This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft File: ONBDirVthCFxMbwG_jNeTHhD63k.mft (raw, json) Hash identifier: 5m2q0H4rerpfBYq+in8IWvx9RZRw/RtHA6qd+Zg6Quo= Subject key identifier: FA:55:96:AA:CC:9E:CD:9E:10:33:55:2B:1B:82:0E:05:7E:36:6D:34 Authority key identifier: 38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 Certificate issuer: /CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Certificate serial: 019C42B45E356A8FBC1F36F87FB12AC0FA5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft Manifest number: 0515 Signing time: Mon 09 Feb 2026 14:00:42 +0000 Manifest this update: Mon 09 Feb 2026 14:00:42 +0000 Manifest next update: Tue 10 Feb 2026 14:00:42 +0000 Files and hashes: 1: ONBDirVthCFxMbwG_jNeTHhD63k.crl (hash: 1JjkrhiRkkg/3noOFzGL+eIGBbM9ZQL9xTLq4S7BAjE=) 2: pSL3Mi5XEdAchUtMULvCKuIdKaM.roa (hash: PIsMvcROTvHOYMP/WBLkPzqoyaR6+wBcYymEnJhYyE4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:5e:35:6a:8f:bc:1f:36:f8:7f:b1:2a:c0:fa:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d0438ab56d84217131bc06fe335e4c7843eb79 Validity Not Before: Feb 9 14:00:42 2026 GMT Not After : Feb 10 14:00:42 2026 GMT Subject: CN=fa5596aacc9ecd9e1033552b1b820e057e366d34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:8d:76:00:07:b0:90:34:61:ac:f2:5b:77:2d: a2:20:5f:7e:0b:c3:9d:09:b2:66:6b:9f:2c:93:d5: 2e:55:7e:a2:94:86:6d:14:25:70:4d:d4:2a:9d:83: fc:98:a1:ae:d8:05:47:34:b4:f7:45:a0:96:8d:ca: 16:8f:21:82:cb:e8:88:3e:2c:2d:32:1c:ef:d3:f1: 00:24:5a:6d:65:aa:17:27:c1:b6:9f:0a:5e:8a:2c: eb:a9:d1:8c:5f:05:b4:7c:a8:e0:79:1e:48:61:08: 21:be:e7:b1:71:16:4d:91:cc:96:a7:e8:86:20:be: 02:f5:0c:92:8a:8d:fc:6c:7d:1b:2d:1d:1c:1e:73: 53:1f:da:b9:82:85:2c:26:3f:5a:ee:ef:23:47:2c: 07:20:2f:d7:96:6e:c3:04:20:66:7b:72:7b:39:8b: 77:fe:6a:c4:25:11:c6:7a:63:69:31:71:6d:70:5f: 54:0b:7b:a3:2d:63:3e:38:a9:3c:d1:89:44:cd:9b: 90:47:28:ab:4e:da:2c:79:5b:2b:04:35:03:dc:18: 0b:d8:fc:45:97:04:50:e1:3a:f7:ec:3e:32:8b:bb: d9:6d:3a:0a:62:34:78:97:6f:f7:b0:c4:f4:3f:31: 5a:80:bf:bb:b9:6a:f8:37:54:3e:1d:25:ae:b1:0c: 20:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:55:96:AA:CC:9E:CD:9E:10:33:55:2B:1B:82:0E:05:7E:36:6D:34 X509v3 Authority Key Identifier: keyid:38:D0:43:8A:B5:6D:84:21:71:31:BC:06:FE:33:5E:4C:78:43:EB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONBDirVthCFxMbwG_jNeTHhD63k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/fe1a8c-9585-4291-9df1-d9e6c5f0d288/1/ONBDirVthCFxMbwG_jNeTHhD63k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:5e:46:d6:26:7b:69:c8:33:2b:db:33:1a:e8:0b:a3:6a:d0: 