This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json) Hash identifier: 1IjaGHVQoQj0KpdVr4F0nVeobYkI2IhZ+estiXeCZTo= Subject key identifier: 48:92:E0:79:D3:E9:16:3E:CD:66:B0:6B:82:C2:11:29:0F:BF:9A:DA Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Certificate serial: 019BF7D204CC050FFD66DE39EA4025DE2E6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft Manifest number: 0576 Signing time: Mon 26 Jan 2026 01:01:34 +0000 Manifest this update: Mon 26 Jan 2026 01:01:34 +0000 Manifest next update: Tue 27 Jan 2026 01:01:34 +0000 Files and hashes: 1: Je_y8wxQvqCgs-B_X_JDDy6e4N4.roa (hash: EsZORo0khgTEum2xHY+MdLQ0jyUTYVdE3AQ38NpK21M=) 2: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: zl1rQ52OVp1nIG+6fBja1c11k7r8SxGj3xFi3EtfOk0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:d2:04:cc:05:0f:fd:66:de:39:ea:40:25:de:2e:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Validity Not Before: Jan 26 01:01:34 2026 GMT Not After : Jan 27 01:01:34 2026 GMT Subject: CN=4892e079d3e9163ecd66b06b82c211290fbf9ada Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:5e:64:7d:01:6b:65:97:41:fb:bb:60:d7:f7: db:6b:0b:2b:a6:61:fe:4c:d5:b0:cc:51:94:c4:9e: 88:8e:bc:f6:cc:7f:e2:3f:71:1d:17:77:48:16:d5: cb:4e:7d:d6:fa:21:f5:47:73:f9:a3:60:04:bb:79: 9e:ec:bf:8b:4d:a5:04:c5:b6:87:6a:b0:9a:dc:85: e0:6b:39:ee:e9:2b:5f:46:93:7c:af:a7:ff:b3:52: 75:1e:f1:24:38:83:e8:a3:d2:5e:de:79:ce:1e:c0: 17:01:5a:32:76:0e:4a:5d:5c:03:87:a6:5b:2f:29: 3b:9c:4d:fb:ce:6a:40:c2:1e:5b:b8:c9:fe:44:53: 1e:26:f9:61:34:c8:cf:7a:3f:df:29:29:20:4a:45: e4:a6:6b:5f:aa:20:1a:4e:f0:34:a9:85:71:a2:61: 6b:ca:e7:3b:c4:05:f5:e4:be:ce:3d:6a:cc:79:37: 1c:45:75:99:17:6f:8b:ff:69:25:c4:31:65:6f:a2: 9c:a8:88:43:a4:81:34:8f:d3:88:ab:18:ab:d5:57: 42:62:0a:26:17:54:7b:df:a7:0e:2c:84:58:bc:c4: 5e:6a:a4:aa:3b:9d:f8:80:d6:1e:da:2d:86:a1:ba: c6:5b:17:77:8b:49:fb:17:ae:3c:ad:bb:95:1d:4c: 29:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:92:E0:79:D3:E9:16:3E:CD:66:B0:6B:82:C2:11:29:0F:BF:9A:DA X509v3 Authority Key Identifier: keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:dc:19:d2:b8:4e:fe:e3:b9:41:a6:50:71:6a:a3:5d:3c:35: 60:de:ca:07:71:4d:63:e2:fc:ef:ef:e7:b8:8f:f5:24:32:a4: 46:71:21:dd:63:be:8b:c0:f8:02:77:98:5c:13:62:4a:79:36: f6:fd:dc:a5:6f:45:a9:9d:1e:7c:78:ad:e6:ec:36:0b:65:cf: dc:e5:b1:48:20:cd:72:00:13:0e:25:82:e8:1d:07:67:66:64: 75:c0:ea:0a:40:71:8f:7f:78:2d:7d:94:96:3c:c1:e7:5f:68: d3:ab:73:61:0a:b1:81:6e:b4:1f:4a:b3:be:08:14:ad:ae:3c: a3:28:25:35:27:98:e5:52:56:ed:d6:72:9f:ba:01:3e:63:77: b1:2a:f3:cb:6a:55:e1:1b:44:cb:0c:02:f3:7c:3c:c7:c8:82: 78:2b:6c:9c:92:be:28:52:0b:c3:ec:ca:2b:4d:01:06:7e:5b: ab:8e:e9:95:a4:24:01:55:7b:bb:f8:81:ae:22:31:13:02:65: 79:6d:12:f4:ff:c3:4b:9f:df:e3:66:4d:80:29:d4:e7:45:87: ce:00:73:1e:16:08:13:ff:ef:ce:5b:10:e8:cb:1a:39:f2:be: 6e:4d:df:1b:d4:a1:1a:a8:bb:6e:d4:d0:c4:3e:86:51:68:ce: c0:79:35:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv30gTMBQ/9Zt456kAl3i5vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk NDM0NTIwHhcNMjYwMTI2MDEwMTM0WhcNMjYwMTI3MDEwMTM0WjAzMTEwLwYDVQQD Eyg0ODkyZTA3OWQzZTkxNjNlY2Q2NmIwNmI4MmMyMTEyOTBmYmY5YWRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V5kfQFrZZdB+7tg1/fbawsrpmH+ TNWwzFGUxJ6Ijrz2zH/iP3EdF3dIFtXLTn3W+iH1R3P5o2AEu3me7L+LTaUExbaH arCa3IXgaznu6StfRpN8r6f/s1J1HvEkOIPoo9Je3nnOHsAXAVoydg5KXVwDh6Zb Lyk7nE37zmpAwh5buMn+RFMeJvlhNMjPej/fKSkgSkXkpmtfqiAaTvA0qYVxomFr yuc7xAX15L7OPWrMeTccRXWZF2+L/2klxDFlb6KcqIhDpIE0j9OIqxir1VdCYgom F1R736cOLIRYvMReaqSqO534gNYe2i2GobrGWxd3i0n7F648rbuVHUwpIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEiS4HnT6RY+zWawa4LCESkPv5raMB8GA1UdIwQY MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9wZ0rhO /uO5QaZQcWqjXTw1YN7KB3FNY+L87+/nuI/1JDKkRnEh3WO+i8D4AneYXBNiSnk2 9v3cpW9FqZ0efHit5uw2C2XP3OWxSCDNcgATDiWC6B0HZ2ZkdcDqCkBxj394LX2U ljzB519o06tzYQqxgW60H0qzvggUra48oyglNSeY5VJW7dZyn7oBPmN3sSrzy2pV 4RtEywwC83w8x8iCeCtsnJK+KFILw+zKK00BBn5bq47plaQkAVV7u/iBriIxEwJl eW0S9P/DS5/f42ZNgCnU50WHzgBzHhYIE//vzlsQ6MsaOfK+bk3fG9ShGqi7btTQ xD6GUWjOwHk12w== -----END CERTIFICATE-----Generated at Mon Jan 26 03:33:02 2026 by rpki-client