This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft File: oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft (raw, json) Hash identifier: pKyaW3NW/aCnymskEAt550gtlqLVApU3mjKnECEGimI= Subject key identifier: F2:4F:FD:48:2B:25:B8:BF:33:BC:5A:AC:3C:72:9D:2E:91:17:C4:E4 Authority key identifier: A0:A2:2F:CB:54:A0:91:D6:91:3F:FE:9F:AF:B9:83:C5:7A:4A:C2:2C Certificate issuer: /CN=a0a22fcb54a091d6913ffe9fafb983c57a4ac22c Certificate serial: 019BFCF78DB2458A8AE34C050502B4063F90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft Manifest number: 0941 Signing time: Tue 27 Jan 2026 01:00:40 +0000 Manifest this update: Tue 27 Jan 2026 01:00:40 +0000 Manifest next update: Wed 28 Jan 2026 01:00:40 +0000 Files and hashes: 1: Mob9EPRgvBzo4H6hbqTT2HdD3JA.roa (hash: kvdg8wCS9egZQzAgHG4zTvTOgP+Bu8A9k8hcSeFomOA=) 2: oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl (hash: K1aN6VcMoXqMcs5XmL7ymozO2jET2dnU2QmrFNNjlAU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:f7:8d:b2:45:8a:8a:e3:4c:05:05:02:b4:06:3f:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0a22fcb54a091d6913ffe9fafb983c57a4ac22c Validity Not Before: Jan 27 01:00:40 2026 GMT Not After : Jan 28 01:00:40 2026 GMT Subject: CN=f24ffd482b25b8bf33bc5aac3c729d2e9117c4e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:b8:05:0a:7b:83:95:8a:c6:35:ff:fb:78:28: 62:12:19:08:ea:4a:b2:e6:66:79:8f:c3:9e:7d:ec: ff:08:02:c2:60:2f:00:c8:89:51:35:ae:de:02:46: 66:ac:eb:7c:f6:1e:62:0e:13:06:6e:5f:66:d9:b5: 83:62:bd:90:db:93:da:c8:f8:1e:11:c9:03:00:c0: 24:a8:8d:ca:e2:fb:1c:a9:67:f9:30:92:74:9b:b2: f7:bc:18:ad:b6:d4:3c:b2:9b:85:33:7f:bc:ac:8f: 8f:73:00:b7:1c:c6:1a:20:53:59:82:b0:fe:c2:2e: c5:57:58:2f:d0:a9:9c:56:58:d9:d2:e4:12:f3:6e: c2:f0:38:6e:45:9a:7a:e3:c3:91:42:36:83:b4:fc: 03:67:35:81:c9:1e:53:ff:e7:8e:94:f9:68:79:c5: d1:68:43:95:8c:55:a0:0c:01:87:5d:86:96:88:27: 93:63:bc:c7:11:80:84:73:39:3c:ef:e5:a1:95:59: 25:08:5a:81:00:72:b7:c9:3d:89:84:0d:74:d2:03: 13:23:da:b1:f6:eb:45:62:bb:50:80:9f:0e:9d:b6: 28:4d:ad:8b:5d:9d:76:58:af:67:6f:03:af:32:c7: ad:a9:22:51:85:c4:2d:85:63:71:9a:09:36:65:c5: bc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:4F:FD:48:2B:25:B8:BF:33:BC:5A:AC:3C:72:9D:2E:91:17:C4:E4 X509v3 Authority Key Identifier: keyid:A0:A2:2F:CB:54:A0:91:D6:91:3F:FE:9F:AF:B9:83:C5:7A:4A:C2:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKIvy1SgkdaRP_6fr7mDxXpKwiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/df3b30-1ba9-4c4b-aa0c-f927e582ebf9/1/oKIvy1SgkdaRP_6fr7mDxXpKwiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:8e:07:b0:80:12:3b:10:55:b9:8c:6e:32:fa:62:5d:80:7a: