This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft File: y2bnZjRVc9cVnWeU7a7bc5okH48.mft (raw, json) Hash identifier: /xJcoZEjZ8lUe7VvetRJ21dY9pVn+KKoqQ0HvjcCUnI= Subject key identifier: 4C:9D:49:8A:89:0A:70:95:E4:A3:42:98:02:05:45:85:4D:C8:E4:8E Authority key identifier: CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F Certificate issuer: /CN=cb66e766345573d7159d6794edaedb739a241f8f Certificate serial: 019BF80838383C231816BCD98DD61B8F6B66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft Manifest number: 0838 Signing time: Mon 26 Jan 2026 02:00:46 +0000 Manifest this update: Mon 26 Jan 2026 02:00:46 +0000 Manifest next update: Tue 27 Jan 2026 02:00:46 +0000 Files and hashes: 1: y2bnZjRVc9cVnWeU7a7bc5okH48.crl (hash: YUX1oGyII/7+wZSUMKLqUXV/BsZpLrlz+9H+mPuznsY=) 2: zyxH_ZayU87vTJX81fgX-DVJmTk.roa (hash: v7IX/ua2uQXhjGalwVPCerFWeIG3hQEbj9ssotgdfjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:08:38:38:3c:23:18:16:bc:d9:8d:d6:1b:8f:6b:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb66e766345573d7159d6794edaedb739a241f8f Validity Not Before: Jan 26 02:00:46 2026 GMT Not After : Jan 27 02:00:46 2026 GMT Subject: CN=4c9d498a890a7095e4a34298020545854dc8e48e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e3:65:69:93:f0:d9:f5:b4:60:68:ef:5a:3d: d4:88:d5:2c:b9:1b:50:a0:1c:02:d3:99:89:bb:d7: 65:16:90:c5:20:f9:b5:b7:f9:a7:7e:7b:71:fc:83: 18:a4:2b:b1:fc:28:b6:c8:66:a5:de:a0:ff:3a:c0: 6f:ae:35:19:7f:63:c6:40:01:7b:16:33:c2:3e:83: d2:67:67:0e:0f:a9:c2:7f:0f:c1:a1:b3:81:23:eb: 25:3d:0d:1d:3e:43:b0:49:cb:c0:80:bb:b9:c4:c9: af:65:54:81:9d:f7:41:fd:99:24:f8:6b:38:71:56: 68:36:ac:3d:e1:f5:1c:23:8e:cd:24:94:d7:e7:1d: 55:33:3b:bb:44:ca:fd:07:18:3f:c5:b7:1e:e1:48: a8:04:79:5a:c6:77:60:6f:2f:d0:82:7f:df:17:48: 20:e7:f7:30:bf:8a:3b:22:3c:1f:83:f0:b9:b0:22: ff:f1:ef:14:05:18:65:98:ab:9b:4d:42:f5:e7:70: a6:fa:4a:a9:d9:91:f9:3d:59:90:a0:48:81:78:ec: b2:5a:fa:a9:f6:76:6e:da:a7:1a:ba:2b:71:1e:2c: c2:8f:20:e2:0e:7b:fe:7f:52:86:84:c7:19:dd:b7: 7e:7f:85:df:24:6d:81:97:0c:ea:ff:be:3a:7c:4e: 7c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:9D:49:8A:89:0A:70:95:E4:A3:42:98:02:05:45:85:4D:C8:E4:8E X509v3 Authority Key Identifier: keyid:CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:2a:94:3a:82:02:95:8d:49:9c:13:6d:55:47:ce:25:0e:fa: 31:ea:ed:eb:47:bf:be:c4:40:e4:59:77:b4:44:09:59:ca:6f: b4:ef:0b:c3:e6:7b:ed:c5:9e:f7:9e:fe:14:10:88:12:18:b9: 31:b5:39:02:37:3a:bd:aa:39:b6:52:a1:53:4b:68:e5:f4:25: 6b:d1:a8:2c:a9:bc:84:9e:88:1d:08:4d:19:27:9e:58:fd:2c: 18:79:eb:51:52:45:98:f2:5d:71:63:20:43:2a:25:51:9c:02: 98:cf:50:90:d2:a4:81:ea:0d:6c:8b:1b:c4:ca:62:49:80:01: 30:36:1a:35:f2:24:8a:cb:51:be:a9:1f:91:a6:b2:38:62:cd: 82:d5:0b:d4:20:86:3f:ee:a1:84:44:1c:15:a9:49:cf:76:c8: d3:c1:2b:bb:7d:ef:31:82:cf:74:33:e2:ae:bb:6f:0d:58:44: 69:7a:ef:ba:55:a6:79:ec:ec:d6:38:53:80:3a:c4:e6:1c:90: 78:bb:79:ea:b1:d3:79:0a:0f:ba:2a:0b:82:0f:10:6e:e5:ff: 29:2e:8e:b9:ef:6b:c0:37:65:d0:f5:45:b8:e7:95:32:2d:48: 12:1a:c4:95:47:ab:b4:62:d2:9f:d1:f6:f7:7a:29:9f:3a:da: a8:f4:1b:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4CDg4PCMYFrzZjdYbj2tmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNjZlNzY2MzQ1NTczZDcxNTlkNjc5NGVkYWVkYjczOWEy NDFmOGYwHhcNMjYwMTI2MDIwMDQ2WhcNMjYwMTI3MDIwMDQ2WjAzMTEwLwYDVQQD Eyg0YzlkNDk4YTg5MGE3MDk1ZTRhMzQyOTgwMjA1NDU4NTRkYzhlNDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuNlaZPw2fW0YGjvWj3UiNUsuRtQ oBwC05mJu9dlFpDFIPm1t/mnfntx/IMYpCux/Ci2yGal3qD/OsBvrjUZf2PGQAF7 FjPCPoPSZ2cOD6nCfw/BobOBI+slPQ0dPkOwScvAgLu5xMmvZVSBnfdB/Zkk+Gs4 cVZoNqw94fUcI47NJJTX5x1VMzu7RMr9Bxg/xbce4UioBHlaxndgby/Qgn/fF0gg 5/cwv4o7Ijwfg/C5sCL/8e8UBRhlmKubTUL153Cm+kqp2ZH5PVmQoEiBeOyyWvqp 9nZu2qcauitxHizCjyDiDnv+f1KGhMcZ3bd+f4XfJG2Blwzq/746fE58sQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEydSYqJCnCV5KNCmAIFRYVNyOSOMB8GA1UdIwQY MBaAFMtm52Y0VXPXFZ1nlO2u23OaJB+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEt NjViZjc5YjBhOTg5LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEtNjViZjc5YjBhOTg5 LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtCqUOoIC lY1JnBNtVUfOJQ76Mert60e/vsRA5Fl3tEQJWcpvtO8Lw+Z77cWe957+FBCIEhi5 MbU5Ajc6vao5tlKhU0to5fQla9GoLKm8hJ6IHQhNGSeeWP0sGHnrUVJFmPJdcWMg QyolUZwCmM9QkNKkgeoNbIsbxMpiSYABMDYaNfIkistRvqkfkaayOGLNgtUL1CCG P+6hhEQcFalJz3bI08Eru33vMYLPdDPirrtvDVhEaXrvulWmeezs1jhTgDrE5hyQ eLt56rHTeQoPuioLgg8QbuX/KS6Oue9rwDdl0PVFuOeVMi1IEhrElUertGLSn9H2 93opnzraqPQbZQ== -----END CERTIFICATE-----Generated at Mon Jan 26 09:02:00 2026 by rpki-client