This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft File: TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft (raw, json) Hash identifier: nWciA9rkvTH3l0X68Uyqr/QAAb+PnTiex1RJlKG4vAk= Subject key identifier: 38:5C:9F:92:3C:04:29:7C:BB:1E:0D:62:70:61:D0:AA:E1:E6:83:3A Authority key identifier: 4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 Certificate issuer: /CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Certificate serial: 019BF80870A5B6C3F8F699657AD7983C9783 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft Manifest number: 14D5 Signing time: Mon 26 Jan 2026 02:01:01 +0000 Manifest this update: Mon 26 Jan 2026 02:01:01 +0000 Manifest next update: Tue 27 Jan 2026 02:01:01 +0000 Files and hashes: 1: TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl (hash: i1XYvH9jr56RAY5a2KyqD7A+Z5vuop2BnKP3vgTzPv0=) 2: qhbgvCCuTYLs-T9K9IfIIvF38MQ.roa (hash: WdrjO4xvUh7bWyfHcWR8FrUXBHsQMBxvR3LgVLProrg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 02:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:08:70:a5:b6:c3:f8:f6:99:65:7a:d7:98:3c:97:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Validity Not Before: Jan 26 02:01:01 2026 GMT Not After : Jan 27 02:01:01 2026 GMT Subject: CN=385c9f923c04297cbb1e0d627061d0aae1e6833a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:07:54:72:41:22:4f:e0:dd:89:99:7f:43:6f: d8:36:23:a4:13:4f:fe:f0:ef:44:2b:5d:34:32:8f: 63:60:33:6f:23:46:b3:f4:55:89:34:3f:74:e9:85: c3:15:54:23:89:d0:8c:21:4f:21:cb:03:53:4e:ee: 2f:d8:c8:19:21:68:f0:00:8a:e6:a1:37:fa:05:71: b2:5d:bb:c9:1d:08:46:2b:3f:e2:3b:b7:48:bf:35: d9:f4:af:1f:c8:79:83:14:89:bc:cb:7b:38:32:2f: ef:85:b2:15:05:a3:b7:a5:10:94:fc:56:0d:cb:7c: 65:2c:d5:0b:17:59:86:14:6f:ba:c4:70:2a:59:c7: 7d:25:a8:5e:01:70:82:05:a8:2a:9f:a2:cd:ff:78: 32:a0:cb:f7:93:eb:55:cc:c2:8d:99:e6:ff:ab:42: 3d:57:c8:f0:79:70:64:e6:ab:a3:f6:43:94:6d:6b: 1f:6b:e5:c7:96:e2:29:07:d8:e0:aa:15:fc:47:cd: d9:8d:de:2c:b5:50:87:13:55:b3:9a:b2:be:46:ad: 2d:45:e5:d7:4b:99:ae:c5:0e:d3:85:3a:32:15:b2: 16:82:98:6a:90:74:7d:d1:4c:54:d7:7b:87:b4:7c: c1:f8:13:69:7f:c9:84:87:e7:ce:f1:5d:86:ab:2c: f4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:5C:9F:92:3C:04:29:7C:BB:1E:0D:62:70:61:D0:AA:E1:E6:83:3A X509v3 Authority Key Identifier: keyid:4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:b6:92:09:15:c8:74:7a:fb:1e:e4:11:bb:1f:0d:47:69:24: 71:37:bc:6e:50:2c:f8:c9:4a:32:d0:2d:96:5a:69:c0:0d:d8: dc:e9:57:c3:ad:65:a7:54:06:bd:fb:b9:36:9a:e5:cb:93:18: 34:68:f5:87:e8:a8:07:0a:78:b0:c7:04:74:de:25:6a:e8:a5: 70:4a:7c:e3:0e:88:03:df:4f:f8:5b:46:38:d7:ea:b0:17:7e: 36:ef:ab:45:5d:93:fe:1c:1d:37:0a:ee:5f:4f:98:c0:b9:e4: d7:e3:94:5f:f0:d8:90:45:5e:1b:7e:65:99:5a:5b:35:58:05: 92:47:1a:c6:49:16:0f:ec:4c:33:5e:14:fa:5f:fc:d0:55:78: d0:b2:48:fb:2a:29:0f:ad:54:62:0e:16:e4:bd:54:5f:76:af: f7:d9:52:c3:00:2c:2e:e2:5a:a3:cf:d2:a9:d2:f2:c3:5d:9b: 52:fb:71:20:bf:b0:24:46:15:53:74:f3:d7:6f:80:f6:f6:4f: ef:a5:04:72:35:57:33:45:b9:94:73:e5:82:1b:6e:19:1a:0b: 55:f8:42:1f:30:e4:a0:22:4a:a8:5d:ba:13:2b:7f:ea:07:d3: 20:e0:ad:ca:23:58:5e:82:ea:65:f2:f5:40:20:60:cf:4e:1a: e0:8a:49:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4CHCltsP49plleteYPJeDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDcxZjVhMDA1MGY4YWU2NDQ0YzYzODc2OWJhMzc1ZmRk YmNlMTkwHhcNMjYwMTI2MDIwMTAxWhcNMjYwMTI3MDIwMTAxWjAzMTEwLwYDVQQD EygzODVjOWY5MjNjMDQyOTdjYmIxZTBkNjI3MDYxZDBhYWUxZTY4MzNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwdUckEiT+DdiZl/Q2/YNiOkE0/+ 8O9EK100Mo9jYDNvI0az9FWJND906YXDFVQjidCMIU8hywNTTu4v2MgZIWjwAIrm oTf6BXGyXbvJHQhGKz/iO7dIvzXZ9K8fyHmDFIm8y3s4Mi/vhbIVBaO3pRCU/FYN y3xlLNULF1mGFG+6xHAqWcd9JaheAXCCBagqn6LN/3gyoMv3k+tVzMKNmeb/q0I9 V8jweXBk5quj9kOUbWsfa+XHluIpB9jgqhX8R83Zjd4stVCHE1WzmrK+Rq0tReXX S5muxQ7ThToyFbIWgphqkHR90UxU13uHtHzB+BNpf8mEh+fO8V2Gqyz0pQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDhcn5I8BCl8ux4NYnBh0Krh5oM6MB8GA1UdIwQY MBaAFEzXH1oAUPiuZETGOHabo3X9284ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAt NzNhMDFhZTVkZThmLzEvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAtNzNhMDFhZTVkZThm LzEvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLaSCRXI dHr7HuQRux8NR2kkcTe8blAs+MlKMtAtllppwA3Y3OlXw61lp1QGvfu5Nprly5MY NGj1h+ioBwp4sMcEdN4lauilcEp84w6IA99P+FtGONfqsBd+Nu+rRV2T/hwdNwru X0+YwLnk1+OUX/DYkEVeG35lmVpbNVgFkkcaxkkWD+xMM14U+l/80FV40LJI+yop D61UYg4W5L1UX3av99lSwwAsLuJao8/SqdLyw12bUvtxIL+wJEYVU3Tz12+A9vZP 76UEcjVXM0W5lHPlghtuGRoLVfhCHzDkoCJKqF26Eyt/6gfTIOCtyiNYXoLqZfL1 QCBgz04a4IpJ/A== -----END CERTIFICATE-----Generated at Mon Jan 26 12:36:42 2026 by rpki-client