This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.mft File: HdXNKgJh4eYGndd1iU2CbuiDbB4.mft (raw, json) Hash identifier: wV4K9egJ/ett6CFADThdqTVI4NHw/bJ+V96ebFtN2+Y= Subject key identifier: 0F:21:65:A3:1A:AF:BB:55:7B:5E:D9:4B:77:C4:39:92:7A:A4:12:C5 Authority key identifier: 1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E Certificate issuer: /CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e Certificate serial: 019BF53E55D940CCDFEAF9ED94465E5997C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.mft Manifest number: 17E9 Signing time: Sun 25 Jan 2026 13:01:01 +0000 Manifest this update: Sun 25 Jan 2026 13:01:01 +0000 Manifest next update: Mon 26 Jan 2026 13:01:01 +0000 Files and hashes: 1: 53uXZdGunbCbkFbF5LCIWF6hUow.roa (hash: YdDbEGhWwhK//MEhtCOroEdkE5sIGg0zyX8WVqthVro=) 2: HdXNKgJh4eYGndd1iU2CbuiDbB4.crl (hash: JJRSCLDO/KlbQVOU+9hkUIEgnPXLQ7ZYIKfn6Rf775o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.mft rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3e:55:d9:40:cc:df:ea:f9:ed:94:46:5e:59:97:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e Validity Not Before: Jan 25 13:01:01 2026 GMT Not After : Jan 26 13:01:01 2026 GMT Subject: CN=0f2165a31aafbb557b5ed94b77c439927aa412c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:93:b9:51:bc:b7:a2:af:85:38:81:f2:8f:c1: 4f:73:b5:95:a8:37:61:8e:b0:44:d2:69:83:1c:d3: 7d:bd:35:09:21:7a:25:6a:9e:8a:d7:9a:ab:24:dc: ef:39:b6:df:a2:47:86:d2:f6:8c:f8:49:1a:b7:b3: 15:99:bf:19:2c:5d:db:f3:40:48:ea:1a:58:7f:29: 0c:75:8e:ae:65:d5:6c:21:9e:3b:02:bc:4d:4b:52: a4:ae:f9:80:c8:3b:d8:32:b4:df:b9:ce:02:f5:dd: 69:c3:e8:73:d5:7a:9d:df:87:c6:24:ac:9b:3b:73: cd:b1:27:36:41:02:cd:13:fe:69:10:62:6f:44:6b: a4:25:58:07:f5:0d:84:d4:8d:d3:29:ae:f4:58:55: dc:b8:59:be:da:0d:0a:cc:11:89:0d:3d:e6:d0:ae: 7c:08:d5:d8:8f:9f:e6:16:4b:a9:f6:b9:3c:9c:f5: ee:5f:0b:d4:2f:e3:97:49:dc:9e:6f:c8:10:3c:d9: 0f:73:64:aa:07:38:15:9a:d5:c0:c3:b5:55:2b:06: 33:a9:82:4d:e3:e4:32:36:ec:1a:dd:ef:2f:57:8e: f7:24:42:03:5b:68:f7:d0:ff:98:a2:fa:b8:6b:54: 3e:28:ab:d4:21:23:c2:8d:a7:64:90:0c:bd:18:76: 80:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:21:65:A3:1A:AF:BB:55:7B:5E:D9:4B:77:C4:39:92:7A:A4:12:C5 X509v3 Authority Key Identifier: keyid:1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:b5:46:02:16:23:d9:84:67:4d:95:4e:aa:a1:75:57:ef:c5: 5b:cd:91:4c:23:71:24:47:98:70:29:f7:34:28:74:94:b6:06: 2d:45:64:28:b2:fa:1f:40:ce:d7:94:76:87:03:95:fa:52:8f: 97:4c:3c:05:d9:06:42:2d:5d:58:6f:cc:15:21:0d:40:4f:58: 25:de:e8:c4:4e:c1:80:2e:56:e0:98:a5:86:88:49:56:8c:2a: 1f:69:4b:bc:34:e1:bf:a9:a1:97:e8:b9:ee:0a:a0:fc:ff:50: a0:10:44:83:03:bb:a2:3f:24:56:57:60:fe:97:00:55:b1:40: 7d:98:fc:94:f4:5a:15:c3:80:0e:61:ba:a0:29:0f:95:41:fd: 6a:d3:e1:e7:52:f9:f9:3f:ee:d7:ba:d9:7b:45:40:17:93:06: 7f:22:e5:d0:a7:ae:bf:08:07:13:60:10:ad:83:15:6c:b9:c7: 95:3b:ac:fc:b0:84:7e:54:59:e8:38:7c:dd:f0:9a:34:ca:87: 42:bb:23:f2:ed:34:dc:56:fe:52:9b:36:ee:1c:b0:43:59:29: da:b4:5a:02:21:da:98:df:fe:26:d0:42:74:7a:d9:12:f4:05: 29:63:e1:1e:3c:ab:bc:bd:ff:0d:37:9c:6b:db:47:83:8b:c1: bf:86:7e:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1PlXZQMzf6vntlEZeWZfCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZDVjZDJhMDI2MWUxZTYwNjlkZDc3NTg5NGQ4MjZlZTg4 MzZjMWUwHhcNMjYwMTI1MTMwMTAxWhcNMjYwMTI2MTMwMTAxWjAzMTEwLwYDVQQD EygwZjIxNjVhMzFhYWZiYjU1N2I1ZWQ5NGI3N2M0Mzk5MjdhYTQxMmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZO5Uby3oq+FOIHyj8FPc7WVqDdh jrBE0mmDHNN9vTUJIXolap6K15qrJNzvObbfokeG0vaM+Ekat7MVmb8ZLF3b80BI 6hpYfykMdY6uZdVsIZ47ArxNS1KkrvmAyDvYMrTfuc4C9d1pw+hz1Xqd34fGJKyb O3PNsSc2QQLNE/5pEGJvRGukJVgH9Q2E1I3TKa70WFXcuFm+2g0KzBGJDT3m0K58 CNXYj5/mFkup9rk8nPXuXwvUL+OXSdyeb8gQPNkPc2SqBzgVmtXAw7VVKwYzqYJN 4+QyNuwa3e8vV473JEIDW2j30P+Yovq4a1Q+KKvUISPCjadkkAy9GHaARwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA8hZaMar7tVe17ZS3fEOZJ6pBLFMB8GA1UdIwQY MBaAFB3VzSoCYeHmBp3XdYlNgm7og2weMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYt ZDg2Y2FkZDYxMGI4LzEvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYtZDg2Y2FkZDYxMGI4 LzEvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtrVGAhYj 2YRnTZVOqqF1V+/FW82RTCNxJEeYcCn3NCh0lLYGLUVkKLL6H0DO15R2hwOV+lKP l0w8BdkGQi1dWG/MFSENQE9YJd7oxE7BgC5W4JilhohJVowqH2lLvDThv6mhl+i5 7gqg/P9QoBBEgwO7oj8kVldg/pcAVbFAfZj8lPRaFcOADmG6oCkPlUH9atPh51L5 +T/u17rZe0VAF5MGfyLl0KeuvwgHE2AQrYMVbLnHlTus/LCEflRZ6Dh83fCaNMqH Qrsj8u003Fb+Ups27hywQ1kp2rRaAiHamN/+JtBCdHrZEvQFKWPhHjyrvL3/DTec a9tHg4vBv4Z++g== -----END CERTIFICATE-----Generated at Sun Jan 25 20:52:50 2026 by rpki-client