This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json) Hash identifier: VkjmG7oMMVcrZ7JZkYeEqYf7cWnwB6DvvDRJvDWYc6U= Subject key identifier: 5F:8A:5E:EC:21:E7:0D:C7:8A:4A:E5:87:31:E4:02:52:6F:EF:20:2E Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Certificate serial: 019BF5E2E813A4F20500C7F188C165859B9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft Manifest number: 02D3 Signing time: Sun 25 Jan 2026 16:00:47 +0000 Manifest this update: Sun 25 Jan 2026 16:00:47 +0000 Manifest next update: Mon 26 Jan 2026 16:00:47 +0000 Files and hashes: 1: SyOMrq9ZPqa-CxddJFs4EYM4Fbg.roa (hash: wy5+/o73Vk3SAFiCb5cli4N7qOzZBJq1Ya6ET4kdAcw=) 2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: 2gRWPa5fFeC5Wc+56iFp6dBjZOTULOthoBbqlkmfu48=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:e2:e8:13:a4:f2:05:00:c7:f1:88:c1:65:85:9b:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Validity Not Before: Jan 25 16:00:47 2026 GMT Not After : Jan 26 16:00:47 2026 GMT Subject: CN=5f8a5eec21e70dc78a4ae58731e402526fef202e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:af:01:ef:f5:e0:fa:79:08:55:1c:b5:09:b0: dd:76:f3:15:6c:18:7c:05:e1:54:d5:9d:fc:89:58: 9e:6e:6c:72:1b:f5:7a:01:80:0e:97:7d:b8:4b:be: 91:4e:14:c3:b7:f4:e6:71:58:ff:58:43:2f:19:8a: 70:95:7d:1d:05:c4:1f:3b:e7:f2:0c:56:3b:70:4a: e7:2f:eb:4e:fd:40:e2:56:d3:c3:70:41:07:51:65: 85:82:6a:2c:e7:55:ed:de:61:8f:11:5c:03:d1:40: a2:39:99:70:dc:25:9b:17:ce:b9:71:5e:b3:df:ba: 1a:14:38:cf:3a:ca:de:60:6e:32:1e:03:7a:db:22: 12:93:a9:cb:d7:6f:f3:b5:bd:be:a5:f5:be:85:a6: c6:9d:de:da:38:9c:38:6d:7c:ec:8d:c7:d3:f7:8c: 01:e2:40:d7:bf:05:69:bd:0b:0a:b6:76:fd:35:fa: 87:a4:cd:61:cc:77:89:39:04:19:3a:8f:64:fc:41: cd:45:99:27:51:42:96:94:8c:1d:7c:e6:63:d9:fc: 1f:9d:55:4c:4d:1a:db:29:f2:2b:d9:2a:fc:b2:3a: 05:16:e3:cf:6b:de:2e:9a:4b:19:1e:3f:fa:fc:5b: 99:40:b0:70:da:17:0e:59:d9:eb:6a:bc:80:e5:18: 1d:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:8A:5E:EC:21:E7:0D:C7:8A:4A:E5:87:31:E4:02:52:6F:EF:20:2E X509v3 Authority Key Identifier: keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:f7:85:a7:8d:4b:e0:27:16:49:15:a3:69:fe:45:f6:78:33: 15:68:eb:74:55:48:30:95:14:64:99:54:d1:a2:a8:26:a2:d7: 58:d7:8c:79:94:62:9f:0b:3b:1f:4a:23:7f:c0:a4:ba:c4:66: ba:12:c7:d4:44:29:50:52:77:12:2d:aa:19:ce:37:54:bf:ff: 39:42:48:e1:4b:17:9f:c5:b0:5d:9c:4a:5f:a0:89:60:4f:1f: 11:67:31:b1:3a:8f:54:89:1d:32:bc:fe:d6:17:9d:d4:53:5b: 2c:1a:12:ce:a8:90:c4:d3:f8:66:ac:7c:47:0b:a4:69:3c:a8: 50:59:bb:4c:f7:ad:97:12:e2:d8:ee:39:9a:aa:eb:90:91:f5: 2b:2c:d4:7b:81:17:96:a8:c2:56:6d:c1:8d:42:01:b0:c4:c2: 96:1a:b5:ec:2a:85:ac:02:ca:23:05:68:e9:9e:df:6e:81:60: 96:b9:65:21:34:6c:f7:e2:e8:1f:ab:ef:ca:c0:7b:a9:7f:8b: 76:64:90:2b:00:36:3b:c6:31:5e:58:0b:c7:aa:52:3c:02:42: b6:04:8c:f3:6d:d4:e9:01:26:cd:f8:47:42:63:f8:16:06:00: 3a:4e:6d:80:7f:d5:d3:a1:19:c8:7f:73:87:e1:45:6b:32:db: 41:89:74:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv14ugTpPIFAMfxiMFlhZudMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh ZDJkMzUwHhcNMjYwMTI1MTYwMDQ3WhcNMjYwMTI2MTYwMDQ3WjAzMTEwLwYDVQQD Eyg1ZjhhNWVlYzIxZTcwZGM3OGE0YWU1ODczMWU0MDI1MjZmZWYyMDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA368B7/Xg+nkIVRy1CbDddvMVbBh8 BeFU1Z38iViebmxyG/V6AYAOl324S76RThTDt/TmcVj/WEMvGYpwlX0dBcQfO+fy DFY7cErnL+tO/UDiVtPDcEEHUWWFgmos51Xt3mGPEVwD0UCiOZlw3CWbF865cV6z 37oaFDjPOsreYG4yHgN62yISk6nL12/ztb2+pfW+habGnd7aOJw4bXzsjcfT94wB 4kDXvwVpvQsKtnb9NfqHpM1hzHeJOQQZOo9k/EHNRZknUUKWlIwdfOZj2fwfnVVM TRrbKfIr2Sr8sjoFFuPPa94umksZHj/6/FuZQLBw2hcOWdnraryA5RgdnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF+KXuwh5w3HikrlhzHkAlJv7yAuMB8GA1UdIwQY MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3 LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcveFp41L 4CcWSRWjaf5F9ngzFWjrdFVIMJUUZJlU0aKoJqLXWNeMeZRinws7H0ojf8CkusRm uhLH1EQpUFJ3Ei2qGc43VL//OUJI4UsXn8WwXZxKX6CJYE8fEWcxsTqPVIkdMrz+ 1hed1FNbLBoSzqiQxNP4Zqx8RwukaTyoUFm7TPetlxLi2O45mqrrkJH1KyzUe4EX lqjCVm3BjUIBsMTClhq17CqFrALKIwVo6Z7fboFglrllITRs9+LoH6vvysB7qX+L dmSQKwA2O8YxXlgLx6pSPAJCtgSM823U6QEmzfhHQmP4FgYAOk5tgH/V06EZyH9z h+FFazLbQYl0cA== -----END CERTIFICATE-----Generated at Mon Jan 26 02:21:33 2026 by rpki-client