This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json) Hash identifier: LaI24sEaE7YnCwUCVwtkOEd/i6sVusj1QIe0hOLJchI= Subject key identifier: 5B:9D:38:D6:A0:B8:E3:1D:DC:F4:6C:09:5E:57:16:B3:70:E6:A0:7D Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d Certificate serial: 019BF5AC9BED1B54AF49EEF5C1B85B56039E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft Manifest number: 17E9 Signing time: Sun 25 Jan 2026 15:01:28 +0000 Manifest this update: Sun 25 Jan 2026 15:01:28 +0000 Manifest next update: Mon 26 Jan 2026 15:01:28 +0000 Files and hashes: 1: 24AsigLbaKArrRhQpNvzkLuNdsw.roa (hash: Y6cso1vmOQRNAQC+IgTQnFt9A6yD7HrC8YdvTQc2P8Y=) 2: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: uCeMNgL/44fdol7UEION5fBX24ecXxXBfU/gXdNIeXI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:9b:ed:1b:54:af:49:ee:f5:c1:b8:5b:56:03:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d Validity Not Before: Jan 25 15:01:28 2026 GMT Not After : Jan 26 15:01:28 2026 GMT Subject: CN=5b9d38d6a0b8e31ddcf46c095e5716b370e6a07d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:14:55:e6:6f:13:ad:58:87:9e:86:0d:3d:fe: cc:29:61:b0:58:5c:86:44:d8:05:c4:91:6f:42:1d: ca:71:ab:37:24:37:75:88:cd:46:5d:a4:e1:15:c7: 4d:c1:69:71:0c:72:74:2d:14:7c:5c:75:d9:64:84: d5:fd:94:dd:65:6f:ba:45:2a:bc:10:32:b9:77:9a: aa:28:f1:d0:87:e5:7e:59:71:ff:38:2e:59:e4:11: 8d:20:92:82:ec:09:9d:3d:f8:12:c5:7e:32:dd:64: 58:73:aa:bc:53:2f:26:a7:60:91:5c:0f:71:2e:71: 8a:10:42:65:0b:97:60:f8:e7:da:20:ff:7a:57:db: 02:77:32:a7:a0:8a:fd:e6:8c:42:36:20:b0:99:93: 90:83:b2:ca:16:15:ce:7e:35:a4:a8:b1:44:1b:b4: b0:8c:9a:54:e5:3b:c0:ea:43:af:16:8d:10:21:4d: 92:e1:50:ba:63:20:09:c2:1f:aa:31:78:0a:b2:79: c8:d7:fe:3d:73:6c:45:3d:7b:0e:b3:a3:15:bd:b3: f9:90:40:67:a1:d6:59:b3:96:ad:06:79:fa:9c:8d: 59:51:d3:eb:c6:0e:d1:f2:e8:be:4e:da:df:b5:27: 1e:89:61:88:94:cd:f5:11:ab:02:7a:aa:5f:fa:37: 17:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:9D:38:D6:A0:B8:E3:1D:DC:F4:6C:09:5E:57:16:B3:70:E6:A0:7D X509v3 Authority Key Identifier: keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:12:57:34:e2:eb:ae:6b:0c:73:4f:ba:b4:ac:11:f9:b9:13: cb:fd:d4:ea:26:d5:fd:8c:b3:c9:5c:ed:48:b3:d5:27:20:79: 94:67:20:7f:24:19:5a:ce:ca:09:5d:ad:f2:21:6b:7b:51:d0: 7c:9a:ae:bf:5c:cb:c0:81:20:8f:94:95:9e:96:73:84:ba:82: 12:6a:6e:d6:29:27:cb:fe:2a:40:dd:c3:be:d1:0e:4c:99:00: 4f:84:5e:e7:1f:26:83:7b:00:aa:e4:12:fe:1a:a1:bc:54:f8: 0c:7a:da:5b:8a:05:16:0f:9b:9c:89:ee:6e:e5:86:cf:d9:49: 5c:13:f1:da:b7:83:95:67:ab:50:00:ad:a4:25:9c:a1:e6:a2: 6e:72:24:74:79:b3:20:dd:4c:a9:de:bc:6f:b1:ac:c5:6e:22: e5:46:3f:4f:eb:ff:c9:18:56:5b:e3:94:bf:3d:b2:b3:35:f0: 0b:0f:99:99:4b:4d:ed:76:78:79:b1:05:2c:e3:38:7e:c8:1b: 51:95:a4:05:81:2c:b6:f9:92:f4:48:42:4d:e4:14:75:3c:8d: a2:a7:d8:35:f9:6b:3c:4b:89:1a:04:c5:55:2c:81:67:53:e4: 57:02:4f:67:0c:bc:4f:81:f5:e0:74:38:5f:47:44:69:85:d2: 0b:ed:77:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rJvtG1SvSe71wbhbVgOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm MWRhMWQwHhcNMjYwMTI1MTUwMTI4WhcNMjYwMTI2MTUwMTI4WjAzMTEwLwYDVQQD Eyg1YjlkMzhkNmEwYjhlMzFkZGNmNDZjMDk1ZTU3MTZiMzcwZTZhMDdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hRV5m8TrViHnoYNPf7MKWGwWFyG RNgFxJFvQh3Kcas3JDd1iM1GXaThFcdNwWlxDHJ0LRR8XHXZZITV/ZTdZW+6RSq8 EDK5d5qqKPHQh+V+WXH/OC5Z5BGNIJKC7AmdPfgSxX4y3WRYc6q8Uy8mp2CRXA9x LnGKEEJlC5dg+OfaIP96V9sCdzKnoIr95oxCNiCwmZOQg7LKFhXOfjWkqLFEG7Sw jJpU5TvA6kOvFo0QIU2S4VC6YyAJwh+qMXgKsnnI1/49c2xFPXsOs6MVvbP5kEBn odZZs5atBnn6nI1ZUdPrxg7R8ui+TtrftSceiWGIlM31EasCeqpf+jcXLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFudONaguOMd3PRsCV5XFrNw5qB9MB8GA1UdIwQY MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1 LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBJXNOLr rmsMc0+6tKwR+bkTy/3U6ibV/YyzyVztSLPVJyB5lGcgfyQZWs7KCV2t8iFre1HQ fJquv1zLwIEgj5SVnpZzhLqCEmpu1ikny/4qQN3DvtEOTJkAT4Re5x8mg3sAquQS /hqhvFT4DHraW4oFFg+bnInubuWGz9lJXBPx2reDlWerUACtpCWcoeaibnIkdHmz IN1Mqd68b7GsxW4i5UY/T+v/yRhWW+OUvz2yszXwCw+ZmUtN7XZ4ebEFLOM4fsgb UZWkBYEstvmS9EhCTeQUdTyNoqfYNflrPEuJGgTFVSyBZ1PkVwJPZwy8T4H14HQ4 X0dEaYXSC+13yA== -----END CERTIFICATE-----Generated at Sun Jan 25 20:09:03 2026 by rpki-client