This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json) Hash identifier: 44LbIIWopzA9U8TdrL85bl5uKap0hq5XNxoGDvV0rB8= Subject key identifier: 90:87:29:2F:9C:96:71:6F:27:31:69:E6:3E:2E:F6:CA:99:B8:AE:C2 Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763 Certificate serial: 019BF6BF11FAAA44441E228CE10EBCFF579F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft Manifest number: 0BD1 Signing time: Sun 25 Jan 2026 20:01:15 +0000 Manifest this update: Sun 25 Jan 2026 20:01:15 +0000 Manifest next update: Mon 26 Jan 2026 20:01:15 +0000 Files and hashes: 1: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: tVLR6vo39aeX58OXiQBMX/J03I3r460Z2KRomtXrazk=) 2: kGQeneiJZNT_BjB_XoReSyXguQ8.roa (hash: yt9dzzQfHrZsnLkuZ9r3U4v8elv0IkIyoER8sIW2HPM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:bf:11:fa:aa:44:44:1e:22:8c:e1:0e:bc:ff:57:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87de085975de6588e07fed135513aa38acedb763 Validity Not Before: Jan 25 20:01:15 2026 GMT Not After : Jan 26 20:01:15 2026 GMT Subject: CN=9087292f9c96716f273169e63e2ef6ca99b8aec2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f7:9d:c0:42:5c:a1:84:1f:71:52:ab:e8:1c: d5:6d:f8:7f:f1:16:2c:b4:a1:84:ab:6d:9b:af:f2: 26:de:34:a3:6d:82:94:fd:1b:f1:28:e9:23:cf:03: 9b:a4:0f:0e:6a:26:b2:78:67:9b:da:d8:8e:1a:68: 06:51:90:5c:c2:21:0e:de:89:f9:2e:8b:8f:95:7a: 1a:ae:bd:64:19:b0:c3:0d:93:81:c2:af:17:4a:8e: b0:96:d9:43:81:82:dc:de:1d:b9:5a:cd:d7:a7:1c: c1:dd:aa:54:8f:63:4d:e1:9d:02:e9:7d:ad:ea:ed: 2b:c4:21:9b:cc:76:c5:92:dc:90:26:d1:a5:7b:76: 39:10:86:19:87:a9:22:71:ac:7b:8e:d6:c3:70:9a: d4:b2:c5:86:00:ad:c8:a1:25:79:97:da:31:b3:81: e2:b0:20:5f:2e:4a:b5:fb:fa:4c:0e:0e:65:00:fd: a5:cf:70:79:46:26:71:55:24:f3:25:49:e3:91:76: 69:5d:5e:28:36:ba:d2:94:4a:63:94:91:db:c9:2e: b1:67:03:cc:55:ca:4e:c0:91:c8:69:8e:e7:db:33: de:88:1d:50:52:d8:65:cc:65:c0:6f:7e:4f:70:08: 09:58:88:79:19:10:98:74:14:0b:5b:37:50:45:41: 04:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:87:29:2F:9C:96:71:6F:27:31:69:E6:3E:2E:F6:CA:99:B8:AE:C2 X509v3 Authority Key Identifier: keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:f6:19:0d:85:bc:b4:94:95:93:39:12:71:f2:57:64:24:ca: a4:03:7e:d5:14:b1:04:db:b7:94:ee:22:ac:ff:b4:a9:3c:3f: 33:e6:a7:cc:17:c3:0b:b4:a9:59:17:70:8d:f4:df:25:19:66: 38:3b:6d:a5:a3:73:38:46:ee:25:aa:e2:bb:1a:bb:a9:86:6d: d9:91:47:17:59:fc:da:79:f9:7b:7b:f2:82:d9:40:b7:07:ed: 0f:4e:ad:1b:56:b7:74:92:7f:a6:cd:71:12:6b:85:8e:b0:77: 0c:1a:cf:19:21:49:26:b9:2f:ea:86:d7:e7:0e:3f:0c:6e:83: 46:46:ee:c1:a1:d7:2a:7d:07:ad:99:f0:5b:43:f1:0f:93:79: 76:c7:f1:63:d2:5e:a5:0c:35:1e:0d:48:0c:4a:46:33:63:83: f1:45:21:02:01:de:37:19:e8:63:db:86:1c:2e:17:85:ed:71: 4c:30:83:f0:89:37:cc:47:08:c3:4c:33:63:4f:4d:64:6d:67: 68:a5:2f:21:9c:8e:13:94:cd:6d:75:3b:22:b1:a2:c5:91:49: f1:db:a9:cb:65:fb:64:2d:6b:ef:d1:b0:f2:38:4f:3a:37:89: 25:b0:8f:90:d5:6f:70:36:22:07:66:9c:a8:b2:05:22:82:d1: f5:54:77:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vxH6qkREHiKM4Q68/1efMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl ZGI3NjMwHhcNMjYwMTI1MjAwMTE1WhcNMjYwMTI2MjAwMTE1WjAzMTEwLwYDVQQD Eyg5MDg3MjkyZjljOTY3MTZmMjczMTY5ZTYzZTJlZjZjYTk5YjhhZWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/edwEJcoYQfcVKr6BzVbfh/8RYs tKGEq22br/Im3jSjbYKU/RvxKOkjzwObpA8OaiayeGeb2tiOGmgGUZBcwiEO3on5 LouPlXoarr1kGbDDDZOBwq8XSo6wltlDgYLc3h25Ws3XpxzB3apUj2NN4Z0C6X2t 6u0rxCGbzHbFktyQJtGle3Y5EIYZh6kicax7jtbDcJrUssWGAK3IoSV5l9oxs4Hi sCBfLkq1+/pMDg5lAP2lz3B5RiZxVSTzJUnjkXZpXV4oNrrSlEpjlJHbyS6xZwPM VcpOwJHIaY7n2zPeiB1QUthlzGXAb35PcAgJWIh5GRCYdBQLWzdQRUEEaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJCHKS+clnFvJzFp5j4u9sqZuK7CMB8GA1UdIwQY MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAePYZDYW8 tJSVkzkScfJXZCTKpAN+1RSxBNu3lO4irP+0qTw/M+anzBfDC7SpWRdwjfTfJRlm ODttpaNzOEbuJariuxq7qYZt2ZFHF1n82nn5e3vygtlAtwftD06tG1a3dJJ/ps1x EmuFjrB3DBrPGSFJJrkv6obX5w4/DG6DRkbuwaHXKn0HrZnwW0PxD5N5dsfxY9Je pQw1Hg1IDEpGM2OD8UUhAgHeNxnoY9uGHC4Xhe1xTDCD8Ik3zEcIw0wzY09NZG1n aKUvIZyOE5TNbXU7IrGixZFJ8dupy2X7ZC1r79Gw8jhPOjeJJbCPkNVvcDYiB2ac qLIFIoLR9VR30A== -----END CERTIFICATE-----Generated at Mon Jan 26 03:48:12 2026 by rpki-client