This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft File: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json) Hash identifier: sSkgdhYjofgzSlZ8AgMA8YmGJS8aU26xCdKn0ekXvOA= Subject key identifier: 16:BE:65:29:14:76:85:90:72:4A:0C:82:B3:FD:A4:90:E2:A2:A6:59 Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89 Certificate issuer: /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689 Certificate serial: 019BF53EC88BED2335E60036F28A9CF9C7FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft Manifest number: 17EA Signing time: Sun 25 Jan 2026 13:01:31 +0000 Manifest this update: Sun 25 Jan 2026 13:01:31 +0000 Manifest next update: Mon 26 Jan 2026 13:01:31 +0000 Files and hashes: 1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: pgKY3d9Xqjxyq/IidIvaBrP28yvmiYyErqVixldB9Ic=) 2: L3FElQgN_OK9ME85XjkPB5d4njo.roa (hash: 7fKQw9/kLDh7zT4p1MB3dQg/LI4nczVMbuMgYO277J0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3e:c8:8b:ed:23:35:e6:00:36:f2:8a:9c:f9:c7:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689 Validity Not Before: Jan 25 13:01:31 2026 GMT Not After : Jan 26 13:01:31 2026 GMT Subject: CN=16be652914768590724a0c82b3fda490e2a2a659 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:86:46:3a:ef:66:df:72:51:7f:0c:86:26:d0: d9:f5:0d:2d:b9:93:da:48:19:72:dc:30:a3:07:42: f8:c8:fa:c9:87:e0:9a:7a:de:fe:ca:9f:5b:b4:c4: 27:2b:36:b0:41:06:24:d3:de:01:3f:1d:84:00:cb: 94:c5:70:da:f3:71:7a:d5:ac:50:34:bb:44:1e:6f: 16:5a:89:08:ac:ff:e5:0c:e3:0f:41:02:c1:32:25: 8a:06:e4:8c:d1:07:83:6a:9c:a7:a0:26:f6:e5:5f: c1:e1:e7:fd:90:e9:45:90:f4:74:a9:35:c9:91:26: 3f:50:db:75:b3:cd:73:73:f4:b5:29:0a:6e:30:f1: 89:e7:77:bf:41:1f:03:e0:17:08:5e:aa:6f:b0:9f: dd:2c:09:66:4e:d2:75:e4:a5:2a:38:f3:90:01:f7: 22:9c:d3:e2:c2:33:de:f4:6e:be:18:e3:fd:30:4a: 5e:2b:8d:e3:7e:d6:1a:1a:0e:39:d8:0c:3a:49:ba: 93:54:b4:a2:28:16:85:49:86:b4:9f:72:10:3c:88: 17:42:a1:5d:f9:36:ed:2e:88:4e:d8:8a:9b:69:f9: 8e:33:65:32:8c:bb:d3:44:13:15:b1:e8:9a:65:2f: ea:21:27:41:13:73:61:02:d2:36:4f:c4:4f:a3:b7: 85:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:BE:65:29:14:76:85:90:72:4A:0C:82:B3:FD:A4:90:E2:A2:A6:59 X509v3 Authority Key Identifier: keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:0d:b0:93:99:47:2e:5e:e9:4a:89:d7:03:39:59:20:9a:f7: a9:d7:bf:a5:7d:aa:c6:85:ba:49:48:c2:5f:02:95:fe:26:03: 21:fb:92:f4:46:ad:de:19:6b:66:9a:00:39:67:65:4d:ab:1a: e3:14:74:07:69:4d:83:e4:07:1d:a6:ee:27:1b:3d:66:24:9a: 34:13:70:ca:f0:3d:59:ba:60:9b:c9:00:5a:f8:70:53:07:5b: d2:e3:f8:a6:06:a8:13:7f:4d:68:ed:25:f1:b6:f0:71:2f:49: 25:64:ab:a9:b9:72:3d:b3:87:b7:f6:2f:18:ab:fd:82:44:7b: 74:fd:57:54:fb:1d:6c:20:b1:59:20:bf:93:cb:57:53:a6:12: 84:e5:96:01:38:7e:ac:7e:35:78:a8:de:74:40:c3:99:ea:e0: 66:de:43:e5:c0:ad:6b:c2:23:1d:a9:17:18:fa:18:68:9a:7a: dd:66:ca:e6:67:a0:1d:60:15:8d:84:e8:ca:2f:85:5e:ed:40: b1:88:6c:4c:bd:41:c4:7f:d6:6c:36:7b:c7:37:d3:d8:14:aa: ef:2c:99:da:81:bd:fd:53:27:8a:16:7b:b8:06:03:f7:b7:56: 0e:a1:a6:bc:d1:91:67:3c:40:dd:fd:14:a8:ef:53:0a:0b:5d: 6a:ec:17:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1PsiL7SM15gA28oqc+cf9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2 MDQ2ODkwHhcNMjYwMTI1MTMwMTMxWhcNMjYwMTI2MTMwMTMxWjAzMTEwLwYDVQQD EygxNmJlNjUyOTE0NzY4NTkwNzI0YTBjODJiM2ZkYTQ5MGUyYTJhNjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4ZGOu9m33JRfwyGJtDZ9Q0tuZPa SBly3DCjB0L4yPrJh+Caet7+yp9btMQnKzawQQYk094BPx2EAMuUxXDa83F61axQ NLtEHm8WWokIrP/lDOMPQQLBMiWKBuSM0QeDapynoCb25V/B4ef9kOlFkPR0qTXJ kSY/UNt1s81zc/S1KQpuMPGJ53e/QR8D4BcIXqpvsJ/dLAlmTtJ15KUqOPOQAfci nNPiwjPe9G6+GOP9MEpeK43jftYaGg452Aw6SbqTVLSiKBaFSYa0n3IQPIgXQqFd +TbtLohO2IqbafmOM2UyjLvTRBMVseiaZS/qISdBE3NhAtI2T8RPo7eFqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBa+ZSkUdoWQckoMgrP9pJDioqZZMB8GA1UdIwQY MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgw2wk5lH Ll7pSonXAzlZIJr3qde/pX2qxoW6SUjCXwKV/iYDIfuS9Eat3hlrZpoAOWdlTasa 4xR0B2lNg+QHHabuJxs9ZiSaNBNwyvA9Wbpgm8kAWvhwUwdb0uP4pgaoE39NaO0l 8bbwcS9JJWSrqblyPbOHt/YvGKv9gkR7dP1XVPsdbCCxWSC/k8tXU6YShOWWATh+ rH41eKjedEDDmergZt5D5cCta8IjHakXGPoYaJp63WbK5megHWAVjYToyi+FXu1A sYhsTL1BxH/WbDZ7xzfT2BSq7yyZ2oG9/VMnihZ7uAYD97dWDqGmvNGRZzxA3f0U qO9TCgtdauwX9A== -----END CERTIFICATE-----Generated at Sun Jan 25 18:58:43 2026 by rpki-client