This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft File: OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft (raw, json) Hash identifier: YoHFHtOdeBDfE1hUdrZ/hWT8b8ufFke+oNi61u/7GP0= Subject key identifier: B4:FB:82:2B:80:5F:6D:A4:40:97:53:CC:BC:D6:07:1F:28:2B:0A:EB Authority key identifier: 3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31 Certificate issuer: /CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031 Certificate serial: 019C42B46ABF174C8C3562E00F685693BF5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft Manifest number: 1710 Signing time: Mon 09 Feb 2026 14:00:45 +0000 Manifest this update: Mon 09 Feb 2026 14:00:45 +0000 Manifest next update: Tue 10 Feb 2026 14:00:45 +0000 Files and hashes: 1: Nda1eBhsJwT4E7HRchbC4K3iiqs.roa (hash: IyraCeQZ++qiXcc0IC+bQds8y+BEFwAlU5YYks8WhRk=) 2: OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl (hash: xM2SOt04hqFva0tuenEiDWWzeJyFGdh5KYl7k3FwDwg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:6a:bf:17:4c:8c:35:62:e0:0f:68:56:93:bf:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031 Validity Not Before: Feb 9 14:00:45 2026 GMT Not After : Feb 10 14:00:45 2026 GMT Subject: CN=b4fb822b805f6da4409753ccbcd6071f282b0aeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1c:f8:66:8c:bd:c0:90:4e:d2:36:0c:9b:e6: a4:a7:f6:cf:ff:a1:82:b1:c2:f7:d3:5e:00:d4:27: 17:7b:cb:9c:fb:17:b7:55:6e:28:b3:f7:de:72:b2: 82:a6:fe:cf:7b:10:42:46:f9:9e:8d:7a:be:b9:73: 45:37:e9:15:10:e8:1e:e9:df:60:d0:55:ea:0f:80: 61:1b:29:cf:d6:dc:0a:8d:b3:2c:98:b0:01:0d:2e: 12:23:1c:d8:95:7a:dc:e5:7a:15:c1:e3:1b:cd:e6: a0:1e:aa:62:2f:f6:cd:2b:5b:f1:39:93:de:f5:78: 5f:66:5f:3a:73:58:ea:86:72:b6:01:7c:2a:8c:9a: 9a:6d:5b:41:1b:e6:de:08:a3:c5:a1:49:cd:49:e6: 21:82:e2:72:a3:4b:e4:1d:79:4f:64:8f:29:01:27: 20:a5:18:c8:34:93:81:65:b4:3c:38:c5:6f:c3:cb: 31:6f:14:26:ce:93:c9:d0:54:57:53:33:2e:44:1b: d2:63:ac:b5:3d:9b:a9:48:9e:3a:f6:e7:bd:8d:27: 68:a1:03:1d:80:4d:83:12:16:35:f9:9e:93:47:c6: 66:41:04:12:dc:15:e9:76:15:78:b3:29:97:06:5b: 74:59:7b:26:07:e3:89:57:e3:71:fc:76:b3:76:4c: ce:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:FB:82:2B:80:5F:6D:A4:40:97:53:CC:BC:D6:07:1F:28:2B:0A:EB X509v3 Authority Key Identifier: keyid:3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:ca:2f:f4:6a:2c:0a:84:de:24:05:ba:bd:c3:86:26:98:40: c0:17:62:b6:b5:08:07:95:1a:bb:24:78:e7:73:84:f2:f3:43: e9:19:b3:28:31:fe:b8:63:d9:73:d6:54:fc:24:46:b8:b2:3c: 76:56:4e:56:c7:75:a4:7d:0c:07:05:7e:de:ad:c1:0c:59:aa: 29:ad:18:7c:6d:bf:79:c7:81:59:02:52:f2:28:4b:81:68:03: e5:17:9f:70:fa:73:f8:16:32:67:b0:4b:0f:8b:54:dc:86:1a: 0c:ca:2e:92:e2:79:63:a7:5a:d5:d7:42:7d:54:0a:f8:0e:a9: 44:bf:ab:5a:e9:97:f6:79:63:9f:d0:f2:0b:08:56:d7:dd:20: 38:67:f5:64:43:45:80:c7:f0:9f:ef:fe:5b:a1:90:70:36:ca: 2b:51:0b:7b:b3:f6:8b:c5:64:a5:d1:db:dd:72:8e:ef:ca:9b: 3f:b9:b0:60:02:33:34:85:27:93:02:dd:09:56:7f:84:61:e5: d2:4b:5d:20:ca:ba:fb:03:c5:ad:e9:2a:cc:c0:5e:99:0f:f7: d3:d7:c5:f9:28:96:62:f7:c5:76:2e:db:d4:50:be:d8:8e:f4: 4c:a8:93:fb:4c:45:1b:e0:33:cd:a3:3f:cc:b4:48:c5:ca:3e: fa:a0:cf:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtGq/F0yMNWLgD2hWk79eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTI4NTRhODQwMGQ4Yzg3ZWE0ZGU3YTIyZmRmMWJmNTc0 YTkwMzEwHhcNMjYwMjA5MTQwMDQ1WhcNMjYwMjEwMTQwMDQ1WjAzMTEwLwYDVQQD EyhiNGZiODIyYjgwNWY2ZGE0NDA5NzUzY2NiY2Q2MDcxZjI4MmIwYWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxz4Zoy9wJBO0jYMm+akp/bP/6GC scL3014A1CcXe8uc+xe3VW4os/fecrKCpv7PexBCRvmejXq+uXNFN+kVEOge6d9g 0FXqD4BhGynP1twKjbMsmLABDS4SIxzYlXrc5XoVweMbzeagHqpiL/bNK1vxOZPe 9XhfZl86c1jqhnK2AXwqjJqabVtBG+beCKPFoUnNSeYhguJyo0vkHXlPZI8pAScg pRjINJOBZbQ8OMVvw8sxbxQmzpPJ0FRXUzMuRBvSY6y1PZupSJ469ue9jSdooQMd gE2DEhY1+Z6TR8ZmQQQS3BXpdhV4symXBlt0WXsmB+OJV+Nx/HazdkzO2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLT7giuAX22kQJdTzLzWBx8oKwrrMB8GA1UdIwQY MBaAFDoShUqEANjIfqTeeiL98b9XSpAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMt NjgyOWQ2OGUyYTU0LzEvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMtNjgyOWQ2OGUyYTU0 LzEvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8ov9Gos CoTeJAW6vcOGJphAwBditrUIB5UauyR453OE8vND6RmzKDH+uGPZc9ZU/CRGuLI8 dlZOVsd1pH0MBwV+3q3BDFmqKa0YfG2/eceBWQJS8ihLgWgD5RefcPpz+BYyZ7BL D4tU3IYaDMoukuJ5Y6da1ddCfVQK+A6pRL+rWumX9nljn9DyCwhW190gOGf1ZENF gMfwn+/+W6GQcDbKK1ELe7P2i8VkpdHb3XKO78qbP7mwYAIzNIUnkwLdCVZ/hGHl 0ktdIMq6+wPFrekqzMBemQ/309fF+SiWYvfFdi7b1FC+2I70TKiT+0xFG+AzzaM/ zLRIxco++qDPXQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:32:26 2026 by rpki-client