This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json) Hash identifier: GmBZOkuWVnwYruC/0PxHaIBRR/1OBZVlKn/f8EOPipY= Subject key identifier: 92:A1:A4:A1:BA:0D:93:F6:43:DC:2D:36:83:B6:88:A1:CC:0B:55:CC Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Certificate serial: 019BFA64A13886C9B625FC1A8C4FA1ED16BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft Manifest number: 089A Signing time: Mon 26 Jan 2026 13:00:57 +0000 Manifest this update: Mon 26 Jan 2026 13:00:57 +0000 Manifest next update: Tue 27 Jan 2026 13:00:57 +0000 Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: e5pfcZ/k3A+CgXbHPlHLdQv3n33tpP29T9lW4oa0LIg=) 2: KyIGNZFDdjiF9uvViG3nRW9Bmw8.roa (hash: DzYiLKcYFU2Q0VtZNwQkwth/5N+BuGWGx0hMS551gkc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:64:a1:38:86:c9:b6:25:fc:1a:8c:4f:a1:ed:16:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Validity Not Before: Jan 26 13:00:57 2026 GMT Not After : Jan 27 13:00:57 2026 GMT Subject: CN=92a1a4a1ba0d93f643dc2d3683b688a1cc0b55cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:5a:a6:6b:80:9c:e8:14:6a:86:59:c6:db:31: e4:3e:57:fb:a9:85:30:de:44:fb:95:a1:0d:66:83: 14:f9:ef:29:a0:a7:ef:39:52:45:fa:55:f5:12:09: 45:c1:a7:19:90:f7:75:f6:56:09:d9:a3:4f:d7:07: ca:a5:f6:d9:83:41:6a:2b:53:cc:fd:11:88:75:0a: 51:31:aa:e3:76:26:c4:cd:eb:8f:7b:c5:5a:1b:71: 19:e3:cd:87:a2:65:39:3d:92:a9:8a:bc:9d:c1:77: 79:76:17:cd:43:90:c2:1d:f3:75:19:01:b0:f1:be: 2b:7e:20:8c:51:1f:0e:60:02:af:dd:9a:c6:4d:3e: 54:f2:49:bc:09:0b:f7:9b:70:1b:90:27:1f:c7:b0: 40:ce:28:f4:aa:ca:0a:b0:1a:eb:58:94:8c:61:ac: f3:f8:96:b5:2a:09:bc:cf:37:1d:b4:7b:3f:5d:3e: db:59:35:a7:b7:df:d4:9e:a8:19:d6:f0:5c:5b:9a: d0:ad:50:a2:3c:1a:79:28:8c:a6:1e:94:6a:b4:c9: 85:2b:3f:e4:7e:99:78:ae:e4:6a:68:11:da:a3:46: b8:8f:e5:5c:77:20:88:e2:99:29:d6:3e:b0:16:9a: ff:b0:22:5e:87:a6:c0:ec:78:7f:25:b2:b8:26:ce: a6:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:A1:A4:A1:BA:0D:93:F6:43:DC:2D:36:83:B6:88:A1:CC:0B:55:CC X509v3 Authority Key Identifier: keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:42:ad:c4:58:2a:e2:a8:a8:9d:3f:04:76:27:ba:97:16:9b: 32:29:ef:ee:c3:44:30:1e:73:d0:35:85:e5:9e:42:79:d5:4f: 34:db:b4:9b:89:26:f9:b7:59:17:67:79:81:5d:e6:4d:db:a5: 96:cd:2d:f5:00:26:52:ab:be:37:83:a7:66:14:6f:5f:6c:74: 1d:e9:de:56:21:5d:dd:87:ea:b2:2f:3a:6d:7f:b0:50:68:40: 06:b0:b5:d1:57:fe:a6:76:5d:60:81:d1:39:ca:bd:cc:dd:55: 5b:a0:e2:d4:08:c5:58:dc:a3:99:92:d4:fd:9e:60:aa:cc:a1: 9d:29:77:c0:d3:81:dd:35:b1:44:31:92:3c:5d:3d:f7:71:06: 1e:91:e3:ba:a0:dd:c6:30:c9:e0:b4:ae:0a:d3:13:d6:8a:cd: 94:0e:58:18:ba:e3:d7:2c:51:51:a0:5b:d1:21:5e:15:87:b9: 5f:7a:09:27:6b:9b:8e:d3:13:e9:a0:e3:bb:19:90:f8:8f:fb: b7:f6:49:3a:55:82:6c:da:5c:77:a5:80:9c:d4:1c:15:4c:75: 0c:c9:a0:36:e9:5e:74:29:40:ba:31:10:fa:fb:37:c2:f0:56: e0:8a:37:97:d6:2e:e7:c8:87:91:2d:30:15:69:1e:8a:81:21: ef:7b:cf:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6ZKE4hsm2JfwajE+h7Ra/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw NWNkYjIwHhcNMjYwMTI2MTMwMDU3WhcNMjYwMTI3MTMwMDU3WjAzMTEwLwYDVQQD Eyg5MmExYTRhMWJhMGQ5M2Y2NDNkYzJkMzY4M2I2ODhhMWNjMGI1NWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplqma4Cc6BRqhlnG2zHkPlf7qYUw 3kT7laENZoMU+e8poKfvOVJF+lX1EglFwacZkPd19lYJ2aNP1wfKpfbZg0FqK1PM /RGIdQpRMarjdibEzeuPe8VaG3EZ482HomU5PZKpirydwXd5dhfNQ5DCHfN1GQGw 8b4rfiCMUR8OYAKv3ZrGTT5U8km8CQv3m3AbkCcfx7BAzij0qsoKsBrrWJSMYazz +Ja1Kgm8zzcdtHs/XT7bWTWnt9/UnqgZ1vBcW5rQrVCiPBp5KIymHpRqtMmFKz/k fpl4ruRqaBHao0a4j+VcdyCI4pkp1j6wFpr/sCJeh6bA7Hh/JbK4Js6mTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJKhpKG6DZP2Q9wtNoO2iKHMC1XMMB8GA1UdIwQY MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkUKtxFgq 4qionT8Edie6lxabMinv7sNEMB5z0DWF5Z5CedVPNNu0m4km+bdZF2d5gV3mTdul ls0t9QAmUqu+N4OnZhRvX2x0HeneViFd3Yfqsi86bX+wUGhABrC10Vf+pnZdYIHR Ocq9zN1VW6Di1AjFWNyjmZLU/Z5gqsyhnSl3wNOB3TWxRDGSPF0993EGHpHjuqDd xjDJ4LSuCtMT1orNlA5YGLrj1yxRUaBb0SFeFYe5X3oJJ2ubjtMT6aDjuxmQ+I/7 t/ZJOlWCbNpcd6WAnNQcFUx1DMmgNuledClAujEQ+vs3wvBW4Io3l9Yu58iHkS0w FWkeioEh73vPiQ== -----END CERTIFICATE-----Generated at Mon Jan 26 18:23:14 2026 by rpki-client