This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft File: ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json) Hash identifier: ZRTTbgef8f2hI2GtnjYmbLhiGhte6VYEH0N4tjeCC7I= Subject key identifier: A6:03:80:0A:60:01:5F:C7:00:13:3F:86:F7:7D:AE:FE:00:2B:6A:FD Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C Certificate issuer: /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Certificate serial: 019C4434CB55646955A69156B55579127501 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft Manifest number: 0643 Signing time: Mon 09 Feb 2026 21:00:36 +0000 Manifest this update: Mon 09 Feb 2026 21:00:36 +0000 Manifest next update: Tue 10 Feb 2026 21:00:36 +0000 Files and hashes: 1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: fs4kD+hKBfokiatirALYh+IN7eddBuisR9epJAJGA/w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:34:cb:55:64:69:55:a6:91:56:b5:55:79:12:75:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c Validity Not Before: Feb 9 21:00:36 2026 GMT Not After : Feb 10 21:00:36 2026 GMT Subject: CN=a603800a60015fc700133f86f77daefe002b6afd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:3c:97:6f:7c:10:7e:6d:03:3d:b1:5a:e9:40: f9:dc:12:63:4e:68:4d:2f:0b:7b:6d:a5:25:d8:e7: c3:84:bb:aa:2c:f7:81:70:ac:06:e3:85:d6:a3:9f: 08:c4:0e:50:9f:80:72:2d:4e:9f:4a:99:df:52:a8: 07:ef:57:f0:8c:5c:73:20:00:7c:d3:91:ab:30:50: fb:db:e1:08:66:79:0f:1a:3e:14:67:83:62:2c:51: 8f:0a:ec:c8:bd:16:37:89:74:f2:6f:b7:3f:98:d9: 37:44:43:9c:99:73:7b:b9:7f:03:f7:3c:6f:55:7d: 02:7a:fc:0f:fd:56:f6:37:a3:9f:f3:ef:31:fa:14: 7c:3c:0f:47:67:c3:88:f0:17:d3:56:33:61:a6:94: 04:ea:dd:17:66:c1:f9:e4:be:0f:78:77:7e:a8:42: 62:8e:8c:17:be:1e:e9:62:a4:4d:82:33:13:98:58: 8a:25:df:90:19:ae:b2:e9:37:22:7e:fb:b2:74:57: 50:eb:67:f7:ab:2d:82:66:ca:7c:d9:a2:2c:b6:c9: 2b:33:4a:89:8f:f3:ba:28:e5:d7:f8:39:14:9f:c1: 9d:1e:ac:2e:19:8f:7c:ec:24:c9:7c:39:d7:1e:e2: e9:10:9d:ef:14:27:52:89:82:f7:f1:c1:db:d4:c8: 07:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:03:80:0A:60:01:5F:C7:00:13:3F:86:F7:7D:AE:FE:00:2B:6A:FD X509v3 Authority Key Identifier: keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:50:9f:3c:98:36:02:6b:88:a6:c1:8d:3d:6e:98:d2:ca:66: 4a:46:94:c4:d0:bb:8d:c3:94:6f:b5:9d:0b:3d:b3:f1:af:c5: 89:37:10:43:89:9f:55:51:57:eb:20:48:cf:18:0d:76:cb:e7: 3a:09:bc:7c:81:5f:0c:81:4f:81:ea:0b:7a:50:9d:df:44:a5: bb:03:78:f7:b9:98:0f:ac:4e:3c:18:09:3e:d7:d3:0d:f8:e1: 8b:9a:c8:10:98:b9:96:37:fa:a7:fa:fc:42:f4:d7:b0:62:98: d8:93:36:b7:3c:6c:8c:66:51:13:94:bf:e4:e2:b3:78:d8:12: b3:1d:40:94:15:1f:b5:7a:74:2f:c2:77:96:8b:1d:27:46:a5: 0a:66:cc:6a:0a:42:a7:84:e0:6a:f0:71:f9:1c:11:d9:47:68: e5:6a:0a:e1:9c:78:3f:4f:cd:9b:3c:95:d9:1c:a3:5f:86:fd: d1:68:2f:9b:c3:ad:04:31:99:f0:ed:58:8a:70:52:3f:65:e8: 03:c7:ee:dc:23:5b:de:a0:ef:b7:ef:c4:de:b1:52:64:f9:45: 36:2b:1f:bd:c8:84:9b:58:58:c6:29:f1:19:80:03:ad:43:c2: ad:70:ae:28:8b:b5:6a:aa:ef:ac:b7:fc:89:e8:c5:61:39:47: 3f:13:44:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxENMtVZGlVppFWtVV5EnUBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm ZjUwOWMwHhcNMjYwMjA5MjEwMDM2WhcNMjYwMjEwMjEwMDM2WjAzMTEwLwYDVQQD EyhhNjAzODAwYTYwMDE1ZmM3MDAxMzNmODZmNzdkYWVmZTAwMmI2YWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jyXb3wQfm0DPbFa6UD53BJjTmhN Lwt7baUl2OfDhLuqLPeBcKwG44XWo58IxA5Qn4ByLU6fSpnfUqgH71fwjFxzIAB8 05GrMFD72+EIZnkPGj4UZ4NiLFGPCuzIvRY3iXTyb7c/mNk3REOcmXN7uX8D9zxv VX0CevwP/Vb2N6Of8+8x+hR8PA9HZ8OI8BfTVjNhppQE6t0XZsH55L4PeHd+qEJi jowXvh7pYqRNgjMTmFiKJd+QGa6y6TcifvuydFdQ62f3qy2CZsp82aIstskrM0qJ j/O6KOXX+DkUn8GdHqwuGY987CTJfDnXHuLpEJ3vFCdSiYL38cHb1MgHJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKYDgApgAV/HABM/hvd9rv4AK2r9MB8GA1UdIwQY MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAslCfPJg2 AmuIpsGNPW6Y0spmSkaUxNC7jcOUb7WdCz2z8a/FiTcQQ4mfVVFX6yBIzxgNdsvn Ogm8fIFfDIFPgeoLelCd30SluwN497mYD6xOPBgJPtfTDfjhi5rIEJi5ljf6p/r8 QvTXsGKY2JM2tzxsjGZRE5S/5OKzeNgSsx1AlBUftXp0L8J3losdJ0alCmbMagpC p4TgavBx+RwR2Udo5WoK4Zx4P0/NmzyV2RyjX4b90Wgvm8OtBDGZ8O1YinBSP2Xo A8fu3CNb3qDvt+/E3rFSZPlFNisfvciEm1hYxinxGYADrUPCrXCuKIu1aqrvrLf8 iejFYTlHPxNE0w== -----END CERTIFICATE-----Generated at Tue Feb 10 02:55:02 2026 by rpki-client