This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.mft File: DNpch0NU2Dgm5DwlNbduINW2GwU.mft (raw, json) Hash identifier: 7Q1ryiAHgXurV1GXi4YhOLcaI2kirXevo4SkIO7WsUU= Subject key identifier: 3B:AC:96:98:91:10:D6:B9:30:7A:B2:4B:65:26:90:21:5B:19:F7:E7 Authority key identifier: 0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05 Certificate issuer: /CN=0cda5c874354d83826e43c2535b76e20d5b61b05 Certificate serial: 019BF72D70918AA11946B06BE83B3F878D42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.mft Manifest number: 17F4 Signing time: Sun 25 Jan 2026 22:01:48 +0000 Manifest this update: Sun 25 Jan 2026 22:01:48 +0000 Manifest next update: Mon 26 Jan 2026 22:01:48 +0000 Files and hashes: 1: DNpch0NU2Dgm5DwlNbduINW2GwU.crl (hash: eRJVLj0KlPYjr5h+XcI8Or0EWNMI50rzOMv0deTWtoM=) 2: u5v1NIr7zCznyDKOfZW5zSM1TZI.roa (hash: 0y7T3YJCDc+2Cz1VFqoKYSn2dXOumotGXs+vkOowx74=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.mft rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:70:91:8a:a1:19:46:b0:6b:e8:3b:3f:87:8d:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0cda5c874354d83826e43c2535b76e20d5b61b05 Validity Not Before: Jan 25 22:01:48 2026 GMT Not After : Jan 26 22:01:48 2026 GMT Subject: CN=3bac96989110d6b9307ab24b652690215b19f7e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0f:56:38:5e:0a:15:7b:8d:61:1d:9d:fa:8c: 2a:81:9c:ee:e8:09:cd:38:73:39:3c:c2:18:d0:41: 8e:0a:b4:c4:fb:d6:fc:4c:a2:b5:6b:89:77:31:45: 90:47:e3:e8:80:d2:36:fa:9a:29:b7:e9:31:e7:43: 8e:ef:93:ba:7d:08:b3:b7:a8:f8:e6:c3:0b:ba:29: b9:c6:35:ae:8f:cf:85:c5:98:0d:ba:da:d2:47:91: 0a:e4:35:55:dd:bc:17:4b:cf:70:e9:89:b6:ae:59: 28:ff:74:2b:de:92:58:68:00:60:b2:c1:91:0f:98: 82:4a:b2:55:26:62:5b:d3:de:54:8f:55:b0:05:14: ea:c1:d7:bd:c2:fd:0e:de:67:31:57:06:4d:da:58: 14:3b:71:dd:d8:8d:c5:64:03:b6:5a:65:1d:3c:c2: 01:bc:69:cb:45:94:68:fe:cd:8d:37:2c:c3:29:48: 20:86:95:be:7c:4f:52:d1:73:4d:2f:fe:af:e6:f4: cc:d4:5a:26:c2:29:8e:84:d2:64:10:48:d1:30:8f: a6:85:78:00:ec:72:c6:76:01:19:ae:b5:ad:1a:b5: a3:3e:b9:04:50:93:c6:a4:94:6d:94:32:be:47:5e: d0:36:87:6e:f1:31:aa:11:3f:0a:67:b6:51:7f:3c: 20:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:AC:96:98:91:10:D6:B9:30:7A:B2:4B:65:26:90:21:5B:19:F7:E7 X509v3 Authority Key Identifier: keyid:0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:75:9e:4e:e0:d4:c6:0a:b0:3a:be:d3:29:7b:d7:34:a1:39: b6:8a:80:34:25:d1:1e:fd:1e:17:8c:65:be:12:23:76:f2:c3: eb:ad:eb:69:9f:ef:86:30:36:01:96:d4:54:3c:27:6a:27:62: dc:e8:61:b4:a0:19:17:b4:c8:0a:86:ec:71:8e:ff:97:07:46: c2:b5:a0:52:0b:6c:36:2e:03:a6:7f:f5:37:65:0e:af:66:3a: 21:3f:50:82:db:18:8a:c0:27:cb:86:7b:e9:e5:3f:73:4c:51: c4:42:02:a3:5d:b0:b8:c1:ba:64:e4:85:62:3f:d3:18:43:52: 11:79:9e:f1:c6:08:38:5b:28:9e:c0:61:9a:99:9f:da:4e:3d: d3:1f:cf:9c:0f:1f:13:66:e5:42:d8:81:5a:37:56:b0:79:51: 2e:b2:06:ea:2f:be:2e:d8:41:5b:7e:8a:3b:2b:af:91:1d:42: 5d:a0:b7:c0:bc:2b:16:3a:95:3c:fc:f4:a2:b8:7e:d3:80:ec: 2d:c4:e2:69:ae:04:69:f0:a1:4f:24:a4:56:1b:23:a4:30:34: d8:40:ae:6a:87:9f:7c:c8:a2:c8:69:6a:36:52:50:60:18:11: 11:d3:3e:66:8a:db:9f:72:90:4c:69:45:dd:9c:69:93:a3:17: ee:f3:7f:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LXCRiqEZRrBr6Ds/h41CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjZGE1Yzg3NDM1NGQ4MzgyNmU0M2MyNTM1Yjc2ZTIwZDVi NjFiMDUwHhcNMjYwMTI1MjIwMTQ4WhcNMjYwMTI2MjIwMTQ4WjAzMTEwLwYDVQQD EygzYmFjOTY5ODkxMTBkNmI5MzA3YWIyNGI2NTI2OTAyMTViMTlmN2U3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA9WOF4KFXuNYR2d+owqgZzu6AnN OHM5PMIY0EGOCrTE+9b8TKK1a4l3MUWQR+PogNI2+popt+kx50OO75O6fQizt6j4 5sMLuim5xjWuj8+FxZgNutrSR5EK5DVV3bwXS89w6Ym2rlko/3Qr3pJYaABgssGR D5iCSrJVJmJb095Uj1WwBRTqwde9wv0O3mcxVwZN2lgUO3Hd2I3FZAO2WmUdPMIB vGnLRZRo/s2NNyzDKUgghpW+fE9S0XNNL/6v5vTM1FomwimOhNJkEEjRMI+mhXgA 7HLGdgEZrrWtGrWjPrkEUJPGpJRtlDK+R17QNodu8TGqET8KZ7ZRfzwgFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDuslpiRENa5MHqyS2UmkCFbGffnMB8GA1UdIwQY MBaAFAzaXIdDVNg4JuQ8JTW3biDVthsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMt YzgyZjQyNGI2ZDBkLzEvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMtYzgyZjQyNGI2ZDBk LzEvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArXWeTuDU xgqwOr7TKXvXNKE5toqANCXRHv0eF4xlvhIjdvLD663raZ/vhjA2AZbUVDwnaidi 3OhhtKAZF7TICobscY7/lwdGwrWgUgtsNi4Dpn/1N2UOr2Y6IT9QgtsYisAny4Z7 6eU/c0xRxEICo12wuMG6ZOSFYj/TGENSEXme8cYIOFsonsBhmpmf2k490x/PnA8f E2blQtiBWjdWsHlRLrIG6i++LthBW36KOyuvkR1CXaC3wLwrFjqVPPz0orh+04Ds LcTiaa4EafChTySkVhsjpDA02ECuaoeffMiiyGlqNlJQYBgREdM+Zorbn3KQTGlF 3Zxpk6MX7vN/zg== -----END CERTIFICATE-----Generated at Mon Jan 26 08:02:14 2026 by rpki-client