This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft File: OpNtLymObP1WYEVz0e-eDoKZtSk.mft (raw, json) Hash identifier: TBi0G8raRGcboM528d4he+/ZnnRl2RRu269M9TRnImQ= Subject key identifier: 4B:96:CE:E4:F6:EE:A6:5B:90:FC:9A:87:C0:C5:8D:E4:60:99:C0:65 Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Certificate serial: 019BFE4158A65A3BB24C675B41978687D92E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft Manifest number: 10B1 Signing time: Tue 27 Jan 2026 07:00:53 +0000 Manifest this update: Tue 27 Jan 2026 07:00:53 +0000 Manifest next update: Wed 28 Jan 2026 07:00:53 +0000 Files and hashes: 1: OpNtLymObP1WYEVz0e-eDoKZtSk.crl (hash: k+G7CXXS9OmCodE4gzlThNx/g2sxH1Z4S4CTjLaKYco=) 2: e4qPjYtVZNjFgNgoQb6aifisJTs.roa (hash: 1M+oNLSG3cS6v1C1UyKbtqc0oXSkYgVWMgvB/761VUE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 07:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fe:41:58:a6:5a:3b:b2:4c:67:5b:41:97:86:87:d9:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529 Validity Not Before: Jan 27 07:00:53 2026 GMT Not After : Jan 28 07:00:53 2026 GMT Subject: CN=4b96cee4f6eea65b90fc9a87c0c58de46099c065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:09:a2:9d:22:91:62:3c:f0:5d:b2:2e:4a:61: f0:d3:be:b4:b1:a2:4b:d7:a5:1c:ba:36:c5:05:8a: 7f:90:5b:1d:2c:56:2d:08:86:dc:72:53:13:25:79: d5:de:0d:81:b4:bc:5d:61:06:2a:1a:85:53:a1:63: b3:65:f6:dd:69:42:04:c2:82:95:d6:df:38:f8:96: a8:83:04:a6:c1:a8:88:e4:20:3c:d1:73:8f:e4:66: fe:54:b1:e3:96:48:9f:bc:5a:4e:b0:56:22:56:b7: 06:4a:44:88:dc:61:a0:4c:a4:ab:f7:b5:b1:27:eb: 52:96:39:e5:ad:74:ec:4b:3e:e8:6c:a7:d4:30:b3: 4a:63:64:1c:47:22:26:71:20:f9:80:70:a6:b4:58: 35:6d:7e:74:62:79:b5:ab:ea:ba:58:34:8d:70:b0: 93:b0:0a:79:38:ae:9d:c5:80:c3:33:6a:9f:ba:1d: b0:20:3e:c6:8e:6d:75:5e:32:e4:e4:c8:5c:40:3f: fa:83:ac:f6:4d:eb:71:1b:89:02:a0:35:37:b7:2c: 62:5d:e1:66:01:7e:8e:1d:01:9a:85:93:8a:8f:32: 2d:fc:e8:b2:b3:33:44:93:d5:7d:67:02:28:06:30: 02:94:0b:56:46:56:d4:aa:99:77:f8:8e:24:0a:2d: a7:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:96:CE:E4:F6:EE:A6:5B:90:FC:9A:87:C0:C5:8D:E4:60:99:C0:65 X509v3 Authority Key Identifier: keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:a6:a6:8d:ee:31:29:31:d7:7b:fc:5b:e5:1c:44:65:56:70: ac:92:a0:b7:e0:ab:64:6b:88:ab:0b:65:a9:9d:ec:a6:ef:38: 91:03:f0:7f:10:20:00:e9:1a:59:da:a8:58:05:85:4f:a2:5f: a4:22:8b:ee:61:1e:8c:89:35:1d:69:27:87:6a:c9:69:7b:33: cf:fd:cd:cc:1b:f8:8f:4b:b6:ab:08:04:66:8b:c7:61:db:22: 2e:c1:55:be:8f:7d:87:83:26:d3:84:1f:a0:97:dd:7d:f2:ea: b6:7e:de:ff:64:d5:1a:76:f0:23:ea:6f:07:93:77:67:91:ff: 83:82:33:a5:04:a2:4f:89:42:23:ec:25:24:35:f3:76:d9:70: d7:42:2b:6d:62:55:12:bc:07:23:a2:3c:23:46:94:c6:13:d3: 71:72:8c:34:42:ef:24:f8:03:1e:3e:8d:15:ca:16:6d:ba:b2: 0c:4a:b8:0d:1f:4c:7d:16:5f:5a:e5:cd:9e:35:9d:ff:ec:90: 62:4a:9a:2b:e3:a6:47:cf:7b:48:74:7c:e1:20:8c:b8:e7:78: e5:e3:d1:9f:55:08:f4:d7:e3:af:c6:e5:f5:1b:8a:c3:d5:e5: 8c:b9:66:9f:f8:0d:5a:db:f8:aa:a2:57:09:18:5c:8b:42:09: 2a:3b:84:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv+QVimWjuyTGdbQZeGh9kuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5 OWI1MjkwHhcNMjYwMTI3MDcwMDUzWhcNMjYwMTI4MDcwMDUzWjAzMTEwLwYDVQQD Eyg0Yjk2Y2VlNGY2ZWVhNjViOTBmYzlhODdjMGM1OGRlNDYwOTljMDY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgminSKRYjzwXbIuSmHw0760saJL 16UcujbFBYp/kFsdLFYtCIbcclMTJXnV3g2BtLxdYQYqGoVToWOzZfbdaUIEwoKV 1t84+JaogwSmwaiI5CA80XOP5Gb+VLHjlkifvFpOsFYiVrcGSkSI3GGgTKSr97Wx J+tSljnlrXTsSz7obKfUMLNKY2QcRyImcSD5gHCmtFg1bX50Ynm1q+q6WDSNcLCT sAp5OK6dxYDDM2qfuh2wID7Gjm11XjLk5MhcQD/6g6z2TetxG4kCoDU3tyxiXeFm AX6OHQGahZOKjzIt/OiyszNEk9V9ZwIoBjAClAtWRlbUqpl3+I4kCi2nTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEuWzuT27qZbkPyah8DFjeRgmcBlMB8GA1UdIwQY MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt YjVmOGVjMGFhZDdjLzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOaamje4x KTHXe/xb5RxEZVZwrJKgt+CrZGuIqwtlqZ3spu84kQPwfxAgAOkaWdqoWAWFT6Jf pCKL7mEejIk1HWknh2rJaXszz/3NzBv4j0u2qwgEZovHYdsiLsFVvo99h4Mm04Qf oJfdffLqtn7e/2TVGnbwI+pvB5N3Z5H/g4IzpQSiT4lCI+wlJDXzdtlw10IrbWJV ErwHI6I8I0aUxhPTcXKMNELvJPgDHj6NFcoWbbqyDEq4DR9MfRZfWuXNnjWd/+yQ YkqaK+OmR897SHR84SCMuOd45ePRn1UI9Nfjr8bl9RuKw9XljLlmn/gNWtv4qqJX CRhci0IJKjuE9w== -----END CERTIFICATE-----Generated at Tue Jan 27 12:49:02 2026 by rpki-client