This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.mft File: CFr4G5nr9ILzxrU1Hiniii4gs5g.mft (raw, json) Hash identifier: ZZjV05QD8nAzbX6HLYIvnI+bAXScN5DlWLnskZ1hQK4= Subject key identifier: C0:0C:F9:8F:81:7A:1A:09:F6:BF:9D:0F:7F:05:40:71:E2:96:05:C8 Authority key identifier: 08:5A:F8:1B:99:EB:F4:82:F3:C6:B5:35:1E:29:E2:8A:2E:20:B3:98 Certificate issuer: /CN=085af81b99ebf482f3c6b5351e29e28a2e20b398 Certificate serial: 019BF79A42111D9BC65417B063251B6DE44E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.mft Manifest number: 0598 Signing time: Mon 26 Jan 2026 00:00:40 +0000 Manifest this update: Mon 26 Jan 2026 00:00:40 +0000 Manifest next update: Tue 27 Jan 2026 00:00:40 +0000 Files and hashes: 1: 4PSqkbn4bMtBeCnSBAdphuD0N68.roa (hash: 7WdKS6f+17GrfB54aQeANA2RWiVlXakknw1q0Gpsn4w=) 2: CFr4G5nr9ILzxrU1Hiniii4gs5g.crl (hash: YFzeOU6CRBPU8iUi7Neew4wqndpSYeO5QMd6DMt5HCY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.mft rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:9a:42:11:1d:9b:c6:54:17:b0:63:25:1b:6d:e4:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=085af81b99ebf482f3c6b5351e29e28a2e20b398 Validity Not Before: Jan 26 00:00:40 2026 GMT Not After : Jan 27 00:00:40 2026 GMT Subject: CN=c00cf98f817a1a09f6bf9d0f7f054071e29605c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:9c:55:dd:21:fb:59:80:6e:37:5c:7a:05:0d: b9:78:4c:c2:b1:1d:39:e9:b2:5d:45:4f:d1:9b:f1: 83:ba:29:7e:eb:29:d1:bc:46:bb:c5:a5:44:ad:62: 06:9c:bb:22:f0:ad:19:57:4f:ce:64:bf:51:39:74: 50:ee:8e:78:c5:7d:59:bf:90:f4:f4:91:64:a0:11: a0:1a:4e:8d:da:44:40:f2:1c:95:70:c0:1f:c0:eb: a6:f0:4e:a4:aa:4f:00:0b:85:22:1c:3e:88:88:de: e6:ff:d5:56:88:cf:e6:34:8f:86:a1:ad:af:2d:6d: 7b:c4:97:dc:bc:69:69:1e:86:f7:e7:5a:21:64:44: 90:a5:98:1b:bd:2b:a9:2e:a2:c1:cd:92:36:e0:a3: 2d:64:4e:e5:2f:8e:bd:2b:db:5f:ed:38:a8:03:fb: 12:46:f7:7c:3f:89:d9:72:f3:c7:95:ba:f0:1f:65: 8d:75:81:4e:1e:1c:cd:dc:de:5b:5b:6e:c0:65:bc: 28:bd:f0:c9:01:7a:ff:76:86:6e:91:b5:51:bb:d0: 05:fb:de:cd:09:00:13:fc:5f:61:20:21:32:5b:ed: d8:9f:99:7f:63:11:79:03:3e:7b:82:c1:7a:c3:e8: 4c:2b:ca:68:e3:fb:3b:48:53:f1:c0:50:d7:86:e8: 58:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:0C:F9:8F:81:7A:1A:09:F6:BF:9D:0F:7F:05:40:71:E2:96:05:C8 X509v3 Authority Key Identifier: keyid:08:5A:F8:1B:99:EB:F4:82:F3:C6:B5:35:1E:29:E2:8A:2E:20:B3:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFr4G5nr9ILzxrU1Hiniii4gs5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0840e9-7199-4e03-84fd-c28d14c7b731/1/CFr4G5nr9ILzxrU1Hiniii4gs5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:80:0d:9a:6d:75:d5:c8:69:75:b3:e8:f2:14:aa:2b:b7:a7: 