This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft File: tRhBzcn2NZTd3CulmkATMYK1efo.mft (raw, json) Hash identifier: +S70s60x6yap4Fi2zC9V9sI+YtqqP3lH93JoUUGDGB8= Subject key identifier: A0:68:3A:90:2C:C4:13:AF:B0:61:29:83:2B:D8:EA:44:AA:92:D8:8E Authority key identifier: B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA Certificate issuer: /CN=b51841cdc9f63594dddc2ba59a40133182b579fa Certificate serial: 019BF6879C327AFA8502BA2EC9FF7945091A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft Manifest number: 17EC Signing time: Sun 25 Jan 2026 19:00:40 +0000 Manifest this update: Sun 25 Jan 2026 19:00:40 +0000 Manifest next update: Mon 26 Jan 2026 19:00:40 +0000 Files and hashes: 1: gn4_joE3Kg7Iuvtn8_CsNV3N_rY.roa (hash: inZ7mhN1iTFUjJSaH+6rFZpFzgOqpsU8gKqes5JxewU=) 2: tRhBzcn2NZTd3CulmkATMYK1efo.crl (hash: JAf3YxtluSYRQFAHbnXtI55mIiW6lk75imMBputu8HU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:87:9c:32:7a:fa:85:02:ba:2e:c9:ff:79:45:09:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b51841cdc9f63594dddc2ba59a40133182b579fa Validity Not Before: Jan 25 19:00:40 2026 GMT Not After : Jan 26 19:00:40 2026 GMT Subject: CN=a0683a902cc413afb06129832bd8ea44aa92d88e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:67:88:a9:c2:01:db:0c:0d:7d:d6:06:a2:a9: d7:3e:99:94:6e:d8:98:a8:4c:44:40:53:4b:0a:f4: fe:85:34:29:72:eb:a1:fd:f9:0d:16:8d:3c:2c:86: 21:39:aa:ec:1d:b5:f2:6a:68:29:99:4c:37:b6:aa: a1:4e:ea:05:f9:8d:be:27:86:00:cf:ed:ce:81:d9: a8:8b:f4:a7:39:48:c3:87:a3:47:57:a9:b9:e6:f1: 3a:7f:b7:d2:42:a4:3c:d3:e7:3b:92:d5:c5:73:6d: 27:a1:ad:1b:31:d3:24:c0:b9:ab:91:32:b0:23:aa: e7:32:bc:a8:ce:18:e6:13:4a:fb:22:e4:7e:d3:6e: f1:6d:3c:f2:ed:c4:8e:a6:7d:26:9b:95:78:b8:b0: 9a:4d:44:04:14:85:7a:d3:b2:35:8a:7d:17:86:7a: 20:ca:b4:f3:74:b0:e5:56:be:b1:c7:2d:5d:b4:1b: 55:82:ad:5b:6a:27:a3:46:58:2e:c2:6c:90:b0:61: 52:00:7f:8d:42:8e:80:f1:db:16:2a:e4:c9:2f:9d: 51:bd:0c:32:5e:1d:96:60:7d:a9:4d:41:ca:5e:8c: d9:47:a4:af:a0:63:9a:96:c3:37:84:80:49:ed:8a: 95:6f:d7:1b:e5:ec:1b:97:5e:1d:13:91:28:d7:cc: 25:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:68:3A:90:2C:C4:13:AF:B0:61:29:83:2B:D8:EA:44:AA:92:D8:8E X509v3 Authority Key Identifier: keyid:B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:d3:0c:95:16:55:9f:93:60:8f:c1:05:e9:ad:59:eb:c8:15: 3e:ff:04:33:1a:ab:10:88:c4:48:18:d7:db:ba:a9:54:23:22: 48:09:65:41:cb:3a:0a:88:d0:e9:d8:a5:c5:37:5e:1a:aa:0b: b6:11:2e:b6:22:f9:a7:a2:79:d1:50:ea:a1:34:e8:ab:f0:3d: 97:4f:6c:0b:73:58:34:53:70:48:cd:7d:88:8a:2d:f2:97:43: 95:46:da:eb:60:4f:de:e7:a6:ac:3b:68:64:cb:28:a1:b4:7a: 25:0e:62:02:b6:a3:ba:1b:56:82:3b:a2:7d:b7:a4:28:d3:0a: 66:17:9f:6e:dd:c4:67:81:ae:f2:dc:04:51:79:e0:0e:87:0b: 9f:c3:43:51:5c:0a:59:1b:2d:35:d3:be:65:f5:b9:1b:a7:90: e8:84:60:e8:24:51:af:c9:4d:d3:b1:a4:57:85:d1:9d:2d:0a: 6a:2b:72:23:98:2f:d3:f2:92:4c:fd:5a:91:37:14:fb:76:2c: 45:a7:00:08:45:5e:4a:db:31:b5:28:87:08:5c:34:14:34:5a: eb:7b:82:44:1e:80:c8:b3:43:79:ed:af:68:05:ea:71:f8:d8: 1a:c3:7b:a5:60:46:c6:0c:05:24:66:bb:1e:fe:e0:f8:9b:6b: d2:be:45:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2h5wyevqFArouyf95RQkaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTg0MWNkYzlmNjM1OTRkZGRjMmJhNTlhNDAxMzMxODJi NTc5ZmEwHhcNMjYwMTI1MTkwMDQwWhcNMjYwMTI2MTkwMDQwWjAzMTEwLwYDVQQD EyhhMDY4M2E5MDJjYzQxM2FmYjA2MTI5ODMyYmQ4ZWE0NGFhOTJkODhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2eIqcIB2wwNfdYGoqnXPpmUbtiY qExEQFNLCvT+hTQpcuuh/fkNFo08LIYhOarsHbXyamgpmUw3tqqhTuoF+Y2+J4YA z+3Ogdmoi/SnOUjDh6NHV6m55vE6f7fSQqQ80+c7ktXFc20noa0bMdMkwLmrkTKw I6rnMryozhjmE0r7IuR+027xbTzy7cSOpn0mm5V4uLCaTUQEFIV607I1in0Xhnog yrTzdLDlVr6xxy1dtBtVgq1baiejRlguwmyQsGFSAH+NQo6A8dsWKuTJL51RvQwy Xh2WYH2pTUHKXozZR6SvoGOalsM3hIBJ7YqVb9cb5ewbl14dE5Eo18wlMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKBoOpAsxBOvsGEpgyvY6kSqktiOMB8GA1UdIwQY MBaAFLUYQc3J9jWU3dwrpZpAEzGCtXn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAt NjkxMGYzOTlkMzhmLzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAtNjkxMGYzOTlkMzhm LzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNMMlRZV n5Ngj8EF6a1Z68gVPv8EMxqrEIjESBjX27qpVCMiSAllQcs6CojQ6dilxTdeGqoL thEutiL5p6J50VDqoTToq/A9l09sC3NYNFNwSM19iIot8pdDlUba62BP3uemrDto ZMsoobR6JQ5iArajuhtWgjuifbekKNMKZhefbt3EZ4Gu8twEUXngDocLn8NDUVwK WRstNdO+ZfW5G6eQ6IRg6CRRr8lN07GkV4XRnS0KaityI5gv0/KSTP1akTcU+3Ys RacACEVeStsxtSiHCFw0FDRa63uCRB6AyLNDee2vaAXqcfjYGsN7pWBGxgwFJGa7 Hv7g+Jtr0r5Flg== -----END CERTIFICATE-----Generated at Mon Jan 26 03:12:09 2026 by rpki-client