This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft File: HQrO6hf1PecI-ac6vAyHFk0gfQg.mft (raw, json) Hash identifier: I8dCgPvljNAFot8yK9GROT3ReYauHOtkGqqw/xjOfPI= Subject key identifier: AF:28:0D:6E:8D:AC:DA:F3:E8:6F:F2:60:E3:D9:B7:F0:B9:58:A4:73 Authority key identifier: 1D:0A:CE:EA:17:F5:3D:E7:08:F9:A7:3A:BC:0C:87:16:4D:20:7D:08 Certificate issuer: /CN=1d0aceea17f53de708f9a73abc0c87164d207d08 Certificate serial: 019BF7D2750F070FC3B785449B54E624E5D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft Manifest number: 150D Signing time: Mon 26 Jan 2026 01:02:03 +0000 Manifest this update: Mon 26 Jan 2026 01:02:03 +0000 Manifest next update: Tue 27 Jan 2026 01:02:03 +0000 Files and hashes: 1: HQrO6hf1PecI-ac6vAyHFk0gfQg.crl (hash: 3nPAPdbC1TIiSFNua3QtaUFyy2eEY3flHdHTH1jP48Y=) 2: jYlsueQe6bTuxJo3Pao6U7_lbjM.roa (hash: xljjWi7Hj8DkN9QHcryj+ylFV/KQmtfdUgA8aZcK8mQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:d2:75:0f:07:0f:c3:b7:85:44:9b:54:e6:24:e5:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d0aceea17f53de708f9a73abc0c87164d207d08 Validity Not Before: Jan 26 01:02:03 2026 GMT Not After : Jan 27 01:02:03 2026 GMT Subject: CN=af280d6e8dacdaf3e86ff260e3d9b7f0b958a473 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:48:c9:32:d3:33:ba:ab:4c:0a:86:c6:26:e8: f0:88:22:68:87:6e:56:28:37:20:99:84:5a:16:cd: 7a:27:bd:d3:57:56:7c:88:4a:1f:85:de:80:cf:10: 68:8c:82:16:c2:dd:93:a6:3a:a7:54:58:c5:6e:08: cc:72:49:86:61:a5:94:8c:89:2f:55:39:2d:78:3b: 3e:dd:73:f8:d6:9f:ae:27:77:36:6d:22:b4:63:1c: 67:91:74:b4:d3:cd:3d:13:c0:58:b0:ac:05:a5:ad: be:e0:6a:cc:c6:3d:65:80:5b:68:d9:7a:74:a7:99: fa:8a:39:3d:14:47:2f:de:1b:cd:f1:0a:56:fb:4a: 54:39:f4:e5:2c:f0:1d:ed:d7:c1:e0:71:c2:92:06: b6:1a:44:1e:9c:ba:5f:89:1a:b6:ce:33:44:73:b2: da:8d:92:77:fa:c5:8c:af:8f:41:16:ca:53:64:74: c8:7c:b4:6d:92:51:7a:46:a7:9a:c6:57:19:33:6d: 4e:9b:19:04:52:fd:23:85:b2:3f:46:6f:7d:09:8a: 45:5b:d2:a6:09:71:ac:ca:97:8f:bc:c0:62:78:54: 56:85:e7:b2:98:9f:e4:4b:e2:9d:3d:0c:6b:a2:1b: ad:74:71:bd:99:01:e4:06:e5:da:25:c4:43:3d:c9: 9e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:28:0D:6E:8D:AC:DA:F3:E8:6F:F2:60:E3:D9:B7:F0:B9:58:A4:73 X509v3 Authority Key Identifier: keyid:1D:0A:CE:EA:17:F5:3D:E7:08:F9:A7:3A:BC:0C:87:16:4D:20:7D:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:59:8b:8d:86:1e:2f:47:74:f3:07:0c:92:ef:30:ba:b9:2e: 