This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft File: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft (raw, json) Hash identifier: 5LqLAfSDgRDxgz/cAFyOjwHnYxaInrW7qTgCgA+e1VU= Subject key identifier: C1:34:C2:AC:7A:2D:75:2B:68:5F:E2:D7:9A:6F:86:49:8C:45:A2:76 Authority key identifier: DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F Certificate issuer: /CN=df3b1d2773a03d317a7703193d2f45429a94ba9f Certificate serial: 019BF951DDFE895D8A7619DF1A79639332AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft Manifest number: 01D0 Signing time: Mon 26 Jan 2026 08:00:50 +0000 Manifest this update: Mon 26 Jan 2026 08:00:50 +0000 Manifest next update: Tue 27 Jan 2026 08:00:50 +0000 Files and hashes: 1: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl (hash: vboF6ZDcxhiVruY2FlvP5CHLr0O9nal1qeE0SuZ2LUk=) 2: zi6BX2pprFhR63Y5lPO5fzP2XJw.roa (hash: k4cOLLcWBtedRh3+dHl3HpPG8a/ZH38IiLNVDqMNrQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:51:dd:fe:89:5d:8a:76:19:df:1a:79:63:93:32:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3b1d2773a03d317a7703193d2f45429a94ba9f Validity Not Before: Jan 26 08:00:50 2026 GMT Not After : Jan 27 08:00:50 2026 GMT Subject: CN=c134c2ac7a2d752b685fe2d79a6f86498c45a276 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d9:96:56:90:06:c0:53:b8:dd:a5:07:68:30: 03:9b:2c:23:ce:77:b0:33:ec:e4:ac:a5:93:62:82: 41:c9:d7:00:5d:3c:0b:91:f6:1a:73:bc:0c:44:9c: a2:07:b8:da:27:82:02:47:04:2f:fa:51:90:f4:1f: 6c:ee:c1:7d:75:10:11:0b:fe:e4:15:fb:fa:c8:da: d2:25:6d:90:a2:13:01:34:53:b1:bd:b2:ef:ec:4d: ff:2e:14:18:80:e8:7a:37:f9:0b:2f:dd:5b:34:e5: 9f:a2:ab:35:82:6f:ca:f3:09:3f:0c:e1:1e:7f:c3: fc:a3:30:71:a1:30:48:3c:6a:d7:13:af:6e:c7:c4: ea:d1:e9:ad:88:cc:39:0e:f3:82:2c:37:d4:b7:b9: 10:44:07:ba:07:82:32:1d:d8:95:2a:ff:6d:3f:e6: b5:e9:1e:9b:4e:0f:47:5a:05:58:49:bd:72:99:fa: 70:34:32:b1:3b:67:ae:68:fc:20:5d:f6:86:6f:36: 53:bf:d4:d9:d9:6e:19:6d:8c:2e:fa:17:4c:00:3b: a1:28:e0:05:69:9e:e1:3d:bb:67:01:d8:8b:8b:4e: 0a:f7:90:25:89:ca:70:46:6e:12:1e:89:15:fc:84: 79:70:1c:d1:74:5e:1e:e4:b3:c5:f1:db:8d:cd:74: 6b:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:34:C2:AC:7A:2D:75:2B:68:5F:E2:D7:9A:6F:86:49:8C:45:A2:76 X509v3 Authority Key Identifier: keyid:DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:ed:0a:db:a5:9f:30:ef:aa:08:a7:8b:8a:fa:19:91:37:c4: e1:b0:5b:df:33:5d:ca:b2:6a:1f:57:55:45:ba:77:b7:c8:cc: 0e:d9:38:f6:48:2a:d6:31:2e:d2:6f:b2:ef:a7:9a:ad:46:b0: 16:02:d6:18:2b:5e:67:9a:7b:39:fa:49:bc:a5:07:8f:2e:88: 3d:68:7d:27:c8:d8:0b:f1:ef:3e:f6:1d:28:dd:0f:5d:a6:db: 29:6f:f5:96:dd:f3:ca:d0:2d:4e:0d:77:23:1c:0e:02:e7:70: 24:bc:7e:1b:d0:9a:3b:5c:ce:1b:2c:21:54:ea:8e:f0:76:d8: e9:cd:ff:a6:27:e0:10:5d:d2:d2:08:2d:3d:71:63:88:50:54: 3e:41:4d:7a:2e:32:7d:20:ab:49:f5:df:fd:8c:6a:4b:b8:be: 37:94:e8:79:b5:1c:e8:6f:0c:c3:70:93:df:42:bb:2a:aa:ca: ad:7d:1a:a8:0a:1c:a6:17:ae:83:eb:4c:49:20:6c:94:8d:60: db:d8:66:17:e2:a5:5e:32:b9:8e:5e:55:2b:ab:15:d6:26:b5: b0:ba:6f:9a:db:26:ce:ec:25:84:80:e0:8c:f6:a6:eb:92:2c: b7:dc:67:b8:7f:0f:cd:e3:cd:57:96:e5:28:4a:d6:fb:ec:03: 94:7e:4d:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5Ud3+iV2KdhnfGnljkzKvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2IxZDI3NzNhMDNkMzE3YTc3MDMxOTNkMmY0NTQyOWE5 NGJhOWYwHhcNMjYwMTI2MDgwMDUwWhcNMjYwMTI3MDgwMDUwWjAzMTEwLwYDVQQD EyhjMTM0YzJhYzdhMmQ3NTJiNjg1ZmUyZDc5YTZmODY0OThjNDVhMjc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytmWVpAGwFO43aUHaDADmywjznew M+zkrKWTYoJBydcAXTwLkfYac7wMRJyiB7jaJ4ICRwQv+lGQ9B9s7sF9dRARC/7k Ffv6yNrSJW2QohMBNFOxvbLv7E3/LhQYgOh6N/kLL91bNOWfoqs1gm/K8wk/DOEe f8P8ozBxoTBIPGrXE69ux8Tq0emtiMw5DvOCLDfUt7kQRAe6B4IyHdiVKv9tP+a1 6R6bTg9HWgVYSb1ymfpwNDKxO2euaPwgXfaGbzZTv9TZ2W4ZbYwu+hdMADuhKOAF aZ7hPbtnAdiLi04K95AlicpwRm4SHokV/IR5cBzRdF4e5LPF8duNzXRrswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFME0wqx6LXUraF/i15pvhkmMRaJ2MB8GA1UdIwQY MBaAFN87HSdzoD0xencDGT0vRUKalLqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3Nzct NTI2ZGNiMmEyM2JkLzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3NzctNTI2ZGNiMmEyM2Jk LzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfu0K26Wf MO+qCKeLivoZkTfE4bBb3zNdyrJqH1dVRbp3t8jMDtk49kgq1jEu0m+y76earUaw FgLWGCteZ5p7OfpJvKUHjy6IPWh9J8jYC/HvPvYdKN0PXabbKW/1lt3zytAtTg13 IxwOAudwJLx+G9CaO1zOGywhVOqO8HbY6c3/pifgEF3S0ggtPXFjiFBUPkFNei4y fSCrSfXf/YxqS7i+N5ToebUc6G8Mw3CT30K7KqrKrX0aqAocpheug+tMSSBslI1g 29hmF+KlXjK5jl5VK6sV1ia1sLpvmtsmzuwlhIDgjPam65Ist9xnuH8PzePNV5bl KErW++wDlH5N+w== -----END CERTIFICATE-----Generated at Mon Jan 26 13:06:17 2026 by rpki-client