This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft File: O3vGRy6lJXXOlb3KeCbppR-qzkk.mft (raw, json) Hash identifier: K9qxdDnOE9NkrXgyzHRl6exRYpmyiVJnIBXUOj63YDc= Subject key identifier: CD:3B:CA:77:F5:37:29:45:B2:C3:7C:DB:E1:56:9E:E7:41:60:68:93 Authority key identifier: 3B:7B:C6:47:2E:A5:25:75:CE:95:BD:CA:78:26:E9:A5:1F:AA:CE:49 Certificate issuer: /CN=3b7bc6472ea52575ce95bdca7826e9a51faace49 Certificate serial: 019BDE7FFEF63C3FF869F8A2110179FF597F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft Manifest number: 02CD Signing time: Wed 21 Jan 2026 03:01:28 +0000 Manifest this update: Wed 21 Jan 2026 03:01:28 +0000 Manifest next update: Thu 22 Jan 2026 03:01:28 +0000 Files and hashes: 1: O3vGRy6lJXXOlb3KeCbppR-qzkk.crl (hash: FCvXgWWoVInQg4dK1i3UgBN1U1Psh+fTEiF9FRnE060=) 2: xZvTVsgAgTHbHn_16cZuYXn4mck.roa (hash: +oE3yDmB7hi9Ypi3E2o3IvseUAbSMG6NeT9277jObu8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 03:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:de:7f:fe:f6:3c:3f:f8:69:f8:a2:11:01:79:ff:59:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b7bc6472ea52575ce95bdca7826e9a51faace49 Validity Not Before: Jan 21 03:01:28 2026 GMT Not After : Jan 22 03:01:28 2026 GMT Subject: CN=cd3bca77f5372945b2c37cdbe1569ee741606893 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a0:e5:9a:77:66:1c:68:aa:90:72:4a:65:56: 5d:f9:07:29:11:23:a2:c0:68:92:02:f0:50:62:34: a4:10:59:9c:b9:fe:24:5f:3f:ed:bf:e6:54:60:79: f2:80:18:b0:f9:c5:bd:1d:7d:a5:ff:e6:f0:fa:56: a2:a7:a2:48:b5:61:5b:49:49:bd:2f:17:2f:0f:16: 00:76:eb:ff:a3:3b:50:79:6b:4b:7f:78:98:43:8f: d9:e0:1c:28:9e:3c:ea:25:5c:c6:6d:64:cb:05:ce: 27:78:d5:2b:63:f5:39:b3:9d:74:c6:e6:b1:57:7f: 58:e7:22:fd:79:a9:55:21:6a:f5:54:40:50:d1:91: 78:2e:2c:46:17:93:74:90:02:12:c1:df:47:77:35: 5c:17:26:97:1d:b6:02:b6:b8:0e:7a:59:3f:ca:fa: 0b:8b:b7:f3:7f:19:d5:31:4b:5e:9a:16:74:24:0d: 4e:a1:77:d2:90:1c:2b:31:a4:65:b0:9d:fe:a2:54: 01:83:3d:89:ff:1b:e3:4c:79:4e:c9:eb:1d:43:74: 69:81:25:c9:c6:3d:22:88:e3:52:86:8c:1a:31:68: 0d:67:1d:a7:42:95:d5:a6:9b:91:71:86:a0:81:e2: 87:b3:ee:f8:1e:5e:e8:a0:61:35:e2:15:b8:7f:45: 3b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:3B:CA:77:F5:37:29:45:B2:C3:7C:DB:E1:56:9E:E7:41:60:68:93 X509v3 Authority Key Identifier: keyid:3B:7B:C6:47:2E:A5:25:75:CE:95:BD:CA:78:26:E9:A5:1F:AA:CE:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O3vGRy6lJXXOlb3KeCbppR-qzkk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/493d29-47a9-49eb-8080-9226b3ac4e9d/1/O3vGRy6lJXXOlb3KeCbppR-qzkk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:88:ff:6c:aa:6d:43:7a:92:04:cd:20:4b:83:a3:5f:1d:42: 