This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft File: IATWKTJ0OW9ajWkUhdaHagogcdk.mft (raw, json) Hash identifier: m/LAoiuW8ltl1EKsuRHub2xr+WcXGPmfEHZqCZfgsxM= Subject key identifier: 1E:BD:7A:67:A4:34:A8:DF:08:2E:8A:EE:44:67:43:95:DA:88:88:90 Authority key identifier: 20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 Certificate issuer: /CN=2004d6293274396f5a8d691485d6876a0a2071d9 Certificate serial: 019BF3BDEBF5C8FE8D169E11F8650FFBEE91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft Manifest number: 1488 Signing time: Sun 25 Jan 2026 06:01:08 +0000 Manifest this update: Sun 25 Jan 2026 06:01:08 +0000 Manifest next update: Mon 26 Jan 2026 06:01:08 +0000 Files and hashes: 1: IATWKTJ0OW9ajWkUhdaHagogcdk.crl (hash: UPdDrLS0+AggreTPQETbaC/VgDrBmpS5iLcQ0T+WJVs=) 2: hnmnA26xKXY54jFPUcSN_0PAckk.roa (hash: iZnIOMbwxqj7gdSqvCeT/1vFVrhvoJ0Z39/9nmcH68s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f3:bd:eb:f5:c8:fe:8d:16:9e:11:f8:65:0f:fb:ee:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2004d6293274396f5a8d691485d6876a0a2071d9 Validity Not Before: Jan 25 06:01:08 2026 GMT Not After : Jan 26 06:01:08 2026 GMT Subject: CN=1ebd7a67a434a8df082e8aee44674395da888890 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d1:90:b8:5a:8d:2c:68:68:cb:19:73:94:07: 1c:e3:e8:3b:a2:b7:3c:64:2a:c3:96:aa:38:c5:43: f0:a1:99:07:d6:14:f6:c1:d9:35:9a:b1:de:e1:86: c8:66:be:09:13:6e:10:b3:f1:6b:fc:d9:9c:db:81: 06:46:68:19:7c:b3:62:ff:2d:1c:71:a9:b9:43:39: 7a:0d:06:b5:fc:a9:2e:ca:05:7b:d6:99:0a:71:7c: 4e:51:3a:c6:f7:45:c2:ae:6f:ca:0d:55:95:ac:67: 6a:e3:b1:56:67:2b:8b:d1:26:b5:56:4f:eb:fb:0a: f4:26:58:d1:1f:62:8d:6a:e2:89:f6:8f:7c:7e:f4: 28:0f:0f:f4:76:b5:15:54:fb:3e:42:a9:7a:a8:3b: ad:00:1f:23:cc:a6:04:9a:20:0c:71:88:13:36:3a: 72:a2:61:a1:85:91:8a:57:37:39:52:cf:e1:62:9b: 21:cb:fa:87:68:76:67:b2:9d:91:ae:bb:84:62:dd: 61:82:c8:32:40:0c:16:23:0e:6d:c8:4a:12:d0:9b: 52:83:a8:2f:0a:65:3c:16:e8:32:f1:3e:67:11:ff: db:21:0b:c8:98:20:76:f1:f1:4e:ca:1b:30:d8:28: 7b:2d:5a:f2:89:d3:82:e4:49:bf:77:64:86:a7:50: fe:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:BD:7A:67:A4:34:A8:DF:08:2E:8A:EE:44:67:43:95:DA:88:88:90 X509v3 Authority Key Identifier: keyid:20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:8d:db:47:ed:6b:5e:68:77:2e:64:38:da:3e:4a:0f:2d:c2: f1:34:80:e8:c8:8f:9a:b6:54:74:7d:39:0f:b5:aa:88:7e:0e: 9b:95:76:a2:ae:95:b3:37:a7:43:4d:97:da:3b:ca:99:67:f3: 6a:11:47:2c:d6:af:13:47:b2:a5:d1:64:b5:a2:e3:bb:8e:57: 99:c4:2b:c9:e7:27:c5:ea:d6:53:5e:b2:1e:02:39:57:4a:d6: 81:3a:9c:55:ba:c0:79:59:8f:0a:dc:44:19:a2:ae:d5:af:33: c2:b2:d7:67:c2:d4:3e:5f:a3:f7:4e:d2:14:1b:e9:ff:79:a4: 0a:67:40:f4:7d:cf:3f:4c:a3:4f:da:bf:c8:aa:1f:51:26:ab: 85:0c:da:d5:e1:6e:70:ed:3d:5b:55:91:39:a0:ec:66:fe:b2: d8:7d:77:61:61:af:96:ba:ba:c1:62:3b:a6:56:50:8b:7a:d1: dd:58:ce:33:5d:4c:f4:90:95:64:f5:53:de:8f:1b:78:19:6e: 3b:01:c3:34:d3:60:46:f3:c2:01:a1:44:85:2b:af:43:e5:d4: b3:40:40:62:3c:72:ec:e6:95:4f:bb:05:e6:c3:a3:f5:12:93: 97:ff:94:5a:bc:f6:05:01:ec:58:68:33:16:22:bd:be:30:74: d8:4b:15:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvzvev1yP6NFp4R+GUP++6RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMDRkNjI5MzI3NDM5NmY1YThkNjkxNDg1ZDY4NzZhMGEy MDcxZDkwHhcNMjYwMTI1MDYwMTA4WhcNMjYwMTI2MDYwMTA4WjAzMTEwLwYDVQQD EygxZWJkN2E2N2E0MzRhOGRmMDgyZThhZWU0NDY3NDM5NWRhODg4ODkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tGQuFqNLGhoyxlzlAcc4+g7orc8 ZCrDlqo4xUPwoZkH1hT2wdk1mrHe4YbIZr4JE24Qs/Fr/Nmc24EGRmgZfLNi/y0c cam5Qzl6DQa1/KkuygV71pkKcXxOUTrG90XCrm/KDVWVrGdq47FWZyuL0Sa1Vk/r +wr0JljRH2KNauKJ9o98fvQoDw/0drUVVPs+Qql6qDutAB8jzKYEmiAMcYgTNjpy omGhhZGKVzc5Us/hYpshy/qHaHZnsp2RrruEYt1hgsgyQAwWIw5tyEoS0JtSg6gv CmU8Fugy8T5nEf/bIQvImCB28fFOyhsw2Ch7LVryidOC5Em/d2SGp1D+1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB69emekNKjfCC6K7kRnQ5XaiIiQMB8GA1UdIwQY MBaAFCAE1ikydDlvWo1pFIXWh2oKIHHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzIt NGVmOWNjNzUxNTE3LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzItNGVmOWNjNzUxNTE3 LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGY3bR+1r Xmh3LmQ42j5KDy3C8TSA6MiPmrZUdH05D7WqiH4Om5V2oq6VszenQ02X2jvKmWfz ahFHLNavE0eypdFktaLju45XmcQryecnxerWU16yHgI5V0rWgTqcVbrAeVmPCtxE GaKu1a8zwrLXZ8LUPl+j907SFBvp/3mkCmdA9H3PP0yjT9q/yKofUSarhQza1eFu cO09W1WROaDsZv6y2H13YWGvlrq6wWI7plZQi3rR3VjOM11M9JCVZPVT3o8beBlu OwHDNNNgRvPCAaFEhSuvQ+XUs0BAYjxy7OaVT7sF5sOj9RKTl/+UWrz2BQHsWGgz FiK9vjB02EsV9A== -----END CERTIFICATE-----Generated at Sun Jan 25 16:44:53 2026 by rpki-client