cd:2f:dc:01:e7:78:c9:69:06:28:92:a7:2f:dd:18:13:cf:23: 8d:44:2d:67:57:1e:3a:e6:0f:f8:f9:e8:77:71:c1:72:59:65: 84:43:08:b6:f4:75:19:90:82:3b:18:c7:3f:73:cb:9f:88:6c: cb:2f:a0:d1:b6:46:02:29:92:1f:24:d8:d9:61:9a:35:b2:3f: 19:c6:5e:f8:a2:07:04:d2:ab:6a:13:87:99:31:af:06:ec:a0: 89:f3:6b:4f:3b:30:d1:1b:dd:81:fe:5d:90:54:df:a2:be:1e: 5d:f2:8d:d8:81:9b:7b:10:30:2a:87:81:65:cb:6a:78:35:e7: e1:a1:19:40:b3:09:96:6c:8c:2d:53:b1:37:1d:e6:56:42:b8: 87:3c:72:22:50:3e:48:d1:b9:0b:06:fd:f7:c6:4d:ce:6e:ea: 8e:3f:27:eb:92:bc:fb:f8:79:26:d1:f7:f5:a5:ab:0f:73:a7: 03:78:0c:13:d4:45:f9:53:95:d1:d1:cc:76:a1:a3:91:05:cb: c3:44:b7:d6:91:c3:d4:35:6a:84:f8:cc:d4:7f:fe:e2:a5:d2: c2:67:8f:89:31:7e:79:b4:db:6f:6f:84:1a:4c:99:7b:30:6d: 7a:2a:51:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8942yRYqK40wFBQK0Bj+QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYTIyZmNiNTRhMDkxZDY5MTNmZmU5ZmFmYjk4M2M1N2E0 YWMyMmMwHhcNMjYwMTI3MDEwMDQwWhcNMjYwMTI4MDEwMDQwWjAzMTEwLwYDVQQD EyhmMjRmZmQ0ODJiMjViOGJmMzNiYzVhYWMzYzcyOWQyZTkxMTdjNGU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57gFCnuDlYrGNf/7eChiEhkI6kqy 5mZ5j8Oefez/CALCYC8AyIlRNa7eAkZmrOt89h5iDhMGbl9m2bWDYr2Q25PayPge EckDAMAkqI3K4vscqWf5MJJ0m7L3vBitttQ8spuFM3+8rI+PcwC3HMYaIFNZgrD+ wi7FV1gv0KmcVljZ0uQS827C8DhuRZp648ORQjaDtPwDZzWByR5T/+eOlPloecXR aEOVjFWgDAGHXYaWiCeTY7zHEYCEczk87+WhlVklCFqBAHK3yT2JhA100gMTI9qx 9utFYrtQgJ8OnbYoTa2LXZ12WK9nbwOvMsetqSJRhcQthWNxmgk2ZcW8twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJP/UgrJbi/M7xarDxynS6RF8TkMB8GA1UdIwQY MBaAFKCiL8tUoJHWkT/+n6+5g8V6SsIsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kZjNiMzAtMWJhOS00YzRiLWFhMGMt ZjkyN2U1ODJlYmY5LzEvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9kZjNiMzAtMWJhOS00YzRiLWFhMGMtZjkyN2U1ODJlYmY5 LzEvb0tJdnkxU2drZGFSUF82ZnI3bUR4WHBLd2l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMY4HsIAS OxBVuYxuMvpiXYB6zS/cAed4yWkGKJKnL90YE88jjUQtZ1ceOuYP+Pnod3HBclll hEMItvR1GZCCOxjHP3PLn4hsyy+g0bZGAimSHyTY2WGaNbI/GcZe+KIHBNKrahOH mTGvBuygifNrTzsw0Rvdgf5dkFTfor4eXfKN2IGbexAwKoeBZctqeDXn4aEZQLMJ lmyMLVOxNx3mVkK4hzxyIlA+SNG5Cwb998ZNzm7qjj8n65K8+/h5JtH39aWrD3On A3gME9RF+VOV0dHMdqGjkQXLw0S31pHD1DVqhPjM1H/+4qXSwmePiTF+ebTbb2+E GkyZezBteipRmg== -----END CERTIFICATE-----Generated at Tue Jan 27 04:17:04 2026 by rpki-client