1c:9a:31:e2:ce:b5:c7:00:13:f2:c2:a9:05:f0:4c:55:d4:bb: 1a:b8:81:0f:1a:bd:45:93:30:18:eb:ac:bb:b1:94:a4:a8:26: a6:c0:fa:a9:19:ab:9b:78:5a:9b:4e:6b:d1:f1:08:b5:99:3d: 0a:27:e6:da:58:bc:17:67:38:a1:51:f6:9b:34:06:72:b2:02: a1:ec:3f:ae:c9:f9:24:8d:ab:57:2f:fc:c6:93:6a:82:b9:3d: 2f:3f:c6:30:c4:1e:9c:4d:98:16:57:f8:1d:e6:f6:90:a0:61: 9e:34:eb:a6:f1:1a:8e:7d:ea:03:df:7e:b8:54:c0:45:bf:d0: 76:c4:b3:9b:9b:50:16:d3:f9:98:a6:20:81:01:a8:26:1c:06: 42:c0:88:b9:fc:13:6b:d0:48:c4:5c:b0:44:e5:50:ac:55:fa: be:2d:27:07:59:19:bd:06:31:53:bb:37:74:af:00:fb:75:82: 59:bc:05:87:08:97:50:2b:bf:c3:e5:3b:be:d1:bf:0b:d8:45: 31:92:47:de:0d:0f:dd:c8:23:ab:f6:d7:44:14:86:11:ca:56: 04:28:c9:be:84:f2:ec:0a:bc:5d:3b:cb:fd:48:cf:3e:2d:a6: c8:44:f2:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvef/72PD/4afiiEQF5/1l/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiN2JjNjQ3MmVhNTI1NzVjZTk1YmRjYTc4MjZlOWE1MWZh YWNlNDkwHhcNMjYwMTIxMDMwMTI4WhcNMjYwMTIyMDMwMTI4WjAzMTEwLwYDVQQD EyhjZDNiY2E3N2Y1MzcyOTQ1YjJjMzdjZGJlMTU2OWVlNzQxNjA2ODkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKDlmndmHGiqkHJKZVZd+QcpESOi wGiSAvBQYjSkEFmcuf4kXz/tv+ZUYHnygBiw+cW9HX2l/+bw+laip6JItWFbSUm9 LxcvDxYAduv/oztQeWtLf3iYQ4/Z4BwonjzqJVzGbWTLBc4neNUrY/U5s510xuax V39Y5yL9ealVIWr1VEBQ0ZF4LixGF5N0kAISwd9HdzVcFyaXHbYCtrgOelk/yvoL i7fzfxnVMUtemhZ0JA1OoXfSkBwrMaRlsJ3+olQBgz2J/xvjTHlOyesdQ3RpgSXJ xj0iiONShowaMWgNZx2nQpXVppuRcYaggeKHs+74Hl7ooGE14hW4f0U76wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM07ynf1NylFssN82+FWnudBYGiTMB8GA1UdIwQY MBaAFDt7xkcupSV1zpW9yngm6aUfqs5JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80OTNkMjktNDdhOS00OWViLTgwODAt OTIyNmIzYWM0ZTlkLzEvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS80OTNkMjktNDdhOS00OWViLTgwODAtOTIyNmIzYWM0ZTlk LzEvTzN2R1J5NmxKWFhPbGIzS2VDYnBwUi1xemtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYj/bKpt Q3qSBM0gS4OjXx1CHJox4s61xwAT8sKpBfBMVdS7GriBDxq9RZMwGOusu7GUpKgm psD6qRmrm3ham05r0fEItZk9Cifm2li8F2c4oVH2mzQGcrICoew/rsn5JI2rVy/8 xpNqgrk9Lz/GMMQenE2YFlf4Heb2kKBhnjTrpvEajn3qA99+uFTARb/QdsSzm5tQ FtP5mKYggQGoJhwGQsCIufwTa9BIxFywROVQrFX6vi0nB1kZvQYxU7s3dK8A+3WC WbwFhwiXUCu/w+U7vtG/C9hFMZJH3g0P3cgjq/bXRBSGEcpWBCjJvoTy7Aq8XTvL /UjPPi2myETyzQ== -----END CERTIFICATE-----Generated at Wed Jan 21 13:36:34 2026 by rpki-client