This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json) Hash identifier: mr0/+/bvQMphedCJFW43ubSnazKvV3Kl4v+ovfmJlSs= Subject key identifier: 85:1B:3A:29:5B:42:C5:E6:6F:15:17:70:6B:29:74:6A:CA:24:78:28 Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Certificate serial: 019BF4D053BE2DF7537AA32C4D128B74406F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft Manifest number: 0B45 Signing time: Sun 25 Jan 2026 11:00:52 +0000 Manifest this update: Sun 25 Jan 2026 11:00:52 +0000 Manifest next update: Mon 26 Jan 2026 11:00:52 +0000 Files and hashes: 1: A_5M0CfXYUUC_BjsX_wFA_AapkY.roa (hash: UxtCMoKmpdBbD3cNYjI3Iakd8mHfIDVh+Sc1KrYzV8A=) 2: QTj2rWtF102-zkq4FB91dVQDunM.roa (hash: 1lI8W4TaqEFSyMRF8rItgY5NGvTzSeJ9vEchB5jfowo=) 3: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: 9GR9Alcy/zJlIbqIIH44ruOmtpwRnPRwIbKTMCTUxFU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:d0:53:be:2d:f7:53:7a:a3:2c:4d:12:8b:74:40:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Validity Not Before: Jan 25 11:00:52 2026 GMT Not After : Jan 26 11:00:52 2026 GMT Subject: CN=851b3a295b42c5e66f1517706b29746aca247828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7f:04:ab:ec:7b:20:b9:06:02:70:38:1c:d3: c4:8b:ae:fe:e0:6e:b4:0e:55:98:79:83:62:13:f7: c6:9b:28:9d:29:92:98:a6:db:0f:ae:bb:4d:62:01: d7:25:9d:7d:a3:a7:76:2c:7b:63:b1:7b:90:22:77: 71:b2:0e:62:26:00:60:9c:ef:db:1b:b5:22:1b:0c: 15:dc:af:55:fe:a8:37:51:51:a3:c5:11:46:ac:16: 51:99:15:be:e1:59:eb:94:97:ed:5e:8a:3f:42:8f: 8f:ff:b0:01:6d:19:a4:04:cf:2f:fd:c6:bc:57:b5: b5:42:6c:26:e0:0f:3b:b4:9d:2a:67:75:bf:5d:ff: 6c:f1:a8:b0:af:98:07:61:31:cc:e9:cb:d2:cd:32: 45:ff:a9:07:ef:ac:99:26:d3:92:ff:6f:b2:10:2e: 60:5b:19:4f:68:25:9c:57:ea:00:5c:e8:e2:81:b0: bf:95:0c:dd:06:05:04:55:11:df:ed:39:cf:8f:e7: 1c:3e:8e:63:d5:69:5a:fc:7c:7d:a4:ae:28:89:1c: 49:27:ee:c6:48:6d:92:4e:64:34:1d:d7:ba:8c:a1: ec:48:ef:8e:ef:ec:48:3b:d0:58:28:5a:75:4b:fc: df:f6:82:10:ad:e2:80:a1:e4:fc:4e:80:a0:9e:85: a8:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:1B:3A:29:5B:42:C5:E6:6F:15:17:70:6B:29:74:6A:CA:24:78:28 X509v3 Authority Key Identifier: keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:36:47:47:7f:01:a8:1c:94:e4:57:0c:a0:a5:b2:1f:26:56: 35:48:1b:98:b6:6d:b5:27:bd:20:96:53:16:66:cd:40:6a:99: ba:be:e4:d7:2c:5d:0f:fb:0b:38:d9:2b:a3:e4:f9:a4:1f:84: c8:0a:7e:43:36:75:06:2a:1d:31:9c:37:c4:c0:26:8f:f0:d3: b3:d0:6c:2b:98:dd:18:0e:4b:ca:5a:46:a1:48:ac:5f:95:0f: 1d:87:b5:7f:d1:f4:36:67:c8:f5:ab:ae:4c:a2:9b:55:f7:3e: ac:17:d5:b1:14:55:d7:c6:85:fc:68:cd:c6:f9:67:ea:0f:2d: 24:1a:33:54:1d:9b:d2:bb:07:7e:d5:5f:97:7c:ff:9e:55:f2: 55:97:30:7c:c3:50:43:ba:e4:ae:08:6f:00:79:5d:d6:ca:4b: d0:d1:64:38:83:ba:a5:65:8a:11:85:28:86:74:38:fe:3f:6e: 51:5b:28:8d:b9:17:e6:6f:51:18:34:50:3a:63:db:d3:c1:fb: 89:94:82:4c:a3:75:7b:77:af:55:34:f8:af:69:7a:b1:4f:55: 12:f5:8b:e1:01:f7:9f:56:8a:cc:fe:7a:ea:71:ed:f7:8e:8f: 0c:0b:57:f1:e9:16:f2:77:c9:c0:4f:e7:62:7f:4a:db:c4:b7: 7e:d7:71:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv00FO+LfdTeqMsTRKLdEBvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky MThlZjYwHhcNMjYwMTI1MTEwMDUyWhcNMjYwMTI2MTEwMDUyWjAzMTEwLwYDVQQD Eyg4NTFiM2EyOTViNDJjNWU2NmYxNTE3NzA2YjI5NzQ2YWNhMjQ3ODI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH8Eq+x7ILkGAnA4HNPEi67+4G60 DlWYeYNiE/fGmyidKZKYptsPrrtNYgHXJZ19o6d2LHtjsXuQIndxsg5iJgBgnO/b G7UiGwwV3K9V/qg3UVGjxRFGrBZRmRW+4VnrlJftXoo/Qo+P/7ABbRmkBM8v/ca8 V7W1Qmwm4A87tJ0qZ3W/Xf9s8aiwr5gHYTHM6cvSzTJF/6kH76yZJtOS/2+yEC5g WxlPaCWcV+oAXOjigbC/lQzdBgUEVRHf7TnPj+ccPo5j1Wla/Hx9pK4oiRxJJ+7G SG2STmQ0Hde6jKHsSO+O7+xIO9BYKFp1S/zf9oIQreKAoeT8ToCgnoWoewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIUbOilbQsXmbxUXcGspdGrKJHgoMB8GA1UdIwQY MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0 LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajZHR38B qByU5FcMoKWyHyZWNUgbmLZttSe9IJZTFmbNQGqZur7k1yxdD/sLONkro+T5pB+E yAp+QzZ1BiodMZw3xMAmj/DTs9BsK5jdGA5LylpGoUisX5UPHYe1f9H0NmfI9auu TKKbVfc+rBfVsRRV18aF/GjNxvln6g8tJBozVB2b0rsHftVfl3z/nlXyVZcwfMNQ Q7rkrghvAHld1spL0NFkOIO6pWWKEYUohnQ4/j9uUVsojbkX5m9RGDRQOmPb08H7 iZSCTKN1e3evVTT4r2l6sU9VEvWL4QH3n1aKzP566nHt946PDAtX8ekW8nfJwE/n Yn9K28S3ftdxmA== -----END CERTIFICATE-----Generated at Sun Jan 25 14:47:20 2026 by rpki-client