This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json) Hash identifier: akYnIergF/M24fRzpfv6TgrrBg6Mxb+9PL2P9f0jI8w= Subject key identifier: 4F:C5:24:E9:65:88:36:37:42:E8:2A:8D:30:F8:D1:A8:C7:97:B8:3D Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Certificate serial: 019BF5AC8D4E20C34BE5C18090E3C50853DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft Manifest number: 0F60 Signing time: Sun 25 Jan 2026 15:01:24 +0000 Manifest this update: Sun 25 Jan 2026 15:01:24 +0000 Manifest next update: Mon 26 Jan 2026 15:01:24 +0000 Files and hashes: 1: qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa (hash: lrJX4lxCpvRoWetP9MnMhWnZa9fTVg282FGtglUa7z4=) 2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: sE5LdCv7vDnAMYezUvxdvRsSp0EJZGdjI/Q98Fg5ghk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:8d:4e:20:c3:4b:e5:c1:80:90:e3:c5:08:53:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Validity Not Before: Jan 25 15:01:24 2026 GMT Not After : Jan 26 15:01:24 2026 GMT Subject: CN=4fc524e96588363742e82a8d30f8d1a8c797b83d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2d:fa:fe:24:56:38:c5:a5:2a:50:bc:87:ea: da:da:86:c4:50:03:55:1c:53:d3:ca:68:f1:7d:8a: 01:a4:5d:45:86:0b:05:1c:fc:97:bc:31:0e:0c:6a: 03:f9:ae:25:34:c9:b5:29:ad:94:5c:38:be:8a:f1: 47:6f:d8:b1:69:ef:c7:07:24:4b:27:4f:78:ea:73: 53:f9:fe:aa:c3:64:03:f7:be:f3:0b:d9:ee:ee:3d: 38:6f:7e:5e:6f:ec:59:93:4a:37:74:11:0e:e0:f6: 50:c9:3a:c4:2b:9d:a4:53:25:8b:e3:86:f6:99:c6: 53:50:78:9d:5a:0f:68:47:e2:2c:e8:96:42:ff:54: 83:a3:20:14:f3:58:0f:0a:ef:2a:10:1c:27:91:3c: 46:d9:a9:e7:43:2f:c5:fb:55:0f:87:9f:22:74:1a: d1:71:f0:f6:63:f1:08:79:06:4e:8a:ca:0f:5d:a0: b8:c7:c8:d3:bf:d4:5d:23:8d:d1:e9:7c:ad:bf:21: f1:1b:5a:75:03:19:ae:d2:36:2e:5a:e0:2d:ff:77: af:44:e0:fd:6b:7a:1c:fc:e8:e4:b9:aa:fd:8c:ba: d4:21:96:32:59:0a:72:1d:6f:ce:cc:57:d3:78:6f: c9:25:ae:ec:1c:bf:d1:3e:58:e8:1b:33:72:13:13: 61:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:C5:24:E9:65:88:36:37:42:E8:2A:8D:30:F8:D1:A8:C7:97:B8:3D X509v3 Authority Key Identifier: keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:0b:36:e2:d9:19:50:81:01:b0:05:a7:ca:ea:ae:f0:11:3d: 15:cf:9f:83:f3:98:4c:db:49:f4:0e:28:f6:54:ac:5e:09:31: 32:a6:ea:88:70:96:41:0e:bc:e4:e6:c4:92:7e:c6:46:7e:26: 49:56:80:cb:86:3a:e1:45:60:a3:9a:dd:2b:f4:0b:87:0f:11: 48:8d:2d:10:95:f2:19:f8:00:db:5e:9b:68:f5:56:ac:82:08: 4f:96:96:1f:ad:45:0f:5a:4e:d1:70:61:ea:1d:db:52:5e:52: d2:68:f8:eb:19:f2:16:5c:c5:9f:69:3b:61:06:b6:2f:cd:b7: dd:67:d3:0c:29:d7:fb:09:5a:cf:4f:3f:f9:1e:36:0d:3c:a1: b0:28:4b:6c:db:9e:30:b7:ac:2a:e7:8b:42:6e:87:1b:ba:9d: 00:be:99:fa:6f:41:e5:0b:8a:db:02:2b:6a:30:6c:3f:a3:3f: ff:65:de:12:fc:95:3b:f0:f2:67:21:5e:43:15:d3:33:47:fe: 2e:5b:f8:f4:5c:49:69:34:9a:ba:93:35:10:ae:b7:32:a9:70: 1a:ca:7d:78:32:ec:27:1c:76:bd:fe:2e:01:87:29:a4:02:16: 80:1a:66:d7:ea:54:f2:86:96:2e:cb:7d:61:27:3a:22:a4:6b: c1:ac:18:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rI1OIMNL5cGAkOPFCFPcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3 NTI0MmQwHhcNMjYwMTI1MTUwMTI0WhcNMjYwMTI2MTUwMTI0WjAzMTEwLwYDVQQD Eyg0ZmM1MjRlOTY1ODgzNjM3NDJlODJhOGQzMGY4ZDFhOGM3OTdiODNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS36/iRWOMWlKlC8h+ra2obEUANV HFPTymjxfYoBpF1FhgsFHPyXvDEODGoD+a4lNMm1Ka2UXDi+ivFHb9ixae/HByRL J0946nNT+f6qw2QD977zC9nu7j04b35eb+xZk0o3dBEO4PZQyTrEK52kUyWL44b2 mcZTUHidWg9oR+Is6JZC/1SDoyAU81gPCu8qEBwnkTxG2annQy/F+1UPh58idBrR cfD2Y/EIeQZOisoPXaC4x8jTv9RdI43R6XytvyHxG1p1Axmu0jYuWuAt/3evROD9 a3oc/Ojkuar9jLrUIZYyWQpyHW/OzFfTeG/JJa7sHL/RPljoGzNyExNhQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE/FJOlliDY3QugqjTD40ajHl7g9MB8GA1UdIwQY MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQs24tkZ UIEBsAWnyuqu8BE9Fc+fg/OYTNtJ9A4o9lSsXgkxMqbqiHCWQQ685ObEkn7GRn4m SVaAy4Y64UVgo5rdK/QLhw8RSI0tEJXyGfgA216baPVWrIIIT5aWH61FD1pO0XBh 6h3bUl5S0mj46xnyFlzFn2k7YQa2L8233WfTDCnX+wlaz08/+R42DTyhsChLbNue MLesKueLQm6HG7qdAL6Z+m9B5QuK2wIrajBsP6M//2XeEvyVO/DyZyFeQxXTM0f+ Llv49FxJaTSaupM1EK63MqlwGsp9eDLsJxx2vf4uAYcppAIWgBpm1+pU8oaWLst9 YSc6IqRrwawYKA== -----END CERTIFICATE-----Generated at Mon Jan 26 00:45:10 2026 by rpki-client