This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.mft File: ohdDGM-v51Xxg6l_t7lXq-71Pzc.mft (raw, json) Hash identifier: uXFwYLP0oULIgnLZf15EYKyixIm+tkQUmElucdh9IWE= Subject key identifier: 17:CA:33:AB:2D:39:B6:D1:BC:F2:05:A9:1B:FC:1E:52:7C:AD:CE:5F Authority key identifier: A2:17:43:18:CF:AF:E7:55:F1:83:A9:7F:B7:B9:57:AB:EE:F5:3F:37 Certificate issuer: /CN=a2174318cfafe755f183a97fb7b957abeef53f37 Certificate serial: 019C42103076D8E3592F81FCF2ECA8848D98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ohdDGM-v51Xxg6l_t7lXq-71Pzc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.mft Manifest number: 03 Signing time: Mon 09 Feb 2026 11:01:23 +0000 Manifest this update: Mon 09 Feb 2026 11:01:23 +0000 Manifest next update: Tue 10 Feb 2026 11:01:23 +0000 Files and hashes: 1: ohdDGM-v51Xxg6l_t7lXq-71Pzc.crl (hash: wkutnYPdZg4PFNjPto6L/kW9lN23jYxscZBc0CY/i3M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.mft rsync://rpki.ripe.net/repository/DEFAULT/ohdDGM-v51Xxg6l_t7lXq-71Pzc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:10:30:76:d8:e3:59:2f:81:fc:f2:ec:a8:84:8d:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2174318cfafe755f183a97fb7b957abeef53f37 Validity Not Before: Feb 9 11:01:23 2026 GMT Not After : Feb 10 11:01:23 2026 GMT Subject: CN=17ca33ab2d39b6d1bcf205a91bfc1e527cadce5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:08:bf:e6:8a:12:47:92:fc:a7:d8:dd:d0:43: 19:b5:f4:6f:34:b2:82:51:46:5e:d7:7c:3f:eb:af: e0:43:de:d8:bb:db:c5:40:38:9e:ea:10:ed:2a:86: 69:76:06:3e:ac:04:d9:dc:66:92:20:5a:26:06:a3: 61:37:53:91:cf:9a:af:cb:35:10:30:8e:cc:0e:a1: 9d:79:28:08:b4:a9:9e:b3:de:3e:32:24:9d:63:85: c6:0d:e0:c5:f3:2b:5a:97:42:cf:fd:cf:46:cf:9b: 50:33:fa:a2:10:5c:ad:8b:60:0c:f3:f2:61:b2:3e: f3:4a:2e:7d:ef:fb:05:d5:7d:99:ea:07:73:88:c8: 82:36:8f:34:ac:22:1e:3b:21:75:b7:59:55:05:a3: d8:4f:96:14:d3:42:8e:33:fe:7a:2e:21:cb:54:ae: 8c:5b:16:b3:6f:60:10:7b:0c:fa:51:23:d3:5f:76: 66:50:fc:9c:c1:6d:de:f7:78:40:75:0b:2d:2b:24: d1:25:eb:56:28:7d:63:d0:b4:ac:c8:1c:df:77:6d: 90:89:ab:8d:17:01:e3:57:dc:d3:12:d8:4b:52:ab: 64:0d:4f:c9:8e:38:a2:13:55:a9:94:bb:56:8e:ed: 85:8b:ff:04:53:05:07:69:c0:a1:ed:4f:45:48:ba: 60:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:CA:33:AB:2D:39:B6:D1:BC:F2:05:A9:1B:FC:1E:52:7C:AD:CE:5F X509v3 Authority Key Identifier: keyid:A2:17:43:18:CF:AF:E7:55:F1:83:A9:7F:B7:B9:57:AB:EE:F5:3F:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ohdDGM-v51Xxg6l_t7lXq-71Pzc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3d9af9-0829-411b-b76e-e26567f2aee1/1/ohdDGM-v51Xxg6l_t7lXq-71Pzc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:7a:fd:c7:37:fd:4e:0d:b6:5f:51:fc:1e:f6:04:fc:ad:79: 