This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft File: z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft (raw, json) Hash identifier: 11MceThVEQK5q87tkS/2pahJmQvhnN8wgbF/0A6upTo= Subject key identifier: 03:CF:5C:6C:23:C1:37:73:1C:49:14:35:22:E2:F6:AD:37:54:D2:46 Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Certificate serial: 019BF53DE4F48D2C7CA3E837C443501D621B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft Manifest number: 17E9 Signing time: Sun 25 Jan 2026 13:00:32 +0000 Manifest this update: Sun 25 Jan 2026 13:00:32 +0000 Manifest next update: Mon 26 Jan 2026 13:00:32 +0000 Files and hashes: 1: BVCNuyEI8Escb23UOBkojnAQ3uU.roa (hash: TpAVxATDxHC3mnDA/ZCfMM4mNI1Q7807T0lCqaxfnlA=) 2: z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl (hash: 5dnc7s1zQNaLB1afPvsq+cW4419ndgDUmWZ3rr/rWcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3d:e4:f4:8d:2c:7c:a3:e8:37:c4:43:50:1d:62:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Validity Not Before: Jan 25 13:00:32 2026 GMT Not After : Jan 26 13:00:32 2026 GMT Subject: CN=03cf5c6c23c137731c49143522e2f6ad3754d246 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:62:83:3f:5c:4d:28:41:3c:02:8e:c0:35:d2: 2b:db:0e:7a:99:21:e6:3d:8c:14:6a:6e:5a:ef:0d: f1:b7:c2:35:3d:28:eb:40:fd:77:08:ab:be:7b:a8: d9:67:08:15:81:9b:de:dc:b2:3b:c5:09:0b:91:c8: c5:a3:33:b3:0c:97:9c:31:cb:8e:1e:39:ac:85:0f: 07:2a:7f:aa:eb:70:41:4a:a5:24:0b:5e:78:4a:85: 2e:f9:46:84:e3:a7:f0:ca:62:5c:52:5c:93:a4:47: ca:ab:fe:eb:c8:9a:72:88:56:63:64:a5:d3:00:a2: 3b:58:8e:f2:74:b3:9d:50:7e:58:b5:9d:8e:cb:2a: 7d:6c:bf:31:77:bb:89:fa:31:d4:f6:2d:af:53:9c: a6:0c:62:b8:a2:11:e9:b3:92:4b:60:c6:a9:af:7d: 13:ab:f1:97:3f:a2:3e:9b:d3:65:ae:d6:36:93:f4: 1b:08:53:32:bf:61:9f:91:f4:c2:f5:6d:8e:d1:b0: 9b:78:ff:cb:5b:74:5b:c1:ec:a4:ad:6d:86:c5:05: bf:07:93:77:24:3f:40:c2:61:63:38:5a:26:09:21: a3:bd:62:05:a6:f2:db:5f:4f:dd:cc:4b:02:ba:6b: 93:3b:6a:c3:15:77:d1:23:9d:8c:11:a5:5e:2a:72: 86:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:CF:5C:6C:23:C1:37:73:1C:49:14:35:22:E2:F6:AD:37:54:D2:46 X509v3 Authority Key Identifier: keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:29:a9:44:05:41:52:66:a7:7a:0d:61:47:e0:e4:25:84:f3: 5f:93:7a:03:e1:8f:52:f7:ca:30:7e:79:c0:43:e9:75:ef:03: 15:7c:b8:f0:23:ae:ca:c5:4c:52:b5:08:90:c4:f2:95:02:9a: bd:7c:f5:7f:22:6f:58:33:85:fe:4c:44:9e:f1:3d:87:e3:41: 38:d1:ca:4f:8c:5c:e7:64:51:af:b4:9c:e7:08:b4:b8:59:22: f8:bb:61:cf:47:2a:c4:76:b7:bd:45:f5:6f:29:c8:b8:95:61: 3f:5d:ba:02:4e:a4:b7:b7:a2:e6:8e:03:5e:bd:a9:2a:99:b5: 02:96:ad:5c:b6:d7:e7:f9:06:1d:d5:91:f5:38:76:70:c2:be: 28:1d:3e:2f:09:71:46:7d:17:5d:f4:a1:60:cd:06:a6:67:0e: de:5f:cc:2e:b9:a5:04:b8:d1:82:b3:99:e3:21:bb:b5:2a:ca: 1b:e5:39:0d:30:e6:de:b1:ee:44:18:9b:0e:d1:60:94:b6:d1: 5d:0d:c2:b5:44:15:ca:f9:45:3b:d8:e8:21:27:cf:2a:f1:e3: 26:40:26:f8:4f:ae:ed:47:3b:19:69:c7:00:8e:2b:e3:2d:82: 7f:d3:97:4f:f3:ed:19:68:f9:03:24:47:7a:a5:a1:a8:36:1c: 8a:34:30:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1PeT0jSx8o+g3xENQHWIbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5 NzQ2MTEwHhcNMjYwMTI1MTMwMDMyWhcNMjYwMTI2MTMwMDMyWjAzMTEwLwYDVQQD EygwM2NmNWM2YzIzYzEzNzczMWM0OTE0MzUyMmUyZjZhZDM3NTRkMjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2KDP1xNKEE8Ao7ANdIr2w56mSHm PYwUam5a7w3xt8I1PSjrQP13CKu+e6jZZwgVgZve3LI7xQkLkcjFozOzDJecMcuO HjmshQ8HKn+q63BBSqUkC154SoUu+UaE46fwymJcUlyTpEfKq/7ryJpyiFZjZKXT AKI7WI7ydLOdUH5YtZ2Oyyp9bL8xd7uJ+jHU9i2vU5ymDGK4ohHps5JLYMapr30T q/GXP6I+m9NlrtY2k/QbCFMyv2GfkfTC9W2O0bCbeP/LW3RbweykrW2GxQW/B5N3 JD9AwmFjOFomCSGjvWIFpvLbX0/dzEsCumuTO2rDFXfRI52MEaVeKnKGHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAPPXGwjwTdzHEkUNSLi9q03VNJGMB8GA1UdIwQY MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt Yjk1NGM1MGZkYmIwLzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeCmpRAVB Umaneg1hR+DkJYTzX5N6A+GPUvfKMH55wEPpde8DFXy48COuysVMUrUIkMTylQKa vXz1fyJvWDOF/kxEnvE9h+NBONHKT4xc52RRr7Sc5wi0uFki+Lthz0cqxHa3vUX1 bynIuJVhP126Ak6kt7ei5o4DXr2pKpm1ApatXLbX5/kGHdWR9Th2cMK+KB0+Lwlx Rn0XXfShYM0GpmcO3l/MLrmlBLjRgrOZ4yG7tSrKG+U5DTDm3rHuRBibDtFglLbR XQ3CtUQVyvlFO9joISfPKvHjJkAm+E+u7Uc7GWnHAI4r4y2Cf9OXT/PtGWj5AyRH eqWhqDYcijQwkA== -----END CERTIFICATE-----Generated at Sun Jan 25 22:36:33 2026 by rpki-client