This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft File: MzOeZKWFFMmwkemy5o4pNx5D498.mft (raw, json) Hash identifier: BfJ+0Z9WUYlE/6AU/FVz1PsxcqDqHveMNvBXdU1ZYG8= Subject key identifier: EB:5B:82:F1:A2:35:76:D0:EA:9F:E6:BB:5F:43:13:96:EC:5A:8F:8F Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df Certificate serial: 019BF79A600F84E2AFFC7E9919525670729F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft Manifest number: 0C33 Signing time: Mon 26 Jan 2026 00:00:47 +0000 Manifest this update: Mon 26 Jan 2026 00:00:47 +0000 Manifest next update: Tue 27 Jan 2026 00:00:47 +0000 Files and hashes: 1: MzOeZKWFFMmwkemy5o4pNx5D498.crl (hash: QGscjP9QgS0WJ3gPdO/nsz2rrQF3HBrDDhTEGBwgYqA=) 2: _buqN6yYSytWYhTqNPA1kKSIBNk.roa (hash: c6bP7C3wNXIAyK047P+noenWK/m8RQLknUBgsv8PDgI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:9a:60:0f:84:e2:af:fc:7e:99:19:52:56:70:72:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df Validity Not Before: Jan 26 00:00:47 2026 GMT Not After : Jan 27 00:00:47 2026 GMT Subject: CN=eb5b82f1a23576d0ea9fe6bb5f431396ec5a8f8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:86:25:3e:e1:11:bb:06:66:ef:f3:e5:b8:de: 53:c2:6e:66:0b:cd:62:2b:c0:82:ab:7f:70:f0:10: 04:63:01:fa:52:43:79:9f:a2:98:c9:5c:3c:40:81: fc:bb:14:95:ad:e4:94:e3:40:39:b3:68:53:42:d8: 23:d3:1c:61:a3:15:2f:88:16:3e:26:34:ad:a7:88: 23:48:b3:a4:d8:79:15:11:a8:ed:e6:a5:d5:99:63: b9:63:3b:7b:2e:bd:71:0b:50:0d:fa:37:43:ba:1e: 3f:37:8a:f8:00:6f:28:ae:03:87:9c:96:66:99:ec: f7:62:2b:6b:50:b3:b5:2e:56:ba:ce:4a:a5:43:4b: c8:29:2b:66:54:7c:d1:3e:30:2b:ed:c3:c2:1d:b2: 26:c3:35:b3:99:12:2b:0d:bf:74:5f:ab:8b:cd:0f: cf:01:a5:2a:32:47:13:76:b6:92:3d:2f:be:53:0f: 5a:2b:ec:a0:2e:62:38:fe:36:04:b2:ee:7b:2c:0d: ff:69:6d:c5:4a:58:98:19:0c:a4:32:b1:5f:01:0c: 63:1b:f2:be:41:7f:7f:e0:72:3b:c7:54:ad:5d:a4: 68:9c:8f:bb:5e:cb:20:e7:24:2c:c1:20:ca:9a:40: bf:bb:a6:b3:c7:7f:03:2f:12:4f:3f:ba:62:d6:13: 52:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:5B:82:F1:A2:35:76:D0:EA:9F:E6:BB:5F:43:13:96:EC:5A:8F:8F X509v3 Authority Key Identifier: keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:a0:6f:68:60:c6:0b:bc:2a:1e:c7:b1:1d:1c:2f:90:60:7d: 37:0a:cf:54:5a:0b:b8:90:dc:1c:66:4b:c9:de:cc:cf:a2:2e: eb:86:64:87:4d:23:1e:58:7d:da:ea:6f:d7:74:10:b3:04:51: c4:31:63:d7:49:ca:0b:e9:67:71:fa:61:1a:b4:f8:c6:59:9d: f6:d4:87:39:c1:62:67:4f:ea:5c:42:97:96:03:80:ba:ed:5a: 30:a9:0c:51:9d:1d:5d:43:19:12:c0:4b:e5:84:03:6a:7e:90: 5a:95:97:37:6e:3c:7c:ea:79:f5:e2:7b:8f:35:b6:97:66:9d: 7f:8e:2c:b6:65:47:15:57:bd:8a:4f:f6:15:c0:9d:97:8f:03: 8c:73:64:f3:07:05:8b:3f:29:57:08:98:68:e2:9c:25:cd:39: cc:68:d1:c4:1d:0f:43:2e:1c:17:60:68:50:a2:e3:ac:89:96: 64:26:88:53:93:67:98:b9:50:9c:4c:c9:40:16:e5:59:53:19: c5:03:44:2c:38:83:02:af:d9:74:6b:2a:83:7a:9d:a9:6d:70: f2:92:42:94:a1:ca:34:3d:aa:d0:aa:59:41:bb:c5:dc:45:fe: 41:57:73:da:54:cd:da:b8:0c:bf:15:6f:00:63:d8:9d:a1:02: 90:cd:a7:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3mmAPhOKv/H6ZGVJWcHKfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0 M2UzZGYwHhcNMjYwMTI2MDAwMDQ3WhcNMjYwMTI3MDAwMDQ3WjAzMTEwLwYDVQQD EyhlYjViODJmMWEyMzU3NmQwZWE5ZmU2YmI1ZjQzMTM5NmVjNWE4ZjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IYlPuERuwZm7/PluN5Twm5mC81i K8CCq39w8BAEYwH6UkN5n6KYyVw8QIH8uxSVreSU40A5s2hTQtgj0xxhoxUviBY+ JjStp4gjSLOk2HkVEajt5qXVmWO5Yzt7Lr1xC1AN+jdDuh4/N4r4AG8orgOHnJZm mez3YitrULO1Lla6zkqlQ0vIKStmVHzRPjAr7cPCHbImwzWzmRIrDb90X6uLzQ/P AaUqMkcTdraSPS++Uw9aK+ygLmI4/jYEsu57LA3/aW3FSliYGQykMrFfAQxjG/K+ QX9/4HI7x1StXaRonI+7Xssg5yQswSDKmkC/u6azx38DLxJPP7pi1hNS4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtbgvGiNXbQ6p/mu19DE5bsWo+PMB8GA1UdIwQY MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt NjM5ZGM0ZDVmMzcwLzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6BvaGDG C7wqHsexHRwvkGB9NwrPVFoLuJDcHGZLyd7Mz6Iu64Zkh00jHlh92upv13QQswRR xDFj10nKC+lncfphGrT4xlmd9tSHOcFiZ0/qXEKXlgOAuu1aMKkMUZ0dXUMZEsBL 5YQDan6QWpWXN248fOp59eJ7jzW2l2adf44stmVHFVe9ik/2FcCdl48DjHNk8wcF iz8pVwiYaOKcJc05zGjRxB0PQy4cF2BoUKLjrImWZCaIU5NnmLlQnEzJQBblWVMZ xQNELDiDAq/ZdGsqg3qdqW1w8pJClKHKND2q0KpZQbvF3EX+QVdz2lTN2rgMvxVv AGPYnaECkM2neQ== -----END CERTIFICATE-----Generated at Mon Jan 26 06:24:06 2026 by rpki-client