48:eb:b2:39:38:36:60:f0:cf:75:9b:1e:ff:73:ca:23:a5:15: 0e:b1:6a:48:57:92:7e:85:aa:f0:f0:4a:6b:ec:78:de:fa:2b: 80:a3:88:89:7f:1e:6a:33:a8:cc:fd:b5:07:8a:7f:1d:e4:50: c0:c5:b4:a8:55:a2:c7:79:ed:18:91:10:0e:68:ac:21:ad:72: b0:39:86:ab:45:31:16:df:31:ca:53:8e:49:bc:e9:41:7d:0d: 0f:6e:07:30:d6:a8:41:f9:6d:3b:72:12:0f:8a:67:51:fe:3d: 7b:75:d2:65:29:dc:98:29:0c:ac:01:d1:a9:83:c4:cd:e5:6b: 92:6f:ac:22:10:14:2c:75:d6:31:d4:62:37:a2:28:ac:54:06: ab:a0:89:0a:2a:90:7d:7c:c5:3f:ac:44:f3:ad:81:21:55:1a: 7f:29:38:e6:f3:55:d5:27:37:02:1b:15:d1:30:35:2e:3e:e1: f8:3e:2d:9f:54:f1:29:76:ca:01:ac:7e:a6:02:5c:c5:08:0c: 7e:1a:4a:11:8d:b8:4d:52:8f:e0:00:69:19:de:0e:66:f0:3f: 84:c5:47:03:2a:95:c5:ed:b5:ef:3d:4e:4c:05:45:8a:41:5b: 82:af:dc:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCEDB22ONZL4H88uyohI2YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMTc0MzE4Y2ZhZmU3NTVmMTgzYTk3ZmI3Yjk1N2FiZWVm NTNmMzcwHhcNMjYwMjA5MTEwMTIzWhcNMjYwMjEwMTEwMTIzWjAzMTEwLwYDVQQD EygxN2NhMzNhYjJkMzliNmQxYmNmMjA1YTkxYmZjMWU1MjdjYWRjZTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAi/5ooSR5L8p9jd0EMZtfRvNLKC UUZe13w/66/gQ97Yu9vFQDie6hDtKoZpdgY+rATZ3GaSIFomBqNhN1ORz5qvyzUQ MI7MDqGdeSgItKmes94+MiSdY4XGDeDF8ytal0LP/c9Gz5tQM/qiEFyti2AM8/Jh sj7zSi597/sF1X2Z6gdziMiCNo80rCIeOyF1t1lVBaPYT5YU00KOM/56LiHLVK6M Wxazb2AQewz6USPTX3ZmUPycwW3e93hAdQstKyTRJetWKH1j0LSsyBzfd22QiauN FwHjV9zTEthLUqtkDU/JjjiiE1WplLtWju2Fi/8EUwUHacCh7U9FSLpgRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBfKM6stObbRvPIFqRv8HlJ8rc5fMB8GA1UdIwQY MBaAFKIXQxjPr+dV8YOpf7e5V6vu9T83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2hkREdNLXY1MVh4ZzZsX3Q3bFhxLTcxUHpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zZDlhZjktMDgyOS00MTFiLWI3NmUt ZTI2NTY3ZjJhZWUxLzEvb2hkREdNLXY1MVh4ZzZsX3Q3bFhxLTcxUHpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC8zZDlhZjktMDgyOS00MTFiLWI3NmUtZTI2NTY3ZjJhZWUx LzEvb2hkREdNLXY1MVh4ZzZsX3Q3bFhxLTcxUHpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnr9xzf9 Tg22X1H8HvYE/K15SOuyOTg2YPDPdZse/3PKI6UVDrFqSFeSfoWq8PBKa+x43vor gKOIiX8eajOozP21B4p/HeRQwMW0qFWix3ntGJEQDmisIa1ysDmGq0UxFt8xylOO SbzpQX0ND24HMNaoQfltO3ISD4pnUf49e3XSZSncmCkMrAHRqYPEzeVrkm+sIhAU LHXWMdRiN6IorFQGq6CJCiqQfXzFP6xE862BIVUafyk45vNV1Sc3AhsV0TA1Lj7h +D4tn1TxKXbKAax+pgJcxQgMfhpKEY24TVKP4ABpGd4OZvA/hMVHAyqVxe217z1O TAVFikFbgq/cqQ== -----END CERTIFICATE-----Generated at Mon Feb 9 16:48:14 2026 by rpki-client