This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft File: OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json) Hash identifier: FF+KjJXcpAQaguHiK0c5a2JW03oyOR+TYIiZ6o4TjD4= Subject key identifier: D7:20:50:BB:20:3A:EE:DE:D9:9B:D5:8B:FE:86:89:00:37:74:68:7D Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B Certificate issuer: /CN=382ad906d719a66a85a313d105294002cb657f7b Certificate serial: 019C43FD9419DCD603DA8FD164B8DEC6527A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft Manifest number: 03F1 Signing time: Mon 09 Feb 2026 20:00:17 +0000 Manifest this update: Mon 09 Feb 2026 20:00:17 +0000 Manifest next update: Tue 10 Feb 2026 20:00:17 +0000 Files and hashes: 1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: SS9ccRkehUzPqehNpSdEf+XsDSeUdct6oKpdSg8hr6U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fd:94:19:dc:d6:03:da:8f:d1:64:b8:de:c6:52:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b Validity Not Before: Feb 9 20:00:17 2026 GMT Not After : Feb 10 20:00:17 2026 GMT Subject: CN=d72050bb203aeeded99bd58bfe8689003774687d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c0:22:21:15:88:87:d5:eb:d3:43:37:4c:3f: 12:82:09:1f:70:f2:fa:32:d8:70:49:79:a5:25:38: d0:7d:d0:98:c1:aa:1d:a0:bf:cf:c3:e3:03:6c:5e: e0:d8:28:7f:f1:9d:90:da:18:a6:b7:17:31:9f:ac: 42:4f:75:d4:6f:59:2d:6e:32:fc:27:5b:02:14:f0: 77:7c:e3:97:ef:ad:c4:1f:a4:78:33:b9:0c:00:9b: 57:df:b8:f6:67:26:50:59:1e:73:de:cd:4c:74:08: c9:3e:cc:35:ac:c5:20:0c:f2:6d:55:6b:1e:da:9d: 76:94:0b:01:31:1a:a3:eb:ed:6a:8d:7d:6d:bf:67: 71:34:32:1e:d8:95:5d:c9:76:01:ca:e6:ec:88:78: ef:9f:ac:ae:8d:e8:e9:52:91:bb:52:83:f6:08:8d: 59:67:8d:0b:40:6a:c6:39:74:42:af:96:9a:36:e2: 28:a6:80:91:24:c8:25:76:ab:62:ce:45:ee:b0:d5: 6e:9f:5b:e3:95:ed:59:c1:55:82:2c:a7:b0:d6:98: aa:86:47:69:cc:72:1f:ac:6e:55:a9:62:3a:e9:f4: aa:4c:9b:6b:2b:1c:a0:9b:c6:48:e9:9f:aa:ff:84: 5b:80:28:15:0f:f1:7e:37:c0:19:2c:bc:7d:45:d5: bb:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:20:50:BB:20:3A:EE:DE:D9:9B:D5:8B:FE:86:89:00:37:74:68:7D X509v3 Authority Key Identifier: keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:87:14:0f:06:4e:b5:c1:64:82:25:97:99:45:53:b1:5f:87: e3:e1:0e:12:0f:17:2c:b5:a7:74:6e:0f:83:77:5c:65:49:39: bb:1d:60:fa:32:94:d4:ef:de:70:42:87:1a:da:5a:57:56:65: 97:3c:08:fd:36:2f:ab:f2:27:ea:37:e8:c7:ce:77:93:ed:a7: e4:a1:44:90:aa:36:c2:e8:6d:18:95:2f:02:25:4b:ce:f6:38: 97:75:63:d8:73:3a:a5:f6:c3:7e:8a:8f:e3:9c:ba:ba:0e:78: 69:f0:d9:fe:aa:ad:e6:4f:85:ca:41:0f:74:61:2f:1f:bb:83: e4:46:3f:db:22:ab:53:99:4b:83:a4:4f:33:f3:32:93:fb:fa: 08:c8:8e:ec:d5:87:7f:b1:77:4c:9e:53:91:65:eb:82:5b:bb: 1b:5c:dc:8d:4a:3b:68:0f:18:15:e6:dc:e6:64:f9:27:c7:ee: 71:25:58:1a:fa:e1:a3:a1:98:c0:51:de:51:d3:c6:ea:46:2c: 07:62:87:9b:e3:ab:28:fe:fd:df:19:43:c1:e7:31:eb:76:3d: 58:bd:20:c4:5b:8c:a2:b8:08:41:b5:a3:bb:12:a7:99:fd:e5: 57:58:0c:60:ad:24:d2:1f:87:2c:1b:e0:7c:97:7a:f3:59:c4: 26:9a:21:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/ZQZ3NYD2o/RZLjexlJ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2 NTdmN2IwHhcNMjYwMjA5MjAwMDE3WhcNMjYwMjEwMjAwMDE3WjAzMTEwLwYDVQQD EyhkNzIwNTBiYjIwM2FlZWRlZDk5YmQ1OGJmZTg2ODkwMDM3NzQ2ODdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMAiIRWIh9Xr00M3TD8SggkfcPL6 MthwSXmlJTjQfdCYwaodoL/Pw+MDbF7g2Ch/8Z2Q2himtxcxn6xCT3XUb1ktbjL8 J1sCFPB3fOOX763EH6R4M7kMAJtX37j2ZyZQWR5z3s1MdAjJPsw1rMUgDPJtVWse 2p12lAsBMRqj6+1qjX1tv2dxNDIe2JVdyXYByubsiHjvn6yujejpUpG7UoP2CI1Z Z40LQGrGOXRCr5aaNuIopoCRJMgldqtizkXusNVun1vjle1ZwVWCLKew1piqhkdp zHIfrG5VqWI66fSqTJtrKxygm8ZI6Z+q/4RbgCgVD/F+N8AZLLx9RdW79QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNcgULsgOu7e2ZvVi/6GiQA3dGh9MB8GA1UdIwQY MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFocUDwZO tcFkgiWXmUVTsV+H4+EOEg8XLLWndG4Pg3dcZUk5ux1g+jKU1O/ecEKHGtpaV1Zl lzwI/TYvq/In6jfox853k+2n5KFEkKo2wuhtGJUvAiVLzvY4l3Vj2HM6pfbDfoqP 45y6ug54afDZ/qqt5k+FykEPdGEvH7uD5EY/2yKrU5lLg6RPM/Myk/v6CMiO7NWH f7F3TJ5TkWXrglu7G1zcjUo7aA8YFebc5mT5J8fucSVYGvrho6GYwFHeUdPG6kYs B2KHm+OrKP793xlDwecx63Y9WL0gxFuMorgIQbWjuxKnmf3lV1gMYK0k0h+HLBvg fJd681nEJpohoA== -----END CERTIFICATE-----Generated at Tue Feb 10 01:45:15 2026 by rpki-client