This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft File: orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json) Hash identifier: vX45SFFCHLRZCWPoDtpX9YzUyUdsvl16G1kCW/O0H+k= Subject key identifier: D6:83:E8:C2:15:5D:FA:CC:55:08:AF:64:BE:9F:D5:18:F2:8D:1C:F2 Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1 Certificate issuer: /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1 Certificate serial: 019C439012C381AA4E600E5622D8FC339405 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft Manifest number: 0856 Signing time: Mon 09 Feb 2026 18:00:41 +0000 Manifest this update: Mon 09 Feb 2026 18:00:41 +0000 Manifest next update: Tue 10 Feb 2026 18:00:41 +0000 Files and hashes: 1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: /ACinjoM+iQWPjwvcOihdT7f7FJXWh6oaweP3ykiwXU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:12:c3:81:aa:4e:60:0e:56:22:d8:fc:33:94:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1 Validity Not Before: Feb 9 18:00:41 2026 GMT Not After : Feb 10 18:00:41 2026 GMT Subject: CN=d683e8c2155dfacc5508af64be9fd518f28d1cf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e1:62:10:77:84:55:88:63:39:15:5f:73:42: f5:a2:47:9b:e1:21:54:a6:9a:0e:17:7d:7f:94:39: f5:df:da:4d:58:4d:26:c6:c2:92:61:b5:b3:50:a4: ed:1b:f8:40:e6:9f:ce:ad:32:12:12:5c:f7:4e:32: 26:dc:8f:12:73:4d:22:3e:26:fe:2d:c0:56:97:e6: 9d:36:c0:00:eb:50:c3:c4:01:f5:cc:69:38:58:7d: 15:a7:12:3e:03:31:31:49:84:01:46:88:9e:4c:7c: 7b:e6:50:17:ad:e8:71:13:e2:c3:f9:44:3d:fa:10: 12:0e:34:ab:61:0d:f8:f3:f8:7b:3c:7a:72:1b:d3: d4:95:7f:e4:bc:9b:bb:f0:0d:63:1b:b0:2b:ca:a6: 5c:10:8f:c3:5e:c1:12:7c:3b:b4:3c:ec:a7:3a:df: 3b:f4:bf:41:5c:ac:23:c4:52:da:5e:c7:4c:e1:96: e6:82:b7:5c:db:21:61:bb:8b:9f:3e:66:b1:2d:2e: 97:c2:2a:f5:ab:df:fb:49:fb:b1:11:b2:88:a0:09: 75:d7:38:a4:c9:05:e6:e8:69:91:f5:20:cf:1a:da: e1:df:e1:a9:89:86:26:5e:41:0e:56:e8:e6:aa:c9: cd:a2:bc:0b:95:a7:c9:5e:22:e1:47:cb:03:5c:4f: 73:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:83:E8:C2:15:5D:FA:CC:55:08:AF:64:BE:9F:D5:18:F2:8D:1C:F2 X509v3 Authority Key Identifier: keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:9d:49:1d:ef:b2:bf:d9:66:9d:58:38:62:92:f1:56:70:2f: fc:ef:f2:99:ea:4c:40:43:86:48:51:cb:5f:9d:ab:f2:0c:e2: 9b:e3:a2:0d:e3:eb:f6:29:86:68:e5:7c:e4:1d:33:e2:1d:4b: 9f:c7:5b:08:47:ec:80:d9:8c:b1:9c:61:8d:63:8d:73:7b:3f: 84:b7:26:b5:7f:ea:b4:84:08:e7:a6:6c:65:c0:51:84:a2:0b: 80:5c:17:e1:5a:da:9d:c3:5f:5e:72:2d:20:6d:f5:4f:de:02: 95:bb:57:66:25:28:73:57:bd:06:87:23:f1:ef:a7:86:b9:8a: d9:33:75:05:e5:f1:a5:1e:08:e6:25:91:8a:8b:d2:8f:b5:b6: f8:5d:86:e5:aa:e7:19:f7:f1:c9:09:d6:d8:ee:62:59:69:2f: 70:da:8c:ca:a9:f6:7b:8f:f9:b4:d3:71:08:1c:2c:69:44:74: 7f:99:30:21:9c:88:be:eb:11:0d:4e:d7:69:9c:d9:15:2c:4b: b3:a8:7c:24:87:ab:09:47:3f:ba:47:6b:8d:94:ee:ac:b6:8f: 94:93:7b:4b:f1:fd:90:dc:d1:d7:0a:38:d5:9d:0d:21:d6:47: fe:2b:cb:4c:cc:c2:b3:05:bc:77:4b:7e:cc:5f:95:69:b3:6a: 10:d0:1c:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkBLDgapOYA5WItj8M5QFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5 N2M4YzEwHhcNMjYwMjA5MTgwMDQxWhcNMjYwMjEwMTgwMDQxWjAzMTEwLwYDVQQD EyhkNjgzZThjMjE1NWRmYWNjNTUwOGFmNjRiZTlmZDUxOGYyOGQxY2YyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOFiEHeEVYhjORVfc0L1okeb4SFU ppoOF31/lDn139pNWE0mxsKSYbWzUKTtG/hA5p/OrTISElz3TjIm3I8Sc00iPib+ LcBWl+adNsAA61DDxAH1zGk4WH0VpxI+AzExSYQBRoieTHx75lAXrehxE+LD+UQ9 +hASDjSrYQ348/h7PHpyG9PUlX/kvJu78A1jG7AryqZcEI/DXsESfDu0POynOt87 9L9BXKwjxFLaXsdM4Zbmgrdc2yFhu4ufPmaxLS6Xwir1q9/7SfuxEbKIoAl11zik yQXm6GmR9SDPGtrh3+GpiYYmXkEOVujmqsnNorwLlafJXiLhR8sDXE9zPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNaD6MIVXfrMVQivZL6f1RjyjRzyMB8GA1UdIwQY MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3 LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhJ1JHe+y v9lmnVg4YpLxVnAv/O/ymepMQEOGSFHLX52r8gzim+OiDePr9imGaOV85B0z4h1L n8dbCEfsgNmMsZxhjWONc3s/hLcmtX/qtIQI56ZsZcBRhKILgFwX4VrancNfXnIt IG31T94ClbtXZiUoc1e9Bocj8e+nhrmK2TN1BeXxpR4I5iWRiovSj7W2+F2G5arn GffxyQnW2O5iWWkvcNqMyqn2e4/5tNNxCBwsaUR0f5kwIZyIvusRDU7XaZzZFSxL s6h8JIerCUc/ukdrjZTurLaPlJN7S/H9kNzR1wo41Z0NIdZH/ivLTMzCswW8d0t+ zF+VabNqENAcKA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:58:05 2026 by rpki-client