This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft File: caNBPUB9it-Ktr5VcGCU7-nD1do.mft (raw, json) Hash identifier: B/778bQa5wlzXDjqRc/R53s0F04VPh1bg/0ic16aI7Q= Subject key identifier: 9E:92:37:D7:8E:54:9F:C9:4A:5D:E8:B0:4E:8A:B9:24:A4:9B:29:3A Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Certificate serial: 019BF8AD1223429C7A9EB75EFDE403B2E10F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft Manifest number: 13B0 Signing time: Mon 26 Jan 2026 05:00:50 +0000 Manifest this update: Mon 26 Jan 2026 05:00:50 +0000 Manifest next update: Tue 27 Jan 2026 05:00:50 +0000 Files and hashes: 1: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (hash: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4=) 2: caNBPUB9it-Ktr5VcGCU7-nD1do.crl (hash: xn0Iq9HjeVclxRK5uFIFMaCN6vFYBlBotTvbbGCwzUg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:ad:12:23:42:9c:7a:9e:b7:5e:fd:e4:03:b2:e1:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Validity Not Before: Jan 26 05:00:50 2026 GMT Not After : Jan 27 05:00:50 2026 GMT Subject: CN=9e9237d78e549fc94a5de8b04e8ab924a49b293a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:bc:a9:10:89:23:4c:00:93:7f:42:d7:b4:0c: c0:d3:46:c8:2a:69:e4:87:e5:9a:54:07:4c:91:a1: a5:0c:a2:13:a3:47:69:9b:13:3d:ca:e7:1d:9f:d3: c8:0e:9f:28:7e:60:3a:a8:0e:42:42:50:0f:9f:52: 99:e0:69:be:7b:d8:74:e3:90:81:82:fc:0c:4a:de: d7:3f:76:29:67:56:8d:49:7a:4e:cf:dc:9a:f9:f5: 5c:50:e9:e6:70:85:f8:a2:60:15:71:fa:dc:8a:bf: a1:d0:44:73:0b:c1:63:fb:51:02:0b:7a:ed:ad:0c: 38:6e:08:1c:cc:42:46:d1:cf:19:76:a3:4b:a2:c7: c1:e8:ec:7b:f8:c9:5a:ac:0c:b0:c4:0b:3e:00:1a: d9:18:6a:b9:d8:bc:8a:b6:84:fe:6d:89:e4:c6:3e: 44:cf:1e:7c:72:7b:68:96:ae:32:58:3a:e1:da:19: 00:df:ea:b5:04:a1:e6:d5:9b:a7:5a:23:99:66:52: 59:d6:a0:51:8a:46:24:7f:64:59:8c:5a:b8:3c:1a: f8:de:66:0b:bf:50:bc:91:99:24:e6:db:43:2b:31: c8:8f:61:72:c6:0d:be:84:ef:94:a6:f4:c7:b9:14: 65:01:30:7e:3d:64:7d:d5:cc:71:d1:6a:b7:fc:ae: 25:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:92:37:D7:8E:54:9F:C9:4A:5D:E8:B0:4E:8A:B9:24:A4:9B:29:3A X509v3 Authority Key Identifier: keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:d7:79:cf:5a:7a:10:ec:8f:5e:51:c9:f6:23:a6:30:76:34: 05:87:b3:4e:a7:71:17:ed:d9:44:38:5b:63:72:ce:4e:4d:6d: 11:6e:1a:a2:5d:07:bd:fe:37:61:09:e1:7d:fd:5b:93:2d:ea: ee:81:d8:cf:a6:56:e3:d7:bc:66:07:1b:46:2b:d4:1a:01:42: bc:e7:ef:f8:94:9b:00:42:ca:7b:15:5e:5c:fc:70:7f:f6:f3: 60:89:bc:05:ae:3e:7a:26:36:56:0e:f6:61:8c:8e:e2:7c:f2: 8b:f7:5b:1a:5c:0e:d4:7e:73:33:9b:78:4b:03:e9:f8:40:15: 96:f6:ea:4c:f8:6e:e4:8a:b2:99:88:fa:80:89:45:ad:8a:87: 95:57:5a:68:d2:58:14:0e:50:f3:25:d7:e0:d1:4e:3e:94:5a: 44:ef:8d:fb:dc:ad:f1:be:6d:2b:76:78:54:af:d8:fb:df:31: c4:24:c4:50:98:f7:fc:e3:e6:5b:c3:53:e5:40:2d:62:9f:df: 8d:90:aa:29:e8:5b:09:c7:0d:c1:44:a3:bb:e1:30:8f:7a:75: 05:c0:3d:a4:e1:18:2d:3a:c9:01:6f:ae:29:4f:55:b8:09:9b: 46:59:a0:9b:74:44:a8:f7:37:40:49:b1:ed:2e:5d:ab:3c:1a: 5d:4b:f5:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4rRIjQpx6nrde/eQDsuEPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj M2Q1ZGEwHhcNMjYwMTI2MDUwMDUwWhcNMjYwMTI3MDUwMDUwWjAzMTEwLwYDVQQD Eyg5ZTkyMzdkNzhlNTQ5ZmM5NGE1ZGU4YjA0ZThhYjkyNGE0OWIyOTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLypEIkjTACTf0LXtAzA00bIKmnk h+WaVAdMkaGlDKITo0dpmxM9yucdn9PIDp8ofmA6qA5CQlAPn1KZ4Gm+e9h045CB gvwMSt7XP3YpZ1aNSXpOz9ya+fVcUOnmcIX4omAVcfrcir+h0ERzC8Fj+1ECC3rt rQw4bggczEJG0c8ZdqNLosfB6Ox7+MlarAywxAs+ABrZGGq52LyKtoT+bYnkxj5E zx58cntolq4yWDrh2hkA3+q1BKHm1ZunWiOZZlJZ1qBRikYkf2RZjFq4PBr43mYL v1C8kZkk5ttDKzHIj2Fyxg2+hO+UpvTHuRRlATB+PWR91cxx0Wq3/K4lgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ6SN9eOVJ/JSl3osE6KuSSkmyk6MB8GA1UdIwQY MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct ODMyMGRlNDRkZjhiLzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAStd5z1p6 EOyPXlHJ9iOmMHY0BYezTqdxF+3ZRDhbY3LOTk1tEW4aol0Hvf43YQnhff1bky3q 7oHYz6ZW49e8ZgcbRivUGgFCvOfv+JSbAELKexVeXPxwf/bzYIm8Ba4+eiY2Vg72 YYyO4nzyi/dbGlwO1H5zM5t4SwPp+EAVlvbqTPhu5IqymYj6gIlFrYqHlVdaaNJY FA5Q8yXX4NFOPpRaRO+N+9yt8b5tK3Z4VK/Y+98xxCTEUJj3/OPmW8NT5UAtYp/f jZCqKehbCccNwUSju+Ewj3p1BcA9pOEYLTrJAW+uKU9VuAmbRlmgm3REqPc3QEmx 7S5dqzwaXUv17A== -----END CERTIFICATE-----Generated at Mon Jan 26 14:26:03 2026 by rpki-client