This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft File: QukMnRAJsywZRbb45liUg8XqR0M.mft (raw, json) Hash identifier: yq+CQAPnsYw4Q9OYxoyD/t1yf4tNdLDPyS4tTgCDYDU= Subject key identifier: 5A:AF:6E:BB:70:D1:7C:E5:B9:50:DA:D0:41:56:CA:D6:F0:47:14:26 Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43 Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743 Certificate serial: 019BF8401B279E79F03D75D519BED38FA127 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft Manifest number: 0BD2 Signing time: Mon 26 Jan 2026 03:01:49 +0000 Manifest this update: Mon 26 Jan 2026 03:01:49 +0000 Manifest next update: Tue 27 Jan 2026 03:01:49 +0000 Files and hashes: 1: J5ZOlJUFOltu4GqoVFNsLAc_Yhc.roa (hash: lcx5+pKS3s5wMnsyT5k7DP3iJe+El0QomD11K0ox374=) 2: QukMnRAJsywZRbb45liUg8XqR0M.crl (hash: drulnQbvCUOYUMidu9pFM92YcbdB0QCKUCEDsPXEsIQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:40:1b:27:9e:79:f0:3d:75:d5:19:be:d3:8f:a1:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743 Validity Not Before: Jan 26 03:01:49 2026 GMT Not After : Jan 27 03:01:49 2026 GMT Subject: CN=5aaf6ebb70d17ce5b950dad04156cad6f0471426 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c5:c5:cc:8f:c3:5d:ba:90:ae:fb:ad:cb:26: ad:3b:61:5e:77:e1:c9:6c:09:d2:b3:e4:bd:06:af: 92:00:44:ca:d6:f0:3a:38:99:0b:45:fc:91:af:f5: 7c:c8:fe:06:8d:9c:ff:7c:6c:91:b6:0b:f7:54:04: 5d:90:1c:58:8f:0f:ce:12:71:0a:53:d0:57:4c:01: 6f:38:45:38:08:34:c7:99:18:00:68:0c:3d:7a:df: da:e9:e3:1a:dd:3f:50:dc:74:16:e8:0c:fc:49:17: 9f:6d:97:0f:e4:2c:ee:63:44:7a:f3:ed:5c:3b:f4: 2c:ba:0a:35:f7:a6:cb:05:e5:6a:4e:29:12:b7:09: 82:35:67:59:15:8b:0c:56:ae:a6:44:15:d2:c1:cf: e5:b2:7f:a1:33:ba:c1:90:3b:ad:04:f5:8d:49:87: 4d:3c:7e:5f:16:ba:0f:c0:af:2b:c3:e0:36:73:3e: fd:dc:34:e7:e1:5c:4f:d1:42:2b:06:7b:ad:19:2b: b6:bb:04:77:b7:c6:f6:64:75:e9:c7:93:57:72:35: 31:1b:c3:e5:a3:25:58:9b:78:c7:56:29:09:6f:5d: e8:e6:b4:15:2f:82:d2:60:ee:8b:83:2f:76:38:fc: 23:e2:fb:35:cd:4e:60:f5:97:c4:5a:37:f8:b9:ab: e8:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:AF:6E:BB:70:D1:7C:E5:B9:50:DA:D0:41:56:CA:D6:F0:47:14:26 X509v3 Authority Key Identifier: keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:c1:f6:20:64:e0:aa:65:38:35:86:b1:d3:51:66:13:ad:3b: 5d:64:8b:99:48:03:41:a3:3e:1e:d3:f4:48:d7:a7:21:c9:e0: a6:ba:75:01:bf:11:ed:1f:38:1e:d5:e1:d9:cc:2d:c4:d1:42: 30:01:7f:f9:1e:f2:ac:84:72:2b:88:61:5e:73:b7:04:de:4e: 66:0d:25:af:0a:16:8e:aa:bc:6d:79:68:23:dc:f3:01:6b:3c: 09:c9:66:a0:ac:2b:23:96:20:29:56:c6:72:e0:c7:f2:46:7f: 05:a6:3f:1a:ee:37:31:83:7d:f2:78:4d:8d:5d:3f:90:74:7a: 36:11:e0:11:fb:31:77:b2:b4:d7:3e:13:05:03:58:2b:42:d2: 58:5c:79:4f:63:d9:b8:9a:eb:25:3f:72:29:84:ff:76:09:fa: f0:3e:9c:f3:34:82:17:11:04:05:46:a8:e8:70:53:1b:66:24: de:e5:49:82:ea:07:b8:b2:12:ca:1c:ef:4e:b8:a6:35:f5:cb: a9:28:b6:16:df:2a:33:75:8e:6b:62:e8:e5:97:47:2a:7e:f0: e7:93:85:45:04:05:e0:1d:c6:9e:11:40:14:f1:ac:09:58:90: 7b:5a:8c:5f:92:ee:11:73:c4:83:f8:99:4e:ce:9e:07:94:04: 69:0c:0f:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4QBsnnnnwPXXVGb7Tj6EnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl YTQ3NDMwHhcNMjYwMTI2MDMwMTQ5WhcNMjYwMTI3MDMwMTQ5WjAzMTEwLwYDVQQD Eyg1YWFmNmViYjcwZDE3Y2U1Yjk1MGRhZDA0MTU2Y2FkNmYwNDcxNDI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMXFzI/DXbqQrvutyyatO2Fed+HJ bAnSs+S9Bq+SAETK1vA6OJkLRfyRr/V8yP4GjZz/fGyRtgv3VARdkBxYjw/OEnEK U9BXTAFvOEU4CDTHmRgAaAw9et/a6eMa3T9Q3HQW6Az8SRefbZcP5CzuY0R68+1c O/Qsugo196bLBeVqTikStwmCNWdZFYsMVq6mRBXSwc/lsn+hM7rBkDutBPWNSYdN PH5fFroPwK8rw+A2cz793DTn4VxP0UIrBnutGSu2uwR3t8b2ZHXpx5NXcjUxG8Pl oyVYm3jHVikJb13o5rQVL4LSYO6Lgy92OPwj4vs1zU5g9ZfEWjf4uavoEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFqvbrtw0XzluVDa0EFWytbwRxQmMB8GA1UdIwQY MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt NjljNjI5ODQxNWY4LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4 LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlcH2IGTg qmU4NYax01FmE607XWSLmUgDQaM+HtP0SNenIcngprp1Ab8R7R84HtXh2cwtxNFC MAF/+R7yrIRyK4hhXnO3BN5OZg0lrwoWjqq8bXloI9zzAWs8CclmoKwrI5YgKVbG cuDH8kZ/BaY/Gu43MYN98nhNjV0/kHR6NhHgEfsxd7K01z4TBQNYK0LSWFx5T2PZ uJrrJT9yKYT/dgn68D6c8zSCFxEEBUao6HBTG2Yk3uVJguoHuLISyhzvTrimNfXL qSi2Ft8qM3WOa2Lo5ZdHKn7w55OFRQQF4B3GnhFAFPGsCViQe1qMX5LuEXPEg/iZ Ts6eB5QEaQwPIQ== -----END CERTIFICATE-----Generated at Mon Jan 26 09:02:45 2026 by rpki-client