This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json) Hash identifier: SReOBqVcTDS+SO5o/i2oC4aNwLZwDdXe2Wj1pEbKMYY= Subject key identifier: E2:AB:37:0D:EC:7F:46:7E:1A:20:21:25:DC:F4:13:D8:F0:7C:05:9C Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4 Certificate serial: 019BF4D0AA12F9A60A03EFF033A143F1C232 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft Manifest number: 12F7 Signing time: Sun 25 Jan 2026 11:01:14 +0000 Manifest this update: Sun 25 Jan 2026 11:01:14 +0000 Manifest next update: Mon 26 Jan 2026 11:01:14 +0000 Files and hashes: 1: 46eH9Cj2ZoAvvZOdO1gLEixXty0.roa (hash: nutrSegvu5QxeGV6g/QuVOtrzFyb4Km/JeoI/dWaXRo=) 2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: 9iwOeWg2Ce7qZlmh0S4cYmrMpaEujPbaIzNAe0t81XY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:d0:aa:12:f9:a6:0a:03:ef:f0:33:a1:43:f1:c2:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4 Validity Not Before: Jan 25 11:01:14 2026 GMT Not After : Jan 26 11:01:14 2026 GMT Subject: CN=e2ab370dec7f467e1a202125dcf413d8f07c059c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5d:52:7f:64:1b:a9:5c:d1:99:70:0e:1c:b1: df:c5:3b:60:c0:ab:03:02:e8:2f:3b:f8:b7:71:6e: be:e9:e7:a5:e7:e6:ad:96:d2:54:bf:15:4a:7d:9a: 9f:e2:c1:1a:96:b6:84:00:a1:a3:ae:ea:12:e8:36: f1:ed:92:db:a4:bb:f1:8e:04:e6:bd:f0:1e:9e:b2: 69:84:dd:15:a5:09:5b:30:cd:63:a6:4e:d6:43:c2: 81:19:fd:a7:53:c1:3c:bf:27:e3:36:d1:6f:0e:9e: 53:71:ed:a4:02:a7:19:e7:6a:96:34:e9:9b:18:e8: 83:28:e8:86:ab:31:21:d4:88:15:9c:9b:9c:32:c4: a1:5f:b6:4e:4d:99:cc:f9:93:24:23:dd:c3:40:4d: cd:40:6f:30:e7:22:95:48:37:50:50:fe:66:0b:46: 7b:19:4b:7a:d0:37:f3:65:4b:ff:67:fd:2b:57:df: bf:50:90:43:16:e6:9f:ae:a9:cb:90:69:6c:63:ab: 27:c5:d5:6a:48:cc:f1:87:28:93:bf:77:f9:fb:8f: 3b:c0:17:b6:f7:79:6c:e8:df:2f:92:b7:e4:20:ea: 09:2f:ad:c3:62:c1:2f:4c:74:2c:41:a6:46:ff:65: a0:86:f4:22:cc:ad:f7:3c:5a:9b:6e:fa:b5:bb:6f: 9b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:AB:37:0D:EC:7F:46:7E:1A:20:21:25:DC:F4:13:D8:F0:7C:05:9C X509v3 Authority Key Identifier: keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:04:4a:6e:1c:50:dc:dd:39:1e:30:35:dd:be:80:3e:a6:6d: 6e:f1:c1:c1:eb:20:11:69:92:e7:27:45:78:24:5d:f7:fc:62: b5:5d:16:07:58:ce:dd:0e:3e:48:ce:bf:1c:30:08:8d:0f:5c: 16:8f:2f:9e:15:b5:87:b2:5f:db:8d:e7:a8:0a:19:0d:33:c9: 3f:97:fb:5f:5c:a1:58:13:a1:13:2d:04:45:36:26:b6:9f:83: 26:4d:4f:46:2a:7b:6c:ad:c8:9e:aa:50:c1:eb:2e:46:a0:83: c2:55:ae:72:84:43:58:07:29:3d:05:bd:3e:9d:ac:f7:a4:23: 46:c9:ec:ea:f4:f9:10:8f:0b:e4:0a:f4:e5:7e:a6:aa:32:48: bb:16:c4:f6:48:6b:42:af:51:75:66:ed:19:e7:29:ac:97:45: 73:73:af:ab:44:5b:19:81:a2:01:51:33:1e:31:86:64:f1:ff: b9:25:14:7d:fa:56:e1:a7:34:ea:ba:61:99:bd:52:7d:f0:bf: 93:23:3d:fc:2d:64:fe:62:01:fc:4b:e7:64:d4:ae:d2:2d:c6: f6:17:c6:e2:7b:eb:62:06:64:68:2f:d7:4d:a9:17:44:4c:2a: 33:25:6f:35:40:86:b8:f1:81:b4:9b:24:7c:07:a6:13:c8:5b: c8:ea:64:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv00KoS+aYKA+/wM6FD8cIyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz ZTIwZTQwHhcNMjYwMTI1MTEwMTE0WhcNMjYwMTI2MTEwMTE0WjAzMTEwLwYDVQQD EyhlMmFiMzcwZGVjN2Y0NjdlMWEyMDIxMjVkY2Y0MTNkOGYwN2MwNTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV1Sf2QbqVzRmXAOHLHfxTtgwKsD AugvO/i3cW6+6eel5+atltJUvxVKfZqf4sEalraEAKGjruoS6Dbx7ZLbpLvxjgTm vfAenrJphN0VpQlbMM1jpk7WQ8KBGf2nU8E8vyfjNtFvDp5Tce2kAqcZ52qWNOmb GOiDKOiGqzEh1IgVnJucMsShX7ZOTZnM+ZMkI93DQE3NQG8w5yKVSDdQUP5mC0Z7 GUt60DfzZUv/Z/0rV9+/UJBDFuafrqnLkGlsY6snxdVqSMzxhyiTv3f5+487wBe2 93ls6N8vkrfkIOoJL63DYsEvTHQsQaZG/2WghvQizK33PFqbbvq1u2+brwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOKrNw3sf0Z+GiAhJdz0E9jwfAWcMB8GA1UdIwQY MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQRKbhxQ 3N05HjA13b6APqZtbvHBwesgEWmS5ydFeCRd9/xitV0WB1jO3Q4+SM6/HDAIjQ9c Fo8vnhW1h7Jf243nqAoZDTPJP5f7X1yhWBOhEy0ERTYmtp+DJk1PRip7bK3InqpQ wesuRqCDwlWucoRDWAcpPQW9Pp2s96QjRsns6vT5EI8L5Ar05X6mqjJIuxbE9khr Qq9RdWbtGecprJdFc3Ovq0RbGYGiAVEzHjGGZPH/uSUUffpW4ac06rphmb1SffC/ kyM9/C1k/mIB/EvnZNSu0i3G9hfG4nvrYgZkaC/XTakXREwqMyVvNUCGuPGBtJsk fAemE8hbyOpkbw== -----END CERTIFICATE-----Generated at Sun Jan 25 16:19:36 2026 by rpki-client