This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft File: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft (raw, json) Hash identifier: Igh1qP8wr+KdLwbkRIiPmoZWES7UeQ1bwFPQvZAX76E= Subject key identifier: 2D:1A:D1:44:95:9A:A5:FC:6A:DA:C6:14:1D:D6:8F:D6:FE:84:D6:61 Authority key identifier: 0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 Certificate issuer: /CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Certificate serial: 019BF807F91BF5F29B20C25871D8AAA393F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft Manifest number: 0F4D Signing time: Mon 26 Jan 2026 02:00:30 +0000 Manifest this update: Mon 26 Jan 2026 02:00:30 +0000 Manifest next update: Tue 27 Jan 2026 02:00:30 +0000 Files and hashes: 1: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl (hash: sIl1vt4MCYhRNPgD9r+jBAdgnnevVvBNxJGyskvxP3k=) 2: x5ebKc9_3qA7pEOC0_BnOS1B8oI.roa (hash: AqP1AEgenjD2KrPY+QLH5krFzTJA90JozOTpwzG6a5A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:07:f9:1b:f5:f2:9b:20:c2:58:71:d8:aa:a3:93:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Validity Not Before: Jan 26 02:00:30 2026 GMT Not After : Jan 27 02:00:30 2026 GMT Subject: CN=2d1ad144959aa5fc6adac6141dd68fd6fe84d661 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:3e:84:7e:ae:55:a0:31:f5:e2:55:dc:21:c8: b0:7b:77:8f:9b:9b:b8:07:39:b8:b5:8f:a2:80:2a: 60:a1:c5:e2:5d:36:65:c1:ec:30:3f:ee:5f:e6:19: f7:d4:f0:98:03:3d:a1:b0:ee:52:b9:dd:25:1d:6f: f8:ce:85:95:e1:ed:41:01:b5:fb:bc:1a:ad:64:5b: d7:d3:74:18:6f:4f:f5:38:99:96:a3:22:33:2a:8d: a9:e4:cb:4d:f7:39:0e:62:d8:39:f5:ef:d4:88:4f: e9:36:8d:4f:c6:9c:7c:e7:82:d7:f6:85:ac:9a:cd: 1f:ad:21:b5:a4:da:ed:0c:36:ed:70:1f:bc:f3:31: ae:ac:be:f1:ae:aa:9b:07:07:93:51:8d:47:c7:5d: 89:e0:a8:83:89:07:10:31:f9:bd:fc:9b:31:77:00: 43:1c:25:41:33:7c:9a:1c:b2:a2:14:9b:e5:77:d4: e7:11:71:55:85:d1:3b:4a:6a:d6:a1:3e:1f:56:5f: dd:fa:3c:08:0b:8f:b6:13:f5:4b:fb:ed:33:0c:56: 9e:a0:30:cd:88:86:f9:72:c7:39:1c:5b:fd:3e:a8: 30:b7:09:15:73:26:3b:71:ae:9d:bd:4e:39:08:91: e5:09:26:54:28:c5:86:a1:16:aa:c5:d6:f1:ca:6a: b9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:1A:D1:44:95:9A:A5:FC:6A:DA:C6:14:1D:D6:8F:D6:FE:84:D6:61 X509v3 Authority Key Identifier: keyid:0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:6b:93:00:66:7d:84:dd:e8:f5:05:18:7d:d8:2c:61:d6:18: 12:55:d0:bc:82:59:b7:f1:44:c6:31:1b:4d:90:be:29:be:da: 58:63:5a:4b:6d:9a:a0:9b:50:de:f4:95:c6:13:35:eb:32:95: ba:6a:35:c1:96:0f:16:3e:84:d2:6a:46:6a:17:4a:99:db:a6: bd:9a:e8:57:9d:23:a8:19:6f:f3:af:d4:de:2d:bf:80:ec:27: 50:d1:c0:3f:34:97:a9:5f:53:76:6a:8f:6e:c1:aa:6d:3a:33: 09:c8:a2:fc:9e:3f:3e:90:fa:a1:dd:b0:a7:9d:86:d6:bd:34: 5e:37:fa:f1:81:34:e7:fc:55:8e:96:f3:b1:ca:97:34:a3:ae: db:d1:54:a3:ad:59:93:01:4f:2c:c3:ee:31:f8:1b:c8:4f:64: 38:a9:45:1a:40:36:8a:cf:bb:59:e2:23:02:e2:f0:fe:7a:0d: 91:8a:c5:ff:1d:10:1c:9d:0b:8a:8f:56:c3:0d:e2:6e:92:db: 00:ec:b0:32:da:d8:f6:e4:e0:45:49:3b:d5:12:0e:b7:21:00: 51:5f:fa:fe:6a:8e:15:7c:aa:81:fd:f8:24:26:08:63:07:91: 5e:a1:77:4a:fa:cf:31:f0:69:82:2a:27:0a:c5:01:6e:84:c9: cf:52:32:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4B/kb9fKbIMJYcdiqo5P0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNzg0YmQ5NmE0NGJjMzYxZDEzMzQ0ZDU0YzhiYzUxZmY2 N2E4MDIwHhcNMjYwMTI2MDIwMDMwWhcNMjYwMTI3MDIwMDMwWjAzMTEwLwYDVQQD EygyZDFhZDE0NDk1OWFhNWZjNmFkYWM2MTQxZGQ2OGZkNmZlODRkNjYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7D6Efq5VoDH14lXcIciwe3ePm5u4 Bzm4tY+igCpgocXiXTZlwewwP+5f5hn31PCYAz2hsO5Sud0lHW/4zoWV4e1BAbX7 vBqtZFvX03QYb0/1OJmWoyIzKo2p5MtN9zkOYtg59e/UiE/pNo1Pxpx854LX9oWs ms0frSG1pNrtDDbtcB+88zGurL7xrqqbBweTUY1Hx12J4KiDiQcQMfm9/JsxdwBD HCVBM3yaHLKiFJvld9TnEXFVhdE7SmrWoT4fVl/d+jwIC4+2E/VL++0zDFaeoDDN iIb5csc5HFv9PqgwtwkVcyY7ca6dvU45CJHlCSZUKMWGoRaqxdbxymq5SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC0a0USVmqX8atrGFB3Wj9b+hNZhMB8GA1UdIwQY MBaAFA14S9lqRLw2HRM0TVTIvFH/Z6gCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAt ZDRjNjZmNGYzYjZlLzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAtZDRjNjZmNGYzYjZl LzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsGuTAGZ9 hN3o9QUYfdgsYdYYElXQvIJZt/FExjEbTZC+Kb7aWGNaS22aoJtQ3vSVxhM16zKV umo1wZYPFj6E0mpGahdKmdumvZroV50jqBlv86/U3i2/gOwnUNHAPzSXqV9TdmqP bsGqbTozCcii/J4/PpD6od2wp52G1r00Xjf68YE05/xVjpbzscqXNKOu29FUo61Z kwFPLMPuMfgbyE9kOKlFGkA2is+7WeIjAuLw/noNkYrF/x0QHJ0Lio9Www3ibpLb AOywMtrY9uTgRUk71RIOtyEAUV/6/mqOFXyqgf34JCYIYweRXqF3SvrPMfBpgion CsUBboTJz1Iy4A== -----END CERTIFICATE-----Generated at Mon Jan 26 10:18:43 2026 by rpki-client