This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft File: Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json) Hash identifier: 2PFIRqRIojgjLdDzhALDbNAbOqa6boOofYBEFHsy210= Subject key identifier: E5:3B:A3:E0:53:8F:8B:5B:92:75:B9:1E:3B:95:AD:B8:E7:50:7C:26 Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39 Certificate issuer: /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339 Certificate serial: 019BF5AC78B4DFE15D1DE2154F29029D1F8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft Manifest number: 0695 Signing time: Sun 25 Jan 2026 15:01:19 +0000 Manifest this update: Sun 25 Jan 2026 15:01:19 +0000 Manifest next update: Mon 26 Jan 2026 15:01:19 +0000 Files and hashes: 1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: 9dLiFX1zBwnh80wbn7GMQXgVye0qQrDs8DINNpjaGOc=) 2: kq527hgVr7ukC92yfbPMdR4xku4.asa (hash: LvIhj4F/rl2CGQnbgEZFLJhN4x8R+m0+ZkR3noVX8AQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:78:b4:df:e1:5d:1d:e2:15:4f:29:02:9d:1f:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339 Validity Not Before: Jan 25 15:01:19 2026 GMT Not After : Jan 26 15:01:19 2026 GMT Subject: CN=e53ba3e0538f8b5b9275b91e3b95adb8e7507c26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6d:80:f7:aa:fb:07:50:22:41:a2:ec:60:36: 71:97:f7:44:bf:25:42:4e:b5:38:2b:8c:3a:9f:03: c4:b5:dc:70:d2:e1:fc:aa:d6:97:73:cd:2b:62:7c: bf:06:ed:48:1d:8a:37:43:15:ea:84:a6:54:86:8b: 43:88:49:16:70:2a:af:7f:26:1e:a4:05:cd:f0:e2: bc:74:72:4c:30:2f:97:0d:9b:74:45:ad:c1:bb:ef: cd:b8:58:ac:2a:1f:e7:ca:b2:8e:77:f4:36:8d:1b: 72:e8:ec:8e:03:1f:3c:38:2c:ba:a3:ea:3b:d0:14: 82:cb:d7:7f:15:96:31:27:ac:5f:c2:cd:54:94:cf: 03:1e:07:62:31:9f:b8:e8:74:a5:45:72:43:57:5c: 6f:46:72:d2:2a:8a:e3:ae:62:2b:cb:02:e1:6c:6d: 17:f1:35:ca:92:b6:cd:fc:8d:77:1a:64:94:ab:6b: 9d:7e:6e:ad:ee:9b:36:a0:42:5d:1e:5b:6e:15:28: 64:81:09:4c:16:ac:bc:8e:c8:ff:68:d6:f6:ba:38: 8b:7e:13:cb:d3:a3:b0:8d:e0:48:06:7e:b9:31:23: f8:4a:b2:35:13:d6:ff:0f:1f:8a:b4:48:ca:66:77: 0e:5a:7a:30:25:37:b2:d0:a3:9c:b6:17:2e:7f:c7: 81:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:3B:A3:E0:53:8F:8B:5B:92:75:B9:1E:3B:95:AD:B8:E7:50:7C:26 X509v3 Authority Key Identifier: keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:0c:84:cf:29:7d:9f:bc:d5:3d:73:47:cc:80:9b:0c:99:64: 5e:47:af:84:ec:ac:3f:39:d8:90:5b:83:2d:74:1f:c2:fa:e0: 9d:40:34:7a:71:4d:49:91:c3:6d:f8:ff:c3:3b:d3:3d:e6:9b: 63:57:c3:ab:93:f9:1e:6d:8e:a0:8d:33:fd:6c:3a:d2:d5:96: 86:98:55:b7:76:b4:bc:0c:7d:1f:0b:e8:f4:13:41:d7:b9:af: 9d:5c:8a:fe:2d:3e:f2:8d:c2:a2:bc:fe:3e:66:4c:6b:67:62: d1:42:a0:b3:11:99:74:51:36:7e:8a:38:a6:bb:40:c8:8d:43: 9a:be:e9:10:9e:35:45:64:9e:c4:6d:32:32:ec:50:46:96:7f: ec:94:5f:7f:d1:92:b3:5c:3a:c3:28:e6:52:61:b7:0d:69:a9: 90:c8:19:6b:54:dc:46:82:7a:22:d2:ff:25:55:c9:4a:43:5b: 31:4d:21:af:e2:e3:50:4c:43:f5:d9:ae:06:d0:dd:ea:de:18: 46:f0:4e:bd:c6:cc:18:80:c3:81:e3:57:20:dc:d5:e8:22:2e: 87:45:d4:7b:36:4b:c0:25:15:5f:2e:90:53:77:c6:67:3a:36: c7:e2:45:7d:01:c0:6c:a9:55:ba:dc:d1:22:2e:aa:af:7e:1b: ef:14:8f:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rHi03+FdHeIVTykCnR+LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2 ZmQzMzkwHhcNMjYwMTI1MTUwMTE5WhcNMjYwMTI2MTUwMTE5WjAzMTEwLwYDVQQD EyhlNTNiYTNlMDUzOGY4YjViOTI3NWI5MWUzYjk1YWRiOGU3NTA3YzI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG2A96r7B1AiQaLsYDZxl/dEvyVC TrU4K4w6nwPEtdxw0uH8qtaXc80rYny/Bu1IHYo3QxXqhKZUhotDiEkWcCqvfyYe pAXN8OK8dHJMMC+XDZt0Ra3Bu+/NuFisKh/nyrKOd/Q2jRty6OyOAx88OCy6o+o7 0BSCy9d/FZYxJ6xfws1UlM8DHgdiMZ+46HSlRXJDV1xvRnLSKorjrmIrywLhbG0X 8TXKkrbN/I13GmSUq2udfm6t7ps2oEJdHltuFShkgQlMFqy8jsj/aNb2ujiLfhPL 06OwjeBIBn65MSP4SrI1E9b/Dx+KtEjKZncOWnowJTey0KOcthcuf8eBowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOU7o+BTj4tbknW5HjuVrbjnUHwmMB8GA1UdIwQY MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1 LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAogyEzyl9 n7zVPXNHzICbDJlkXkevhOysPznYkFuDLXQfwvrgnUA0enFNSZHDbfj/wzvTPeab Y1fDq5P5Hm2OoI0z/Ww60tWWhphVt3a0vAx9Hwvo9BNB17mvnVyK/i0+8o3Corz+ PmZMa2di0UKgsxGZdFE2foo4prtAyI1Dmr7pEJ41RWSexG0yMuxQRpZ/7JRff9GS s1w6wyjmUmG3DWmpkMgZa1TcRoJ6ItL/JVXJSkNbMU0hr+LjUExD9dmuBtDd6t4Y RvBOvcbMGIDDgeNXINzV6CIuh0XUezZLwCUVXy6QU3fGZzo2x+JFfQHAbKlVutzR Ii6qr34b7xSP6Q== -----END CERTIFICATE-----Generated at Sun Jan 25 19:24:49 2026 by rpki-client