78:b5:ec:75:a3:ba:05:9d:37:96:e2:c3:40:28:d8:1f:1a:d1: e0:51:f5:05:f5:52:05:96:b0:5c:be:50:38:d6:b0:fe:47:5b: 8a:84:9e:7a:70:88:9d:eb:d6:3c:6b:bc:36:b6:99:cf:10:9a: 44:5b:ed:41:23:e6:9c:04:a7:ce:5f:9d:f2:45:54:d6:fa:0e: 7d:6d:e7:78:c4:cf:97:db:78:76:e2:69:e4:d7:68:c4:2e:fb: 37:4f:c0:71:f5:1b:35:9c:6a:24:35:3c:8d:25:65:99:c4:ab: 00:a4:38:bb:03:aa:99:bb:05:62:85:06:7d:d8:7c:78:3a:bc: bc:43:9e:08:b8:ee:17:c3:e7:20:8f:0a:62:b8:20:34:c9:ab: 9f:58:1a:a4:cf:b1:02:9e:02:5a:b9:68:ff:50:35:d9:1f:40: 40:24:e5:76:35:84:72:9e:50:a8:40:30:ee:38:0c:2d:81:70: c9:ef:a2:c5:ba:59:65:52:83:08:ec:12:e9:80:d7:18:e7:3f: 85:98:00:b7:62:23:37:55:42:3d:8b:22:6d:0b:74:45:e2:c7: 74:29:10:54:44:90:2b:de:51:32:51:1c:bf:ab:14:e2:79:a5: 7e:7a:5e:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv30nUPBw/Dt4VEm1TmJOXYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMGFjZWVhMTdmNTNkZTcwOGY5YTczYWJjMGM4NzE2NGQy MDdkMDgwHhcNMjYwMTI2MDEwMjAzWhcNMjYwMTI3MDEwMjAzWjAzMTEwLwYDVQQD EyhhZjI4MGQ2ZThkYWNkYWYzZTg2ZmYyNjBlM2Q5YjdmMGI5NThhNDczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEjJMtMzuqtMCobGJujwiCJoh25W KDcgmYRaFs16J73TV1Z8iEofhd6AzxBojIIWwt2TpjqnVFjFbgjMckmGYaWUjIkv VTkteDs+3XP41p+uJ3c2bSK0YxxnkXS00809E8BYsKwFpa2+4GrMxj1lgFto2Xp0 p5n6ijk9FEcv3hvN8QpW+0pUOfTlLPAd7dfB4HHCkga2GkQenLpfiRq2zjNEc7La jZJ3+sWMr49BFspTZHTIfLRtklF6RqeaxlcZM21OmxkEUv0jhbI/Rm99CYpFW9Km CXGsypePvMBieFRWheeymJ/kS+KdPQxrohutdHG9mQHkBuXaJcRDPcmeowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK8oDW6NrNrz6G/yYOPZt/C5WKRzMB8GA1UdIwQY MBaAFB0KzuoX9T3nCPmnOrwMhxZNIH0IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYTU2ZjYtMWNmMi00Mzg4LTk2ZmEt YzZiY2NhNzIxNDcxLzEvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kYTU2ZjYtMWNmMi00Mzg4LTk2ZmEtYzZiY2NhNzIxNDcx LzEvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdFmLjYYe L0d08wcMku8wurkueLXsdaO6BZ03luLDQCjYHxrR4FH1BfVSBZawXL5QONaw/kdb ioSeenCInevWPGu8NraZzxCaRFvtQSPmnASnzl+d8kVU1voOfW3neMTPl9t4duJp 5NdoxC77N0/AcfUbNZxqJDU8jSVlmcSrAKQ4uwOqmbsFYoUGfdh8eDq8vEOeCLju F8PnII8KYrggNMmrn1gapM+xAp4CWrlo/1A12R9AQCTldjWEcp5QqEAw7jgMLYFw ye+ixbpZZVKDCOwS6YDXGOc/hZgAt2IjN1VCPYsibQt0ReLHdCkQVESQK95RMlEc v6sU4nmlfnpexg== -----END CERTIFICATE-----Generated at Mon Jan 26 09:02:52 2026 by rpki-client