This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft File: xBK7PaZcqrUkhR74bOm6piB04e0.mft (raw, json) Hash identifier: HqviKzkPRUko55eW6UweDA/F/uSq/geiobHbWjZhUZM= Subject key identifier: CE:B6:2D:5A:E9:11:03:5D:43:1E:37:60:1E:AA:01:CE:7E:8C:E4:69 Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed Certificate serial: 019BF5073CB0A727C31BE6851F5E6816F328 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft Manifest number: 17E4 Signing time: Sun 25 Jan 2026 12:00:50 +0000 Manifest this update: Sun 25 Jan 2026 12:00:50 +0000 Manifest next update: Mon 26 Jan 2026 12:00:50 +0000 Files and hashes: 1: sesfpS4vflQUJ0zHNMlqdR_eVFI.roa (hash: EeKCakHwf9lALKZ5zNCtLbT5f2osgE69W3ufAPv/OQY=) 2: xBK7PaZcqrUkhR74bOm6piB04e0.crl (hash: OjqEF61dAu6nIkOFDSNjgtkiMWdgrkePqrvybrbctfA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:07:3c:b0:a7:27:c3:1b:e6:85:1f:5e:68:16:f3:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed Validity Not Before: Jan 25 12:00:50 2026 GMT Not After : Jan 26 12:00:50 2026 GMT Subject: CN=ceb62d5ae911035d431e37601eaa01ce7e8ce469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2b:39:22:c6:05:af:63:b9:f7:86:1c:e6:20: b7:83:18:b0:47:69:6f:5d:6c:bc:18:8e:10:6d:8a: a2:73:55:ec:d0:ae:59:80:56:21:3b:0a:76:e9:be: 09:99:f9:2e:3f:1a:b3:22:79:48:de:11:e1:13:57: e2:02:e0:41:06:c9:14:f6:85:fe:a6:4a:18:1c:29: b3:85:bb:48:05:65:bd:32:69:3b:c2:6f:72:a6:6f: 4a:6e:f6:02:72:4b:19:c8:ad:23:eb:88:4a:95:1b: f0:17:57:7a:61:8f:84:ad:7e:72:0b:0e:18:4e:3a: 18:1f:f0:de:db:d0:cb:f2:cf:e8:5f:35:9a:24:6c: e1:a8:17:32:14:c9:9c:c9:f5:ed:30:9f:ef:a4:57: 96:c5:f7:99:ff:a3:9a:64:db:bc:ca:2e:1d:3a:28: 7a:f7:7b:49:c9:2d:d3:1d:ea:6a:cf:e6:4d:22:da: b0:95:1e:c8:57:9f:5c:0e:23:40:02:9c:65:5b:dc: be:c9:30:33:8c:c1:ff:47:80:dd:b5:40:97:5f:29: 25:8d:41:fe:ae:88:55:fa:29:6c:3c:8f:b7:13:f2: a8:5a:6a:71:ed:fc:17:c9:03:04:b4:78:a9:50:94: ea:27:e6:54:c9:e4:9c:44:f6:b4:7f:8d:5e:17:86: 7d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:B6:2D:5A:E9:11:03:5D:43:1E:37:60:1E:AA:01:CE:7E:8C:E4:69 X509v3 Authority Key Identifier: keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:78:a6:d3:2d:b8:7e:4f:66:f4:63:e2:97:90:ca:55:c7:b8: 1b:c6:24:31:cf:13:ce:05:e1:8f:e6:80:3d:b8:0a:7f:01:d5: 19:92:87:ee:18:4c:e6:ff:4a:d3:27:31:fe:59:f6:7e:46:c6: 7f:0d:17:39:d4:7c:21:a0:3f:23:0c:72:c3:e3:92:b3:45:30: ec:77:33:e7:c4:3f:d8:e2:88:74:c9:d9:f6:13:f0:74:42:27: c7:ed:ec:fc:1f:ff:7d:68:60:a7:4f:e0:05:a9:dd:23:5d:5d: aa:1a:73:2f:d0:ee:92:c4:a4:0b:44:c9:91:c6:7c:50:a4:e8: b7:4c:26:8c:1f:c5:7a:78:b8:1e:33:cc:92:09:e2:44:39:ad: 47:5c:7d:19:ec:dd:da:78:99:2e:b9:f7:66:d7:59:ea:08:29: bd:f7:18:0d:19:89:f4:38:13:e9:9c:20:38:2f:d0:bc:6e:d1: 60:81:fd:eb:2c:bb:26:62:e6:34:0e:b9:0c:fa:b1:cf:06:55: 13:77:9d:d4:eb:fc:30:97:c9:ce:35:85:79:62:b2:90:c8:f8: 42:d8:cb:86:26:39:83:fa:bb:fe:ff:fc:ae:1c:e0:1e:c7:d1: 11:6b:6f:ca:9c:ad:48:09:99:c7:c3:31:4f:59:03:2b:ac:9b: b6:2e:1c:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1BzywpyfDG+aFH15oFvMoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3 NGUxZWQwHhcNMjYwMTI1MTIwMDUwWhcNMjYwMTI2MTIwMDUwWjAzMTEwLwYDVQQD EyhjZWI2MmQ1YWU5MTEwMzVkNDMxZTM3NjAxZWFhMDFjZTdlOGNlNDY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApis5IsYFr2O594Yc5iC3gxiwR2lv XWy8GI4QbYqic1Xs0K5ZgFYhOwp26b4JmfkuPxqzInlI3hHhE1fiAuBBBskU9oX+ pkoYHCmzhbtIBWW9Mmk7wm9ypm9KbvYCcksZyK0j64hKlRvwF1d6YY+ErX5yCw4Y TjoYH/De29DL8s/oXzWaJGzhqBcyFMmcyfXtMJ/vpFeWxfeZ/6OaZNu8yi4dOih6 93tJyS3THepqz+ZNItqwlR7IV59cDiNAApxlW9y+yTAzjMH/R4DdtUCXXykljUH+ rohV+ilsPI+3E/KoWmpx7fwXyQMEtHipUJTqJ+ZUyeScRPa0f41eF4Z9mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM62LVrpEQNdQx43YB6qAc5+jORpMB8GA1UdIwQY MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt OWI5MzJlY2QyZWNjLzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgtOWI5MzJlY2QyZWNj LzEveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGXim0y24 fk9m9GPil5DKVce4G8YkMc8TzgXhj+aAPbgKfwHVGZKH7hhM5v9K0ycx/ln2fkbG fw0XOdR8IaA/Iwxyw+OSs0Uw7Hcz58Q/2OKIdMnZ9hPwdEInx+3s/B//fWhgp0/g BandI11dqhpzL9DuksSkC0TJkcZ8UKTot0wmjB/Feni4HjPMkgniRDmtR1x9Gezd 2niZLrn3ZtdZ6ggpvfcYDRmJ9DgT6ZwgOC/QvG7RYIH96yy7JmLmNA65DPqxzwZV E3ed1Ov8MJfJzjWFeWKykMj4QtjLhiY5g/q7/v/8rhzgHsfREWtvypytSAmZx8Mx T1kDK6ybti4cPg== -----END CERTIFICATE-----Generated at Sun Jan 25 16:20:57 2026 by rpki-client