This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft File: OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft (raw, json) Hash identifier: DOcODGjfV1ocdzDQFuthTyDv9V1j4GxEtdbSECZCq04= Subject key identifier: A2:BA:58:67:4E:5D:B8:CC:F0:58:7A:DD:78:C3:D1:98:0E:5A:56:41 Authority key identifier: 38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4 Certificate issuer: /CN=3866f7385005d5be6101727388e1b3271f644de4 Certificate serial: 019BFC536315BFE98E0A064E44057BAA86D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft Manifest number: 02F1 Signing time: Mon 26 Jan 2026 22:01:21 +0000 Manifest this update: Mon 26 Jan 2026 22:01:21 +0000 Manifest next update: Tue 27 Jan 2026 22:01:21 +0000 Files and hashes: 1: K8tuEs9t8pmrSDJuwwdt6IYJIik.roa (hash: ZshbzN4NQcUPnRU5jRSR+ix2vC7IlJPNo8C+FrStXqM=) 2: OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl (hash: 5PKVTwEdKFQhqx/aqRvE9q2PvM5ugx3BZDAHzgMm84E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:53:63:15:bf:e9:8e:0a:06:4e:44:05:7b:aa:86:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3866f7385005d5be6101727388e1b3271f644de4 Validity Not Before: Jan 26 22:01:21 2026 GMT Not After : Jan 27 22:01:21 2026 GMT Subject: CN=a2ba58674e5db8ccf0587add78c3d1980e5a5641 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b4:8c:a7:15:aa:0f:1d:94:89:51:d2:ae:2f: 5b:27:b8:2c:0e:a7:86:5b:82:44:56:57:ee:eb:22: a8:86:ed:ba:c8:d6:c8:d4:2e:36:67:da:e9:db:d3: ac:92:36:32:5d:27:d0:3e:f9:91:f3:6a:66:7f:f2: 56:f1:c7:ff:ac:d3:b2:90:4a:6e:a6:3f:a9:62:ff: 13:ba:d3:4d:d9:26:8e:e4:3a:1f:c2:ff:2b:3a:0a: 51:42:3b:22:33:4b:69:d7:0c:ab:b3:9e:1a:76:0c: 3f:22:b4:b8:52:0c:89:f1:2d:b1:4f:f6:83:ad:12: a6:9c:b3:0e:91:08:84:6f:cf:43:45:b2:45:65:ab: 96:a6:cf:44:60:54:08:67:5d:48:00:48:b4:1a:dc: ee:a5:6e:45:58:82:5b:69:9c:f8:e3:94:94:13:e1: d8:29:60:14:53:4a:cd:ad:8a:f8:df:6e:c8:df:87: df:ee:da:5a:aa:55:25:6b:34:5e:56:69:29:d0:91: 98:03:fd:8f:e6:68:e5:cd:07:02:e1:0e:da:f4:0f: 04:ce:dd:44:a5:4e:9d:95:4a:d7:cc:32:eb:ca:bc: 45:23:3e:ba:c9:3a:65:fb:0b:62:1a:95:41:1f:61: 00:ed:62:26:a6:70:fa:32:7d:8c:e5:44:b9:32:eb: 2d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:BA:58:67:4E:5D:B8:CC:F0:58:7A:DD:78:C3:D1:98:0E:5A:56:41 X509v3 Authority Key Identifier: keyid:38:66:F7:38:50:05:D5:BE:61:01:72:73:88:E1:B3:27:1F:64:4D:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGb3OFAF1b5hAXJziOGzJx9kTeQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b06197-68d2-429e-ace5-e015bf3f33d7/1/OGb3OFAF1b5hAXJziOGzJx9kTeQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:8b:8e:23:e2:b9:4f:71:25:1a:fc:83:64:db:9d:73:f8:cd: