This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft File: OC5TMDOzzpXklyvyOC3awpPC3AE.mft (raw, json) Hash identifier: KxD0ikIVpOkSUcHCCiKhOfBl6LcFQrcUb988W8zz8V0= Subject key identifier: 93:31:58:6B:E6:95:75:1E:85:58:9F:D5:39:DE:30:0C:E2:96:C7:6C Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01 Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01 Certificate serial: 019BD846B5802FD583D7382F0985DAB730DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft Manifest number: 0B38 Signing time: Mon 19 Jan 2026 22:01:11 +0000 Manifest this update: Mon 19 Jan 2026 22:01:11 +0000 Manifest next update: Tue 20 Jan 2026 22:01:11 +0000 Files and hashes: 1: 16Wly6tf9ZCRlJ1eLRRr8Q4xzIw.roa (hash: Kp7oiL6STzpmE+EAdvQJo2k6GaSB6dYQxfvWJmxfMsM=) 2: JTe6rZdralZYMfrallY8D9l18pI.roa (hash: nAhU2MmHuPgFOMieOuqyCTSQGexpWdZSuDuOtmxyLp0=) 3: OC5TMDOzzpXklyvyOC3awpPC3AE.crl (hash: en+oh1DdoWTRMdzrhoe9SA6N5GOyabX1VTy/6eDawRI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d8:46:b5:80:2f:d5:83:d7:38:2f:09:85:da:b7:30:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01 Validity Not Before: Jan 19 22:01:11 2026 GMT Not After : Jan 20 22:01:11 2026 GMT Subject: CN=9331586be695751e85589fd539de300ce296c76c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:63:13:5a:40:ab:23:d7:9e:7e:9c:56:e0:70: 76:d4:40:2d:b7:ec:16:c2:e6:99:e1:e1:80:43:56: b7:d6:6e:6d:e8:f7:97:5f:0e:b9:dd:99:86:a0:21: 15:9c:22:7a:99:dc:c4:e9:43:9f:f7:67:eb:35:8c: e8:43:45:ff:b2:1c:9c:bc:36:5d:23:48:f6:6b:92: db:f5:4d:2c:93:b7:02:f5:72:45:dc:c6:f8:c6:5c: 35:c1:12:8e:e5:c1:89:7e:fa:7c:86:8f:55:fa:82: 79:c2:36:e1:b3:eb:49:c9:5b:fd:0b:ec:54:91:16: e0:61:ea:55:2c:a5:7c:f2:f8:80:4f:c4:8c:40:49: 69:2f:fc:89:81:4f:be:16:44:95:7a:d2:91:37:3d: 20:6a:4e:38:ca:c0:9d:b0:2a:e8:24:aa:12:ac:18: 06:86:0d:2f:3b:f0:8c:44:87:15:e1:bc:64:d1:c5: a9:4b:8f:8f:a5:ad:5c:bf:b9:64:8b:32:00:ae:08: d7:a5:93:58:6a:42:2a:a8:29:12:9c:c9:33:95:0d: 9e:14:44:9d:4e:52:b2:c4:9f:48:12:b3:56:ad:d2: a3:9b:cd:80:ec:7f:8b:d4:91:48:73:78:b1:db:a7: 1b:43:9f:0d:e3:fc:a3:80:95:0a:94:43:c1:b0:67: cd:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:31:58:6B:E6:95:75:1E:85:58:9F:D5:39:DE:30:0C:E2:96:C7:6C X509v3 Authority Key Identifier: keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:2b:71:01:3b:6d:2a:89:4f:67:04:81:d5:c1:66:29:a3:9f: ef:0b:af:00:c4:16:b9:d6:45:26:22:c6:1e:35:e3:68:b2:8d: 4a:c2:bc:90:54:91:51:d1:86:26:4a:99:2c:5d:6f:c5:28:9f: 9d:10:98:d8:16:a2:6b:28:0e:eb:62:5b:f7:fe:37:28:ac:f2: 86:93:85:d3:1a:87:84:04:51:96:54:67:a7:37:16:33:f7:be: bc:00:b1:70:26:5f:9c:48:48:b5:37:55:52:ee:f0:fe:55:2a: 8b:3c:2e:bd:4e:3b:bd:68:6a:26:90:f4:cc:04:20:42:b6:6e: 3c:78:37:15:3f:af:8a:03:43:1a:1f:44:26:35:b1:2c:b8:63: 09:b3:28:cb:b0:99:d0:ab:83:3e:13:df:22:cf:a0:fd:a3:22: 57:cf:b4:44:54:aa:27:2a:aa:54:72:68:21:1c:80:a2:10:85: a1:44:a8:10:e9:f0:fb:9f:9b:72:64:fd:3a:34:b7:4d:a8:ba: 36:f5:f3:85:0f:a3:90:65:57:07:bb:0d:ff:de:08:7a:cb:78: c6:9b:4f:e2:0c:c1:08:fa:c6:c5:08:8f:45:d8:83:73:97:7b: 59:e8:8f:40:ec:bb:f9:2f:31:9a:7c:2f:d8:30:09:3f:00:92: a7:c8:cf:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvYRrWAL9WD1zgvCYXatzDaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj MmRjMDEwHhcNMjYwMTE5MjIwMTExWhcNMjYwMTIwMjIwMTExWjAzMTEwLwYDVQQD Eyg5MzMxNTg2YmU2OTU3NTFlODU1ODlmZDUzOWRlMzAwY2UyOTZjNzZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWMTWkCrI9eefpxW4HB21EAtt+wW wuaZ4eGAQ1a31m5t6PeXXw653ZmGoCEVnCJ6mdzE6UOf92frNYzoQ0X/shycvDZd I0j2a5Lb9U0sk7cC9XJF3Mb4xlw1wRKO5cGJfvp8ho9V+oJ5wjbhs+tJyVv9C+xU kRbgYepVLKV88viAT8SMQElpL/yJgU++FkSVetKRNz0gak44ysCdsCroJKoSrBgG hg0vO/CMRIcV4bxk0cWpS4+Ppa1cv7lkizIArgjXpZNYakIqqCkSnMkzlQ2eFESd TlKyxJ9IErNWrdKjm82A7H+L1JFIc3ix26cbQ58N4/yjgJUKlEPBsGfNqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJMxWGvmlXUehVif1TneMAzilsdsMB8GA1UdIwQY MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt ZWFhMDkwNTE0YjUyLzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAytxATtt KolPZwSB1cFmKaOf7wuvAMQWudZFJiLGHjXjaLKNSsK8kFSRUdGGJkqZLF1vxSif nRCY2BaiaygO62Jb9/43KKzyhpOF0xqHhARRllRnpzcWM/e+vACxcCZfnEhItTdV Uu7w/lUqizwuvU47vWhqJpD0zAQgQrZuPHg3FT+vigNDGh9EJjWxLLhjCbMoy7CZ 0KuDPhPfIs+g/aMiV8+0RFSqJyqqVHJoIRyAohCFoUSoEOnw+5+bcmT9OjS3Tai6 NvXzhQ+jkGVXB7sN/94Iest4xptP4gzBCPrGxQiPRdiDc5d7WeiPQOy7+S8xmnwv 2DAJPwCSp8jPYg== -----END CERTIFICATE-----Generated at Tue Jan 20 01:00:18 2026 by rpki-client