88:d5:ea:38:74:b3:c8:e6:35:d6:2a:2d:ad:95:60:98:8a:ff: d8:3f:03:01:d5:47:6f:fd:df:21:8c:a7:f9:19:ea:93:45:11: 9d:51:b3:e2:29:e4:f7:f6:a3:14:97:65:1b:6d:00:88:02:39: 2a:22:9c:97:76:02:3a:28:13:e5:72:a0:d3:af:cb:65:82:40: 78:c8:76:10:bb:70:f0:02:94:ab:fe:a0:01:9d:f7:8e:46:a7: e2:8b:ac:79:9c:96:19:c5:b6:61:47:88:d9:b7:4b:b0:73:88: df:ef:5a:2b:7e:2b:39:d7:8e:e6:e5:16:1a:95:7e:49:2e:a2: 27:32:5c:18:bd:8f:8e:06:49:29:85:2c:5a:70:56:1a:e9:f9: 09:8e:90:bf:f6:99:fb:68:a9:c6:c9:81:42:ed:c4:55:88:b5: 44:6b:b5:ee:6d:0f:8a:35:2e:6c:2b:a8:2e:a0:4c:98:fd:c9: 21:89:5d:3f:4a:fe:3d:f5:45:41:43:f1:39:2f:85:6c:c8:6f: 1e:97:05:2f:2f:7a:46:29:9f:f0:2f:67:8d:ae:18:66:61:2d: c9:10:79:c7:f0:5c:de:4c:84:f2:02:93:60:28:7c:9a:3b:23: e6:0e:95:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtF41ao+8Hzb4f7EqwPpbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDA0MzhhYjU2ZDg0MjE3MTMxYmMwNmZlMzM1ZTRjNzg0 M2ViNzkwHhcNMjYwMjA5MTQwMDQyWhcNMjYwMjEwMTQwMDQyWjAzMTEwLwYDVQQD EyhmYTU1OTZhYWNjOWVjZDllMTAzMzU1MmIxYjgyMGUwNTdlMzY2ZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz412AAewkDRhrPJbdy2iIF9+C8Od CbJma58sk9UuVX6ilIZtFCVwTdQqnYP8mKGu2AVHNLT3RaCWjcoWjyGCy+iIPiwt Mhzv0/EAJFptZaoXJ8G2nwpeiizrqdGMXwW0fKjgeR5IYQghvuexcRZNkcyWp+iG IL4C9QySio38bH0bLR0cHnNTH9q5goUsJj9a7u8jRywHIC/Xlm7DBCBme3J7OYt3 /mrEJRHGemNpMXFtcF9UC3ujLWM+OKk80YlEzZuQRyirTtoseVsrBDUD3BgL2PxF lwRQ4Tr37D4yi7vZbToKYjR4l2/3sMT0PzFagL+7uWr4N1Q+HSWusQwgeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPpVlqrMns2eEDNVKxuCDgV+Nm00MB8GA1UdIwQY MBaAFDjQQ4q1bYQhcTG8Bv4zXkx4Q+t5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEt ZDllNmM1ZjBkMjg4LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9mZTFhOGMtOTU4NS00MjkxLTlkZjEtZDllNmM1ZjBkMjg4 LzEvT05CRGlyVnRoQ0Z4TWJ3R19qTmVUSGhENjNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkF5G1iZ7 acgzK9szGugLo2rQiNXqOHSzyOY11iotrZVgmIr/2D8DAdVHb/3fIYyn+Rnqk0UR nVGz4ink9/ajFJdlG20AiAI5KiKcl3YCOigT5XKg06/LZYJAeMh2ELtw8AKUq/6g AZ33jkan4ouseZyWGcW2YUeI2bdLsHOI3+9aK34rOdeO5uUWGpV+SS6iJzJcGL2P jgZJKYUsWnBWGun5CY6Qv/aZ+2ipxsmBQu3EVYi1RGu17m0PijUubCuoLqBMmP3J IYldP0r+PfVFQUPxOS+FbMhvHpcFLy96Rimf8C9nja4YZmEtyRB5x/Bc3kyE8gKT YCh8mjsj5g6Vzg== -----END CERTIFICATE-----Generated at Mon Feb 9 16:55:53 2026 by rpki-client