This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft File: 0PFLigjLX4BX1IsD5T9Fi44f7tY.mft (raw, json) Hash identifier: vUP2JFZK1GTuJaouqVqELJFkHtzpivE3IYyA+gUsKUY= Subject key identifier: EA:24:F2:34:64:24:D3:85:32:97:0E:CB:54:50:B3:73:5A:A8:48:9C Authority key identifier: D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 Certificate issuer: /CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Certificate serial: 019BF876A7F2C365834BD9BAA3F8705E2D32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft Manifest number: 0438 Signing time: Mon 26 Jan 2026 04:01:24 +0000 Manifest this update: Mon 26 Jan 2026 04:01:24 +0000 Manifest next update: Tue 27 Jan 2026 04:01:24 +0000 Files and hashes: 1: 0PFLigjLX4BX1IsD5T9Fi44f7tY.crl (hash: Tg1T1sQfAr+XE4y1ooJDNS3AeaVXJbZvNR5EV5fJ7tE=) 2: Yp5EzvNAptv0FF3dq0dG-qbNXDE.roa (hash: rEVjSa04WTwHqfNGkpfReSocSUSeb47hyl6D9pld43I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:76:a7:f2:c3:65:83:4b:d9:ba:a3:f8:70:5e:2d:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Validity Not Before: Jan 26 04:01:24 2026 GMT Not After : Jan 27 04:01:24 2026 GMT Subject: CN=ea24f2346424d38532970ecb5450b3735aa8489c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:cb:af:e1:47:46:a2:0c:42:bf:84:6f:0f:38: e7:7f:9a:89:04:10:0a:68:65:e1:f8:dd:47:59:f3: 25:cd:57:b3:47:66:b6:ba:5f:12:26:06:87:cc:54: f4:f3:b7:54:3d:4c:14:38:3d:b2:37:f1:dc:e9:c5: 0f:f3:61:cc:ce:ae:07:81:e9:a9:b5:26:6d:92:65: a9:a6:05:5f:5e:95:b2:4a:71:e5:bf:19:a0:a6:b3: b2:e6:ac:d3:77:da:d3:06:b3:99:79:16:2b:76:54: 3c:37:d9:ce:56:83:23:fb:94:1f:6a:2d:c1:c7:07: 71:8a:2e:74:55:1d:fa:cc:d7:33:17:4f:46:a6:e7: a0:72:bc:24:6c:44:5c:eb:71:40:e2:13:dd:a3:a4: 6c:9e:2b:db:56:36:8f:10:42:8b:ef:f3:0b:12:10: 62:ba:3e:0d:20:a3:99:6f:09:d0:01:76:9a:90:40: 38:c2:bf:85:bf:19:84:30:7b:df:fc:77:30:cf:97: 0f:8e:ce:06:6c:89:07:98:4f:97:31:58:fa:71:c0: cd:5e:c5:bf:1a:57:ad:d6:a2:62:9e:90:22:81:a6: 25:4d:68:5d:f5:9c:4e:db:6d:da:7e:72:e0:7d:ea: c8:e0:d7:9f:87:25:8a:7d:20:e8:e8:06:ca:18:5b: 41:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:24:F2:34:64:24:D3:85:32:97:0E:CB:54:50:B3:73:5A:A8:48:9C X509v3 Authority Key Identifier: keyid:D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:03:f7:c8:a0:97:09:57:3f:c5:d5:73:a8:2a:a9:01:bb:83: 1a:13:fd:ba:93:6b:73:fa:0b:8e:e4:7d:fd:ad:bb:d1:43:c0: 5d:23:df:e3:b7:40:45:e1:75:60:dd:bf:6a:92:22:67:39:cd: 9d:71:4d:c4:94:be:a6:6d:f8:e6:a7:cc:62:0f:37:45:ff:db: 12:ec:48:8a:e4:f2:23:1f:30:90:cb:e0:f8:90:a6:b7:ad:f3: 9f:82:51:05:d2:5c:80:83:1f:89:e3:c0:ce:12:21:7f:43:7b: b5:c0:a5:69:b1:cd:71:73:70:21:0e:d3:dc:12:f6:dc:d3:69: b4:1e:7f:6d:b7:9e:d8:5d:ec:c5:6e:8a:84:df:ac:7d:bb:83: b9:8c:a5:2a:8a:7a:e5:20:a4:5e:f9:cc:a1:32:9c:ed:ee:0a: 30:e4:12:ae:70:0c:f2:1e:d5:12:5b:8b:1a:11:46:18:90:7c: 42:d7:be:2c:fd:3d:4b:df:25:a2:10:90:7b:aa:46:a1:3e:43: b3:d8:70:ab:1e:1e:eb:ce:e5:b8:d2:75:26:d3:03:9a:56:a1: d1:fc:7f:b5:74:0c:b2:4a:ec:b2:5d:5d:95:00:a8:73:27:9b: 85:78:83:61:46:2c:b7:13:1f:82:ff:4e:c1:5a:73:f5:00:c7: d8:7b:3a:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4dqfyw2WDS9m6o/hwXi0yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwZjE0YjhhMDhjYjVmODA1N2Q0OGIwM2U1M2Y0NThiOGUx ZmVlZDYwHhcNMjYwMTI2MDQwMTI0WhcNMjYwMTI3MDQwMTI0WjAzMTEwLwYDVQQD EyhlYTI0ZjIzNDY0MjRkMzg1MzI5NzBlY2I1NDUwYjM3MzVhYTg0ODljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsuv4UdGogxCv4RvDzjnf5qJBBAK aGXh+N1HWfMlzVezR2a2ul8SJgaHzFT087dUPUwUOD2yN/Hc6cUP82HMzq4Hgemp tSZtkmWppgVfXpWySnHlvxmgprOy5qzTd9rTBrOZeRYrdlQ8N9nOVoMj+5Qfai3B xwdxii50VR36zNczF09GpuegcrwkbERc63FA4hPdo6RsnivbVjaPEEKL7/MLEhBi uj4NIKOZbwnQAXaakEA4wr+FvxmEMHvf/Hcwz5cPjs4GbIkHmE+XMVj6ccDNXsW/ Glet1qJinpAigaYlTWhd9ZxO223afnLgferI4NefhyWKfSDo6AbKGFtBRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOok8jRkJNOFMpcOy1RQs3NaqEicMB8GA1UdIwQY MBaAFNDxS4oIy1+AV9SLA+U/RYuOH+7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDkt MDY2ZGRmMzJiZmNjLzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDktMDY2ZGRmMzJiZmNj LzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHwP3yKCX CVc/xdVzqCqpAbuDGhP9upNrc/oLjuR9/a270UPAXSPf47dAReF1YN2/apIiZznN nXFNxJS+pm345qfMYg83Rf/bEuxIiuTyIx8wkMvg+JCmt63zn4JRBdJcgIMfiePA zhIhf0N7tcClabHNcXNwIQ7T3BL23NNptB5/bbee2F3sxW6KhN+sfbuDuYylKop6 5SCkXvnMoTKc7e4KMOQSrnAM8h7VEluLGhFGGJB8Qte+LP09S98lohCQe6pGoT5D s9hwqx4e687luNJ1JtMDmlah0fx/tXQMskrssl1dlQCocyebhXiDYUYstxMfgv9O wVpz9QDH2Hs6Qw== -----END CERTIFICATE-----Generated at Mon Jan 26 09:01:59 2026 by rpki-client