://rpki.ripe.net/repository/DEFAULT/ohnbVSO9ORRQqdzPbVDOWfsV360.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:77:93:f7:c7:b4:5d:58:e3:8d:c4:5a:fa:3c:30:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a219db5523bd391450a9dccf6d50ce59fb15dfad Validity Not Before: Jan 26 18:01:16 2026 GMT Not After : Jan 27 18:01:16 2026 GMT Subject: CN=be01b85f717028e0d5b7e04d0a904007dc58348e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:0e:81:16:98:50:4b:39:38:01:f6:1e:b0:5e: e4:6b:09:cd:f5:cc:10:71:72:46:68:98:a1:13:50: 0b:bf:7e:ff:eb:a8:1d:2f:b2:07:96:02:eb:82:42: c6:8a:b2:70:1a:8f:ac:c6:30:94:dc:f2:20:44:f1: 47:8e:55:80:62:cb:12:7b:24:10:38:97:d2:ef:61: 23:39:ef:1b:13:b8:a8:7f:49:b7:56:90:91:10:0c: 21:ec:3a:e8:e8:3c:ff:90:cd:7e:cf:9f:f2:a8:26: 02:8b:ff:53:08:b6:fc:db:f1:25:3b:45:e0:34:0b: 18:dc:da:28:d5:0f:4f:e7:8a:ab:6a:f5:7c:19:a6: 5e:dc:4c:e8:0a:62:15:01:de:78:65:b5:5f:fb:29: df:45:4a:d8:af:22:7f:72:e6:6b:d4:c6:5b:06:3e: 08:4b:ca:0e:0a:c5:42:3f:49:13:26:e7:33:61:c7: 38:4e:ab:bd:43:a2:77:bf:35:54:8e:9c:80:22:45: 85:53:64:e4:bd:87:88:b2:76:19:2d:16:ce:5a:09: 31:37:21:75:36:4f:5d:89:cf:a4:ac:9c:de:d2:72: aa:99:8f:74:bd:b5:17:41:73:0f:2f:97:52:61:33: 9f:cc:1a:ca:67:d8:7b:60:ef:c6:88:23:13:c2:da: ae:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:01:B8:5F:71:70:28:E0:D5:B7:E0:4D:0A:90:40:07:DC:58:34:8E X509v3 Authority Key Identifier: keyid:A2:19:DB:55:23:BD:39:14:50:A9:DC:CF:6D:50:CE:59:FB:15:DF:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohnbVSO9ORRQqdzPbVDOWfsV360.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/ce635c-7d2c-410c-96e2-7ccf936de89a/1/ohnbVSO9ORRQqdzPbVDOWfsV360.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:39:3e:bd:ff:00:7c:af:ba:e4:dc:3b:59:6f:c1:f6:17:2f: 99:d2:13:f3:6c:a5:b6:cb:13:1d:3a:7e:40:d7:e7:88:fc:05: 30:29:45:58:09:d0:94:c9:02:64:79:cb:4b:d4:17:2f:47:7d: 64:9a:fe:fa:a0:0e:eb:f0:bd:cd:c2:36:d9:1d:39:0b:07:15: 28:c0:a4:c3:0f:e4:bc:4c:a4:e0:79:fb:f0:7a:e4:af:db:36: 09:44:fc:51:c2:63:05:e4:15:8a:66:84:78:05:ec:39:db:08: dc:64:a6:9d:eb:44:5e:41:dc:e6:eb:43:70:65:f3:ec:29:c8: 40:34:43:c0:06:f6:2b:81:69:07:c6:a7:b9:da:0e:08:94:09: 53:7c:56:69:fc:81:7a:b7:98:bb:7b:20:00:b3:0b:b0:93:00: 32:a2:68:5c:d1:99:d9:18:30:eb:72:ea:ff:84:c0:3b:98:bc: e1:4f:22:19:bb:e8:ec:68:44:a4:4a:bc:b4:7a:a4:b9:f8:f0: 24:5a:52:0d:a8:ea:8e:36:9d:40:f4:e1:1d:95:89:84:36:9d: 44:b4:65:4c:72:9c:ae:d2:58:55:43:15:f4:30:05:04:c5:99: 84:aa:06:94:15:20:65:e0:cd:8b:01:1e:0d:00:e3:76:39:06: 4e:7a:a4:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7d5P3x7RdWOONxFr6PDCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMTlkYjU1MjNiZDM5MTQ1MGE5ZGNjZjZkNTBjZTU5ZmIx NWRmYWQwHhcNMjYwMTI2MTgwMTE2WhcNMjYwMTI3MTgwMTE2WjAzMTEwLwYDVQQD EyhiZTAxYjg1ZjcxNzAyOGUwZDViN2UwNGQwYTkwNDAwN2RjNTgzNDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ6BFphQSzk4AfYesF7kawnN9cwQ cXJGaJihE1ALv37/66gdL7IHlgLrgkLGirJwGo+sxjCU3PIgRPFHjlWAYssSeyQQ OJfS72EjOe8bE7iof0m3VpCREAwh7Dro6Dz/kM1+z5/yqCYCi/9TCLb82/ElO0Xg NAsY3Noo1Q9P54qravV8GaZe3EzoCmIVAd54ZbVf+ynfRUrYryJ/cuZr1MZbBj4I S8oOCsVCP0kTJuczYcc4Tqu9Q6J3vzVUjpyAIkWFU2TkvYeIsnYZLRbOWgkxNyF1 Nk9dic+krJze0nKqmY90vbUXQXMPL5dSYTOfzBrKZ9h7YO/GiCMTwtquDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL4BuF9xcCjg1bfgTQqQQAfcWDSOMB8GA1UdIwQY MBaAFKIZ21UjvTkUUKncz21Qzln7Fd+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2huYlZTTzlPUlJRcWR6UGJWRE9XZnNWMzYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9jZTYzNWMtN2QyYy00MTBjLTk2ZTIt N2NjZjkzNmRlODlhLzEvb2huYlZTTzlPUlJRcWR6UGJWRE9XZnNWMzYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9jZTYzNWMtN2QyYy00MTBjLTk2ZTItN2NjZjkzNmRlODlh LzEvb2huYlZTTzlPUlJRcWR6UGJWRE9XZnNWMzYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDk+vf8A fK+65Nw7WW/B9hcvmdIT82yltssTHTp+QNfniPwFMClFWAnQlMkCZHnLS9QXL0d9 ZJr++qAO6/C9zcI22R05CwcVKMCkww/kvEyk4Hn78Hrkr9s2CUT8UcJjBeQVimaE eAXsOdsI3GSmnetEXkHc5utDcGXz7CnIQDRDwAb2K4FpB8anudoOCJQJU3xWafyB ereYu3sgALMLsJMAMqJoXNGZ2Rgw63Lq/4TAO5i84U8iGbvo7GhEpEq8tHqkufjw JFpSDajqjjadQPThHZWJhDadRLRlTHKcrtJYVUMV9DAFBMWZhKoGlBUgZeDNiwEe DQDjdjkGTnqk7Q== -----END CERTIFICATE-----Generated at Mon Jan 26 22:57:26 2026 by rpki-client