This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft File: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft (raw, json) Hash identifier: JPT4e4QpxLEZ1Cj0d48Txl/yZQYnZME72C+i1q4ZUdg= Subject key identifier: AA:BF:D9:67:2D:85:3C:ED:24:2A:41:C4:C7:C3:B5:1B:23:D2:F7:B2 Authority key identifier: 43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24 Certificate issuer: /CN=43cf416193a1c2ed3056b647e5a46503148e3824 Certificate serial: 019BF4633C07099154AA4CD540E3E2E3AEE9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft Manifest number: 08A7 Signing time: Sun 25 Jan 2026 09:01:42 +0000 Manifest this update: Sun 25 Jan 2026 09:01:42 +0000 Manifest next update: Mon 26 Jan 2026 09:01:42 +0000 Files and hashes: 1: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl (hash: ZU3znJ2OFexVcOFduD7Kjbjkmc01SUyzgIaJyC8RP1s=) 2: uRy6lNHq57rdX7_VPdepBDiNmnc.roa (hash: 65Rm9CIooU3CDnzNITl4VhD3i1B6DOi7f6KdO4ec990=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:63:3c:07:09:91:54:aa:4c:d5:40:e3:e2:e3:ae:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43cf416193a1c2ed3056b647e5a46503148e3824 Validity Not Before: Jan 25 09:01:42 2026 GMT Not After : Jan 26 09:01:42 2026 GMT Subject: CN=aabfd9672d853ced242a41c4c7c3b51b23d2f7b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1d:43:29:e7:74:9e:3f:22:63:f2:8e:66:a9: 27:c5:7e:21:b7:bc:94:79:94:af:d5:b5:03:d9:19: 4d:7e:38:33:4a:85:0f:2d:32:fc:09:64:7d:52:e8: dc:72:73:ae:b6:cd:87:31:6c:63:25:8c:c3:1f:fa: c7:5d:50:75:8d:91:e2:d5:b4:2b:e0:4e:1f:25:f9: 34:8c:7e:70:08:45:08:dc:69:00:af:9c:7b:1c:db: c2:cf:35:23:c4:29:b0:de:cf:9c:47:12:6b:bf:aa: ac:91:e8:7a:9b:bb:e4:a1:19:db:5b:73:45:17:1a: f5:cf:48:e0:f2:68:f4:56:89:6a:d0:11:6c:44:6e: 04:38:9d:95:6b:3d:d3:6c:7b:7a:c8:0c:48:01:cf: a1:c7:b1:d5:9b:b2:dc:50:de:41:ce:fc:73:b9:67: fa:18:aa:3e:0c:11:2c:63:e1:3c:49:b8:17:7b:1c: 85:df:14:c8:5d:fb:a3:29:95:01:f3:b9:5b:a0:8c: be:ce:e4:92:c5:da:0c:c0:1a:a7:9a:9a:47:da:fb: 23:4e:72:b6:1d:02:a8:77:b0:79:7c:83:16:da:92: 5c:7f:6e:96:60:65:16:73:34:56:bf:a5:47:66:96: 87:30:9a:7b:fe:e2:a3:b6:62:4f:27:f3:f4:4b:40: f3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:BF:D9:67:2D:85:3C:ED:24:2A:41:C4:C7:C3:B5:1B:23:D2:F7:B2 X509v3 Authority Key Identifier: keyid:43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:af:c7:03:bb:74:c9:aa:63:01:69:19:bc:00:f3:6e:63:45: fe:91:d2:7c:a4:0b:ef:00:5a:a0:cb:ec:8e:ee:72:c0:85:53: 56:a5:28:1f:67:09:e4:3e:50:2a:82:f3:c4:b6:7d:46:93:a0: 4f:b7:6f:20:7f:c9:cb:3e:12:79:43:7b:6f:37:3d:e4:a1:64: c1:11:23:b0:81:55:c1:e4:51:d0:5c:de:22:d4:75:b4:5f:20: cc:4e:4b:e9:81:bc:0b:da:04:b0:4a:e9:d5:1e:6f:e2:be:27: e9:37:0c:79:b3:dc:5c:f9:e9:26:65:6e:6d:22:aa:15:a3:27: c8:f2:6c:ab:51:88:ff:ba:62:43:4b:af:93:19:45:53:cb:83: 28:85:d3:be:98:4b:69:0a:f0:dd:77:aa:1b:89:6d:bc:97:53: 36:e9:65:15:73:7c:10:4f:dc:c8:bc:71:41:07:9c:31:a1:c8: e1:19:de:1f:e7:3f:e1:7b:22:d5:bc:d0:c4:c0:2c:d1:87:31: 64:c7:34:e4:b3:4b:fb:e1:3c:ca:eb:ba:d9:42:c8:bb:12:cd: 9a:fb:a0:6c:b5:35:68:ec:c2:dd:38:33:da:4a:9d:2e:9e:d3: 58:be:ee:38:34:3a:f5:69:33:5c:ec:5b:a0:47:ed:5a:6f:e1: d0:ad:aa:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0YzwHCZFUqkzVQOPi467pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzY2Y0MTYxOTNhMWMyZWQzMDU2YjY0N2U1YTQ2NTAzMTQ4 ZTM4MjQwHhcNMjYwMTI1MDkwMTQyWhcNMjYwMTI2MDkwMTQyWjAzMTEwLwYDVQQD EyhhYWJmZDk2NzJkODUzY2VkMjQyYTQxYzRjN2MzYjUxYjIzZDJmN2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR1DKed0nj8iY/KOZqknxX4ht7yU eZSv1bUD2RlNfjgzSoUPLTL8CWR9UujccnOuts2HMWxjJYzDH/rHXVB1jZHi1bQr 4E4fJfk0jH5wCEUI3GkAr5x7HNvCzzUjxCmw3s+cRxJrv6qskeh6m7vkoRnbW3NF Fxr1z0jg8mj0Volq0BFsRG4EOJ2Vaz3TbHt6yAxIAc+hx7HVm7LcUN5BzvxzuWf6 GKo+DBEsY+E8SbgXexyF3xTIXfujKZUB87lboIy+zuSSxdoMwBqnmppH2vsjTnK2 HQKod7B5fIMW2pJcf26WYGUWczRWv6VHZpaHMJp7/uKjtmJPJ/P0S0DzeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKq/2WcthTztJCpBxMfDtRsj0veyMB8GA1UdIwQY MBaAFEPPQWGTocLtMFa2R+WkZQMUjjgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1Nzct MDliOTY5ZDE2MGZlLzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1NzctMDliOTY5ZDE2MGZl LzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOK/HA7t0 yapjAWkZvADzbmNF/pHSfKQL7wBaoMvsju5ywIVTVqUoH2cJ5D5QKoLzxLZ9RpOg T7dvIH/Jyz4SeUN7bzc95KFkwREjsIFVweRR0FzeItR1tF8gzE5L6YG8C9oEsErp 1R5v4r4n6TcMebPcXPnpJmVubSKqFaMnyPJsq1GI/7piQ0uvkxlFU8uDKIXTvphL aQrw3XeqG4ltvJdTNullFXN8EE/cyLxxQQecMaHI4RneH+c/4Xsi1bzQxMAs0Ycx ZMc05LNL++E8yuu62ULIuxLNmvugbLU1aOzC3Tgz2kqdLp7TWL7uODQ69WkzXOxb oEftWm/h0K2qnA== -----END CERTIFICATE-----Generated at Sun Jan 25 16:23:31 2026 by rpki-client