This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json) Hash identifier: xA96mBY28Gq0hbTPJTheiarWlbZA/9RBEzESwM2V1Fw= Subject key identifier: 02:D0:6F:96:3C:EF:AF:E0:F4:FB:B4:50:C0:F2:67:72:AA:29:2C:8F Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Certificate serial: 019BFB77D4F8AC00C6D1C9BC5CC824115608 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft Manifest number: 17EA Signing time: Mon 26 Jan 2026 18:01:32 +0000 Manifest this update: Mon 26 Jan 2026 18:01:32 +0000 Manifest next update: Tue 27 Jan 2026 18:01:32 +0000 Files and hashes: 1: MuWBM4y_8sU7g6FEyEJdZpch7MA.roa (hash: polciHBhuEIudcpVsohkilsNPMnWK3IMSBDrJXYyToE=) 2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: xBFE+64avvCuhb2Y6/ZtGKMx+R7P02aBn6WN//2NQ8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:77:d4:f8:ac:00:c6:d1:c9:bc:5c:c8:24:11:56:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Validity Not Before: Jan 26 18:01:32 2026 GMT Not After : Jan 27 18:01:32 2026 GMT Subject: CN=02d06f963cefafe0f4fbb450c0f26772aa292c8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:17:56:a4:f7:de:64:f7:e2:8c:97:dd:4d:46: 54:09:e0:77:09:21:ce:5f:f2:ce:2b:7b:76:7b:e5: f7:ac:0b:d9:83:2d:f5:56:93:f7:c7:16:a2:53:1c: 31:9d:21:b1:47:7d:5d:5c:95:d9:4c:af:43:34:54: 5d:5f:82:f9:9e:a0:af:cc:c0:32:e9:9f:f1:6e:7b: e3:e1:f0:a0:68:e6:ca:c0:68:a7:b4:45:19:00:ab: 9e:e8:a9:e5:64:28:8f:c3:71:06:47:0c:87:98:f8: 24:fa:91:d3:4e:6a:ab:db:91:02:c9:8a:ad:bc:0a: 62:17:a2:95:29:48:ff:f1:04:20:a3:05:7a:be:18: e4:d2:77:9e:ef:2e:a3:15:bd:50:85:6e:ba:e0:62: d4:06:eb:82:48:46:a4:8d:96:7e:b3:81:8d:38:ba: 9e:21:43:c7:69:0b:fb:1c:d9:46:48:91:fb:39:91: 80:c4:82:d9:5e:46:cd:98:8b:ce:48:00:e1:bb:8d: 81:05:3c:39:e0:b2:54:84:69:d1:9e:33:e8:08:06: ee:40:c9:e9:68:e9:16:15:59:35:9d:6b:e8:d4:0b: 8a:e0:c3:c7:0b:78:54:89:64:7f:59:e2:1c:62:45: 3f:c1:42:bb:6c:1d:1d:3f:23:2f:5b:3e:d5:88:fa: f4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D0:6F:96:3C:EF:AF:E0:F4:FB:B4:50:C0:F2:67:72:AA:29:2C:8F X509v3 Authority Key Identifier: keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:42:08:4c:95:c4:19:01:0e:f2:7c:c3:a8:d9:74:9c:7e:8b: 8b:67:85:47:37:e9:e1:1f:52:31:cc:50:1f:56:4a:8c:81:d6: 10:06:9e:5f:94:e2:08:bc:49:c1:f6:d7:da:60:85:b6:82:d8: 77:4d:a7:1d:1b:cf:c0:65:2e:c4:51:c2:03:78:fd:e3:5f:62: 8a:3b:0c:24:5c:49:ff:39:63:c0:ab:69:42:b8:a1:fb:e2:a8: b3:cb:62:89:02:4a:d9:d3:d2:18:9e:02:d7:43:85:48:f8:a3: fe:34:18:79:f8:16:cd:8b:db:2b:ee:3b:12:a4:1a:f0:7f:92: 4d:9d:63:a8:b2:c9:bb:6d:39:23:23:79:42:d7:3c:f3:12:8f: a6:64:52:dd:44:70:26:45:b4:6a:d9:60:0f:78:ef:e3:40:ea: ea:3b:6d:14:9c:2d:79:75:36:e5:8e:3c:71:08:13:e5:57:18: 80:2f:49:af:d9:9e:ec:46:c3:82:0c:79:b2:38:63:83:1c:62: 0b:35:8e:6d:b7:08:a5:af:e8:6a:2a:04:47:2f:51:c5:6d:7b: ec:c1:7e:da:79:ed:29:d8:dc:a1:2f:67:f1:af:69:ae:b2:5c: 98:27:31:ef:62:46:98:f9:ea:32:e0:5f:c4:98:2c:66:bd:91: 4e:f7:cc:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7d9T4rADG0cm8XMgkEVYIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0 MmQ2OGIwHhcNMjYwMTI2MTgwMTMyWhcNMjYwMTI3MTgwMTMyWjAzMTEwLwYDVQQD EygwMmQwNmY5NjNjZWZhZmUwZjRmYmI0NTBjMGYyNjc3MmFhMjkyYzhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRdWpPfeZPfijJfdTUZUCeB3CSHO X/LOK3t2e+X3rAvZgy31VpP3xxaiUxwxnSGxR31dXJXZTK9DNFRdX4L5nqCvzMAy 6Z/xbnvj4fCgaObKwGintEUZAKue6KnlZCiPw3EGRwyHmPgk+pHTTmqr25ECyYqt vApiF6KVKUj/8QQgowV6vhjk0nee7y6jFb1QhW664GLUBuuCSEakjZZ+s4GNOLqe IUPHaQv7HNlGSJH7OZGAxILZXkbNmIvOSADhu42BBTw54LJUhGnRnjPoCAbuQMnp aOkWFVk1nWvo1AuK4MPHC3hUiWR/WeIcYkU/wUK7bB0dPyMvWz7ViPr05QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFALQb5Y876/g9Pu0UMDyZ3KqKSyPMB8GA1UdIwQY MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFkIITJXE GQEO8nzDqNl0nH6Li2eFRzfp4R9SMcxQH1ZKjIHWEAaeX5TiCLxJwfbX2mCFtoLY d02nHRvPwGUuxFHCA3j9419iijsMJFxJ/zljwKtpQrih++Kos8tiiQJK2dPSGJ4C 10OFSPij/jQYefgWzYvbK+47EqQa8H+STZ1jqLLJu205IyN5Qtc88xKPpmRS3URw JkW0atlgD3jv40Dq6jttFJwteXU25Y48cQgT5VcYgC9Jr9me7EbDggx5sjhjgxxi CzWObbcIpa/oaioERy9RxW177MF+2nntKdjcoS9n8a9prrJcmCcx72JGmPnqMuBf xJgsZr2RTvfMEQ== -----END CERTIFICATE-----Generated at Mon Jan 26 22:11:06 2026 by rpki-client