This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft File: 0PFLigjLX4BX1IsD5T9Fi44f7tY.mft (raw, json) Hash identifier: yfznvVZ4l4+7rtYJnBBVBfeNz+5Bnb/S+9Jm+cfVcY0= Subject key identifier: F6:17:4D:1A:0E:FB:34:EB:A1:AB:AB:96:E6:95:B0:EE:C4:83:03:88 Authority key identifier: D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 Certificate issuer: /CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Certificate serial: 019BF6884A0AFD3FCE3E6A26E63B04B0F179 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft Manifest number: 0437 Signing time: Sun 25 Jan 2026 19:01:25 +0000 Manifest this update: Sun 25 Jan 2026 19:01:25 +0000 Manifest next update: Mon 26 Jan 2026 19:01:25 +0000 Files and hashes: 1: 0PFLigjLX4BX1IsD5T9Fi44f7tY.crl (hash: AnjeivBBxoPhcsrhrM8jZN75e1+4Ze2FwAyPy4FkfHQ=) 2: Yp5EzvNAptv0FF3dq0dG-qbNXDE.roa (hash: rEVjSa04WTwHqfNGkpfReSocSUSeb47hyl6D9pld43I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:88:4a:0a:fd:3f:ce:3e:6a:26:e6:3b:04:b0:f1:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Validity Not Before: Jan 25 19:01:25 2026 GMT Not After : Jan 26 19:01:25 2026 GMT Subject: CN=f6174d1a0efb34eba1abab96e695b0eec4830388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:81:18:23:03:39:81:ee:f1:1f:cd:e0:d4:95: 5f:ba:3f:03:6b:c5:c7:ea:cc:64:7e:20:d2:70:08: 35:73:85:e2:4e:2b:b6:f5:a0:e1:48:42:9c:74:5c: 29:1a:c4:25:14:f9:c3:38:05:cb:76:62:7f:ae:57: 82:3c:39:73:41:9e:b8:cb:83:92:a4:f8:f5:d7:b5: f8:5f:e5:c5:6f:05:c1:f4:43:c7:87:ed:39:3f:6c: e7:fb:51:95:6b:73:bd:38:83:92:e8:3a:f5:ca:e7: 39:41:ff:2b:45:9d:1b:92:5e:fe:99:45:76:f1:c6: 50:a1:3e:b9:ae:5c:33:f3:09:99:92:90:5e:0b:1e: e4:b4:b8:90:7f:a1:a6:de:dd:30:f0:f8:c8:62:70: 2e:63:8a:3f:61:a1:24:b6:48:5b:87:a5:6c:fa:8e: 42:e4:bb:fe:f4:ba:0e:ba:23:e5:ef:f3:b9:8c:18: dd:a0:72:3d:55:86:11:b0:64:4f:0c:97:f8:01:32: 17:ce:ce:4b:47:18:28:a1:8f:01:d9:a1:85:65:f8: 92:d7:14:df:f9:94:89:70:6f:b3:ec:f5:df:0c:99: 55:aa:6e:e3:b0:ae:8b:ce:cb:ea:76:72:2a:00:e6: 9d:7d:47:f4:0c:ec:9f:c3:6f:b9:19:ad:4b:a7:aa: 28:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:17:4D:1A:0E:FB:34:EB:A1:AB:AB:96:E6:95:B0:EE:C4:83:03:88 X509v3 Authority Key Identifier: keyid:D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:1e:be:45:1f:e7:f0:ae:c8:7d:32:fa:f4:36:53:1f:d5:59: d8:fc:aa:08:3a:a0:8a:d1:17:73:0b:fc:65:bb:b8:92:02:fa: e0:53:72:70:b8:9f:03:e3:92:e3:81:aa:4f:a4:e5:28:97:a4: d1:5b:03:f2:89:de:39:e0:28:fd:61:d4:32:d0:d3:84:7a:a0: e3:1e:84:c7:a4:56:ba:c8:7a:b9:e7:9a:16:2d:0f:de:75:14: f4:a1:ec:85:67:f7:2c:55:2c:72:8c:de:b0:64:9f:2c:f1:c4: dc:04:11:eb:a2:61:b4:1c:f7:48:83:05:2b:e1:dd:d4:bb:ac: 59:17:90:ec:1b:8b:b4:0f:b5:25:5c:61:47:4e:ef:3f:66:6c: 87:92:3c:75:7d:4d:38:75:c8:a9:5d:24:11:44:b0:00:57:ab: 5c:54:6a:3d:49:53:3a:1a:f4:f3:19:03:8e:c2:d6:fa:54:69: 46:bd:88:51:f3:db:d3:82:42:19:cd:91:f8:bb:10:b5:f1:35: 4a:c9:ce:0e:6f:0c:7d:73:33:92:45:51:1c:7c:92:d6:59:59: 4a:7f:74:f8:95:51:62:01:25:fd:c9:ca:d2:ab:92:ce:04:59: b0:5a:a1:b7:dc:f3:eb:cb:59:b8:ae:98:42:9c:d3:75:4c:bf: 34:79:eb:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2iEoK/T/OPmom5jsEsPF5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwZjE0YjhhMDhjYjVmODA1N2Q0OGIwM2U1M2Y0NThiOGUx ZmVlZDYwHhcNMjYwMTI1MTkwMTI1WhcNMjYwMTI2MTkwMTI1WjAzMTEwLwYDVQQD EyhmNjE3NGQxYTBlZmIzNGViYTFhYmFiOTZlNjk1YjBlZWM0ODMwMzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4EYIwM5ge7xH83g1JVfuj8Da8XH 6sxkfiDScAg1c4XiTiu29aDhSEKcdFwpGsQlFPnDOAXLdmJ/rleCPDlzQZ64y4OS pPj117X4X+XFbwXB9EPHh+05P2zn+1GVa3O9OIOS6Dr1yuc5Qf8rRZ0bkl7+mUV2 8cZQoT65rlwz8wmZkpBeCx7ktLiQf6Gm3t0w8PjIYnAuY4o/YaEktkhbh6Vs+o5C 5Lv+9LoOuiPl7/O5jBjdoHI9VYYRsGRPDJf4ATIXzs5LRxgooY8B2aGFZfiS1xTf +ZSJcG+z7PXfDJlVqm7jsK6LzsvqdnIqAOadfUf0DOyfw2+5Ga1Lp6oo8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPYXTRoO+zTroaurluaVsO7EgwOIMB8GA1UdIwQY MBaAFNDxS4oIy1+AV9SLA+U/RYuOH+7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDkt MDY2ZGRmMzJiZmNjLzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDktMDY2ZGRmMzJiZmNj LzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhR6+RR/n 8K7IfTL69DZTH9VZ2PyqCDqgitEXcwv8Zbu4kgL64FNycLifA+OS44GqT6TlKJek 0VsD8oneOeAo/WHUMtDThHqg4x6Ex6RWush6ueeaFi0P3nUU9KHshWf3LFUscoze sGSfLPHE3AQR66JhtBz3SIMFK+Hd1LusWReQ7BuLtA+1JVxhR07vP2Zsh5I8dX1N OHXIqV0kEUSwAFerXFRqPUlTOhr08xkDjsLW+lRpRr2IUfPb04JCGc2R+LsQtfE1 SsnODm8MfXMzkkVRHHyS1llZSn90+JVRYgEl/cnK0quSzgRZsFqht9zz68tZuK6Y QpzTdUy/NHnrJA== -----END CERTIFICATE-----Generated at Mon Jan 26 05:57:05 2026 by rpki-client