This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft File: 28lQCYQ2KBzuVCoedFRlUeHlUoM.mft (raw, json) Hash identifier: Salsb2PEib5Y6Es7NvkJbC1hdNgtlE/cdWdtH+kIosk= Subject key identifier: B3:16:F4:A1:66:5B:4C:5F:8F:88:8F:A7:FA:BC:7D:1A:47:1A:25:08 Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83 Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283 Certificate serial: 019BF763975F2947632A5F4E4500F3798160 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft Manifest number: 17EC Signing time: Sun 25 Jan 2026 23:00:57 +0000 Manifest this update: Sun 25 Jan 2026 23:00:57 +0000 Manifest next update: Mon 26 Jan 2026 23:00:57 +0000 Files and hashes: 1: 28lQCYQ2KBzuVCoedFRlUeHlUoM.crl (hash: cOr/wXgDk/6uPGo7zEDWCJccmiQVUykMaWKUuubjQfU=) 2: S-s-KrbF6j3sLJbs4p0tEnINwc4.roa (hash: lbsHHCPLu65Xu8v8V5wooAKg5OLW3IhHzjvdCT203Bc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:63:97:5f:29:47:63:2a:5f:4e:45:00:f3:79:81:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbc950098436281cee542a1e74546551e1e55283 Validity Not Before: Jan 25 23:00:57 2026 GMT Not After : Jan 26 23:00:57 2026 GMT Subject: CN=b316f4a1665b4c5f8f888fa7fabc7d1a471a2508 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:da:38:35:be:e1:ba:cc:d3:84:6b:94:e0:ee: d0:9f:9b:54:e9:23:92:b1:1a:54:b4:91:22:3a:57: f1:89:79:33:48:e3:92:00:4c:c6:74:1d:93:fb:48: ff:eb:c4:b9:e9:28:fa:9d:34:ab:ae:68:82:5a:aa: 5e:5b:ed:d3:e5:78:5f:6e:f7:e1:59:8f:18:57:76: 87:50:ea:9d:ed:5c:e5:de:53:4d:4d:94:61:7f:05: 25:57:67:74:cc:48:8c:bb:28:5c:07:c9:c6:c9:2c: 61:c5:33:03:0f:ae:3f:a5:0e:46:5a:dc:b4:b1:64: 9b:c6:99:4a:e6:f3:5d:5d:38:e3:cb:00:48:a1:b6: e6:00:3d:4b:d0:54:a0:4b:ce:49:b7:2f:bd:0d:3a: c3:64:44:92:3e:61:32:c3:69:7e:21:2c:de:50:b0: 90:bf:3b:8b:df:7f:3e:2b:8e:37:ca:93:cc:f2:44: a2:56:88:a8:3e:f1:6c:d8:60:a0:92:c5:96:f7:a5: 5b:98:94:23:f1:16:8e:e8:b6:ae:12:da:b6:32:db: 3b:81:be:78:16:42:37:89:bc:1e:98:58:f4:eb:10: df:b2:94:6c:fa:44:f9:ee:0e:f3:bd:c3:d1:58:11: 5f:86:76:c4:dc:89:4f:c9:21:e4:69:1f:d9:77:2c: c2:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:16:F4:A1:66:5B:4C:5F:8F:88:8F:A7:FA:BC:7D:1A:47:1A:25:08 X509v3 Authority Key Identifier: keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:94:22:d8:89:50:cc:17:a6:79:90:b7:7f:54:37:d5:8b:8f: 91:0e:0c:e0:1d:4b:5b:45:ca:16:d7:ac:2b:26:7c:ab:6f:67: d7:0d:88:5b:0a:3e:9e:29:6f:5c:ab:6c:4d:8c:a6:03:8e:4c: d1:f6:d0:4b:97:4a:5b:6f:71:ef:4a:1a:fd:ab:aa:c7:88:84: 69:9f:a2:f0:04:c1:6d:0a:ee:2c:a3:ac:9f:dc:d9:2e:28:13: 6a:2a:07:9b:da:4e:b8:16:29:cd:36:1d:6a:04:ac:b4:54:45: 01:07:a0:f8:76:ea:56:10:69:b6:4e:f9:a9:c9:41:90:f8:61: 7b:82:99:c2:dd:22:3a:59:83:35:6b:a4:32:c5:c6:1c:49:cd: 68:53:70:2c:1c:95:31:09:7a:ea:bd:b4:2e:e3:99:a0:b5:99: c2:c2:f7:77:65:b0:2e:41:0c:9c:ac:2d:4c:bd:fc:c7:e3:3b: 16:21:b0:5e:07:e5:f1:bc:8b:9a:c6:7a:f6:c8:24:30:cb:34: be:cb:7d:6f:7a:77:31:fb:06:9d:d2:da:1b:70:b3:c1:a3:82: b2:3c:42:1a:71:07:2d:1a:77:e6:24:e5:a6:51:c7:7c:50:cb: f7:5a:62:da:f4:b3:53:0d:93:62:80:b1:c9:aa:02:01:13:e0: 30:4d:b2:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3Y5dfKUdjKl9ORQDzeYFgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl NTUyODMwHhcNMjYwMTI1MjMwMDU3WhcNMjYwMTI2MjMwMDU3WjAzMTEwLwYDVQQD EyhiMzE2ZjRhMTY2NWI0YzVmOGY4ODhmYTdmYWJjN2QxYTQ3MWEyNTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNo4Nb7huszThGuU4O7Qn5tU6SOS sRpUtJEiOlfxiXkzSOOSAEzGdB2T+0j/68S56Sj6nTSrrmiCWqpeW+3T5Xhfbvfh WY8YV3aHUOqd7Vzl3lNNTZRhfwUlV2d0zEiMuyhcB8nGySxhxTMDD64/pQ5GWty0 sWSbxplK5vNdXTjjywBIobbmAD1L0FSgS85Jty+9DTrDZESSPmEyw2l+ISzeULCQ vzuL338+K443ypPM8kSiVoioPvFs2GCgksWW96VbmJQj8RaO6LauEtq2Mts7gb54 FkI3ibwemFj06xDfspRs+kT57g7zvcPRWBFfhnbE3IlPySHkaR/ZdyzCRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLMW9KFmW0xfj4iPp/q8fRpHGiUIMB8GA1UdIwQY MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt ZjQ3ZTE2OTI2NmMyLzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZQi2IlQ zBemeZC3f1Q31YuPkQ4M4B1LW0XKFtesKyZ8q29n1w2IWwo+nilvXKtsTYymA45M 0fbQS5dKW29x70oa/auqx4iEaZ+i8ATBbQruLKOsn9zZLigTaioHm9pOuBYpzTYd agSstFRFAQeg+HbqVhBptk75qclBkPhhe4KZwt0iOlmDNWukMsXGHEnNaFNwLByV MQl66r20LuOZoLWZwsL3d2WwLkEMnKwtTL38x+M7FiGwXgfl8byLmsZ69sgkMMs0 vst9b3p3MfsGndLaG3CzwaOCsjxCGnEHLRp35iTlplHHfFDL91pi2vSzUw2TYoCx yaoCARPgME2yAw== -----END CERTIFICATE-----Generated at Mon Jan 26 04:24:13 2026 by rpki-client