This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft File: OkjgM962SsQkPHLOiZ1Tgi32mW0.mft (raw, json) Hash identifier: ikOnrqOonIszi822XdFsN8JJ3jX1EQexJ7OA7702jwE= Subject key identifier: 14:48:3C:31:35:FC:3B:FE:D7:BD:B1:16:EB:85:9D:0B:6F:50:9A:0D Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d Certificate serial: 019C4246181D70FCDF0332CAC9E5B9D261F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft Manifest number: 17A2 Signing time: Mon 09 Feb 2026 12:00:15 +0000 Manifest this update: Mon 09 Feb 2026 12:00:15 +0000 Manifest next update: Tue 10 Feb 2026 12:00:15 +0000 Files and hashes: 1: OkjgM962SsQkPHLOiZ1Tgi32mW0.crl (hash: DhyJCc4Pn2Njj6A+F40RVqQllLGpj05OuGafpcoHGHA=) 2: hAyoLpCra0kpXCEB9YIPKEmLRzU.roa (hash: L8pQSdo6sZNnsGCjKX/I+wB7KeoUwSik66sYCeRu7Vs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:18:1d:70:fc:df:03:32:ca:c9:e5:b9:d2:61:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d Validity Not Before: Feb 9 12:00:15 2026 GMT Not After : Feb 10 12:00:15 2026 GMT Subject: CN=14483c3135fc3bfed7bdb116eb859d0b6f509a0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:89:ce:30:87:ca:70:d8:c6:b1:5e:7f:ee:ef: e2:20:02:40:8c:48:40:54:fa:82:fd:22:03:63:e1: c7:7a:8a:56:0c:77:aa:0f:fc:df:5e:1f:00:1e:79: 0f:dd:7e:85:85:f6:c3:4e:19:e4:69:e0:33:b8:e0: 74:63:76:1d:c1:80:9a:6d:f8:0d:86:d3:46:2b:6a: 83:c2:f1:e4:1e:12:f9:f4:58:7c:ad:0d:3a:32:4f: 38:5f:60:b7:39:11:2a:fb:f9:d1:22:df:f4:b9:22: 62:b9:91:f1:73:4e:ef:15:f7:bb:88:89:45:7c:72: df:2a:34:b6:db:76:5d:0a:da:5e:28:e2:c3:56:e7: 51:74:12:02:b4:f4:c9:10:b8:be:99:93:2d:8d:21: 73:0a:6c:4b:ee:d3:69:0e:7a:bb:8e:a8:7d:ed:f4: a9:04:18:30:ce:06:73:13:a4:28:18:32:54:aa:ec: 75:66:d3:20:90:75:00:a2:b5:4f:fe:ea:a0:57:d6: 8d:b5:ae:33:7f:62:44:57:4f:a6:0c:84:83:18:88: 54:44:2d:9f:77:8e:e6:a3:c6:7e:09:46:8c:1a:ac: fc:e9:b7:95:e6:40:32:b5:8f:09:56:0b:c9:61:4b: 0d:ef:9e:1c:8b:03:40:b0:cf:9e:06:c9:76:c7:c5: 1b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:48:3C:31:35:FC:3B:FE:D7:BD:B1:16:EB:85:9D:0B:6F:50:9A:0D X509v3 Authority Key Identifier: keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:32:b2:b0:46:4b:88:5c:32:50:fd:c9:31:52:53:16:a5:e9: 3f:dd:03:ca:d1:31:b9:73:3c:83:88:25:1c:09:cf:a4:ad:a3: 1a:36:cd:a0:41:f1:95:66:5b:10:aa:1d:e4:62:a0:04:fb:76: 86:5b:6e:24:1d:91:56:9b:17:52:50:de:4f:b8:b9:11:f5:c8: bd:5e:31:71:ae:84:d6:3f:c3:ea:8c:5a:86:8d:76:83:76:bb: 05:54:a4:be:28:5e:2c:6b:03:92:97:ef:8d:01:a4:3b:b9:84: 9b:f6:88:94:fb:e7:28:13:24:fa:c5:97:0c:cc:4d:52:05:a3: a1:25:6b:2a:3a:60:49:f7:f6:ab:71:5b:fd:8f:0d:83:f6:56: e5:86:0c:a0:50:ec:cf:d2:36:02:9a:b1:e7:7d:bc:6c:2c:c0: 97:a3:76:65:0c:5b:2c:a9:01:9e:d5:a1:54:3a:a0:7d:5d:ef: 7b:e5:69:ac:34:24:66:95:b3:c7:12:93:c9:e6:8f:ad:d2:fc: b5:01:e9:73:62:b6:38:43:ee:0a:4f:2f:e4:8b:1e:cc:41:6c: 52:b4:2f:09:07:58:06:98:e2:fb:fa:d3:bf:dd:63:ee:04:a1: fb:13:56:d9:1c:04:09:29:f5:d9:e3:94:9f:bd:41:8f:85:44: b3:42:ef:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRhgdcPzfAzLKyeW50mH1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm Njk5NmQwHhcNMjYwMjA5MTIwMDE1WhcNMjYwMjEwMTIwMDE1WjAzMTEwLwYDVQQD EygxNDQ4M2MzMTM1ZmMzYmZlZDdiZGIxMTZlYjg1OWQwYjZmNTA5YTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAponOMIfKcNjGsV5/7u/iIAJAjEhA VPqC/SIDY+HHeopWDHeqD/zfXh8AHnkP3X6FhfbDThnkaeAzuOB0Y3YdwYCabfgN htNGK2qDwvHkHhL59Fh8rQ06Mk84X2C3OREq+/nRIt/0uSJiuZHxc07vFfe7iIlF fHLfKjS223ZdCtpeKOLDVudRdBICtPTJELi+mZMtjSFzCmxL7tNpDnq7jqh97fSp BBgwzgZzE6QoGDJUqux1ZtMgkHUAorVP/uqgV9aNta4zf2JEV0+mDISDGIhURC2f d47mo8Z+CUaMGqz86beV5kAytY8JVgvJYUsN754ciwNAsM+eBsl2x8UbzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBRIPDE1/Dv+172xFuuFnQtvUJoNMB8GA1UdIwQY MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt YzUzMjFkYzllNjRiLzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzKysEZL iFwyUP3JMVJTFqXpP90DytExuXM8g4glHAnPpK2jGjbNoEHxlWZbEKod5GKgBPt2 hltuJB2RVpsXUlDeT7i5EfXIvV4xca6E1j/D6oxaho12g3a7BVSkviheLGsDkpfv jQGkO7mEm/aIlPvnKBMk+sWXDMxNUgWjoSVrKjpgSff2q3Fb/Y8Ng/ZW5YYMoFDs z9I2Apqx5328bCzAl6N2ZQxbLKkBntWhVDqgfV3ve+VprDQkZpWzxxKTyeaPrdL8 tQHpc2K2OEPuCk8v5IsezEFsUrQvCQdYBpji+/rTv91j7gSh+xNW2RwECSn12eOU n71Bj4VEs0LvoA== -----END CERTIFICATE-----Generated at Mon Feb 9 22:43:21 2026 by rpki-client