e2:2d:8a:99:91:71:56:74:f0:07:ee:39:17:9a:b8:f8:8b:b5: 1a:d0:8f:78:f0:2d:35:e0:92:25:ff:35:61:77:9d:c9:f9:e8: c4:15:80:78:ff:a1:29:78:49:5e:4e:a0:6e:cd:86:df:ab:01: eb:c0:35:6a:f3:ad:bf:6d:25:67:fa:4a:67:aa:9e:e3:c8:e5: a1:61:cd:79:47:63:46:e5:3d:75:37:f8:f9:ad:6c:d7:0f:75: 4b:d5:37:42:63:38:d3:ca:24:82:cc:85:89:c1:fe:4b:26:f5: 80:2b:55:18:3e:b7:4a:c0:5b:4f:42:07:3a:03:a3:70:1d:54: 00:5b:4d:d5:51:a3:b1:61:64:06:df:e6:1e:85:b4:db:f4:b5: de:de:31:7d:51:fe:11:16:48:83:04:63:a5:5c:e3:ba:20:3c: 42:80:3c:9b:00:d6:09:70:29:75:08:14:0e:01:39:a2:0d:cf: 82:ef:23:ec:4a:7e:58:96:79:6b:73:4b:2f:68:94:e8:83:d7: 50:35:13:8d:c9:68:61:48:e2:72:b2:70:39:a1:9c:b2:72:6d: 23:b3:84:81:35:43:fa:ea:5a:78:3a:46:cd:6d:9e:12:d3:be: e4:bb:d9:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8U2MVv+mOCgZORAV7qobTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NjZmNzM4NTAwNWQ1YmU2MTAxNzI3Mzg4ZTFiMzI3MWY2 NDRkZTQwHhcNMjYwMTI2MjIwMTIxWhcNMjYwMTI3MjIwMTIxWjAzMTEwLwYDVQQD EyhhMmJhNTg2NzRlNWRiOGNjZjA1ODdhZGQ3OGMzZDE5ODBlNWE1NjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bSMpxWqDx2UiVHSri9bJ7gsDqeG W4JEVlfu6yKohu26yNbI1C42Z9rp29OskjYyXSfQPvmR82pmf/JW8cf/rNOykEpu pj+pYv8TutNN2SaO5Dofwv8rOgpRQjsiM0tp1wyrs54adgw/IrS4UgyJ8S2xT/aD rRKmnLMOkQiEb89DRbJFZauWps9EYFQIZ11IAEi0GtzupW5FWIJbaZz445SUE+HY KWAUU0rNrYr4327I34ff7tpaqlUlazReVmkp0JGYA/2P5mjlzQcC4Q7a9A8Ezt1E pU6dlUrXzDLryrxFIz66yTpl+wtiGpVBH2EA7WImpnD6Mn2M5US5Must3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKK6WGdOXbjM8Fh63XjD0ZgOWlZBMB8GA1UdIwQY MBaAFDhm9zhQBdW+YQFyc4jhsycfZE3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUt ZTAxNWJmM2YzM2Q3LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My9iMDYxOTctNjhkMi00MjllLWFjZTUtZTAxNWJmM2YzM2Q3 LzEvT0diM09GQUYxYjVoQVhKemlPR3pKeDlrVGVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACIuOI+K5 T3ElGvyDZNudc/jN4i2KmZFxVnTwB+45F5q4+Iu1GtCPePAtNeCSJf81YXedyfno xBWAeP+hKXhJXk6gbs2G36sB68A1avOtv20lZ/pKZ6qe48jloWHNeUdjRuU9dTf4 +a1s1w91S9U3QmM408okgsyFicH+Syb1gCtVGD63SsBbT0IHOgOjcB1UAFtN1VGj sWFkBt/mHoW02/S13t4xfVH+ERZIgwRjpVzjuiA8QoA8mwDWCXApdQgUDgE5og3P gu8j7Ep+WJZ5a3NLL2iU6IPXUDUTjcloYUjicrJwOaGcsnJtI7OEgTVD+upaeDpG zW2eEtO+5LvZ8w== -----END CERTIFICATE-----Generated at Tue Jan 27 02:52:36 2026 by rpki-client