18:9a:0f:f2:cf:fc:6a:5e:db:1e:38:61:23:26:7d:20:4f:24: 1e:3c:9e:04:d9:2d:92:2b:d9:7a:5d:b4:d8:09:d2:f2:6d:49: b7:8a:6b:af:56:ed:2f:c1:0c:e0:b8:70:27:9f:17:3c:d5:b9: 6b:6d:ec:0c:04:9f:bb:da:bd:70:70:f3:af:07:bd:6a:c1:70: b1:e6:db:c7:f2:f4:cb:a4:fc:62:99:08:df:4a:90:ca:c3:f5: 51:b6:e6:90:69:f1:a2:41:cf:c2:94:e1:50:5c:20:8d:96:cd: 03:3f:55:3d:58:30:a0:25:aa:38:f1:a6:58:c4:db:42:65:2d: 5b:27:50:a1:58:1a:d5:3a:01:69:29:8c:c6:80:15:20:d7:7e: 02:bf:cd:8a:bb:16:21:b9:d8:de:8c:d2:d5:6e:69:d1:71:9b: 12:c9:91:62:90:c9:09:b8:ac:07:a8:57:11:7b:40:7a:ca:f4: 9c:15:aa:24:32:0a:e5:f5:5c:50:cd:86:12:94:b6:fa:ce:94: 0e:63:26:10:23:92:47:f1:83:5a:9b:5b:fa:2e:aa:2a:89:e7: 40:1e:66:cb:7f:9b:f2:4c:61:3c:d6:c0:01:ec:c7:72:1f:83: 08:82:fe:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3mkIRHZvGVBewYyUbbeROMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NWFmODFiOTllYmY0ODJmM2M2YjUzNTFlMjllMjhhMmUy MGIzOTgwHhcNMjYwMTI2MDAwMDQwWhcNMjYwMTI3MDAwMDQwWjAzMTEwLwYDVQQD EyhjMDBjZjk4ZjgxN2ExYTA5ZjZiZjlkMGY3ZjA1NDA3MWUyOTYwNWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZxV3SH7WYBuN1x6BQ25eEzCsR05 6bJdRU/Rm/GDuil+6ynRvEa7xaVErWIGnLsi8K0ZV0/OZL9ROXRQ7o54xX1Zv5D0 9JFkoBGgGk6N2kRA8hyVcMAfwOum8E6kqk8AC4UiHD6IiN7m/9VWiM/mNI+Goa2v LW17xJfcvGlpHob351ohZESQpZgbvSupLqLBzZI24KMtZE7lL469K9tf7TioA/sS Rvd8P4nZcvPHlbrwH2WNdYFOHhzN3N5bW27AZbwovfDJAXr/doZukbVRu9AF+97N CQAT/F9hICEyW+3Yn5l/YxF5Az57gsF6w+hMK8po4/s7SFPxwFDXhuhY/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMAM+Y+BehoJ9r+dD38FQHHilgXIMB8GA1UdIwQY MBaAFAha+BuZ6/SC88a1NR4p4oouILOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0ZyNEc1bnI5SUx6eHJVMUhpbmlpaTRnczVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wODQwZTktNzE5OS00ZTAzLTg0ZmQt YzI4ZDE0YzdiNzMxLzEvQ0ZyNEc1bnI5SUx6eHJVMUhpbmlpaTRnczVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wODQwZTktNzE5OS00ZTAzLTg0ZmQtYzI4ZDE0YzdiNzMx LzEvQ0ZyNEc1bnI5SUx6eHJVMUhpbmlpaTRnczVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4ANmm11 1chpdbPo8hSqK7enGJoP8s/8al7bHjhhIyZ9IE8kHjyeBNktkivZel202AnS8m1J t4prr1btL8EM4LhwJ58XPNW5a23sDASfu9q9cHDzrwe9asFwsebbx/L0y6T8YpkI 30qQysP1UbbmkGnxokHPwpThUFwgjZbNAz9VPVgwoCWqOPGmWMTbQmUtWydQoVga 1ToBaSmMxoAVINd+Ar/NirsWIbnY3ozS1W5p0XGbEsmRYpDJCbisB6hXEXtAesr0 nBWqJDIK5fVcUM2GEpS2+s6UDmMmECOSR/GDWptb+i6qKonnQB5my3+b8kxhPNbA AezHch+DCIL+FQ== -----END CERTIFICATE-----Generated at Mon Jan 26 09:45:58 2026 by rpki-client