This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft File: sHATRrrVXff13IGLu7z7t9sQcKs.mft (raw, json) Hash identifier: UgDzi+NIafq6zzleZoNEkajo1wQxjKR4T510qi+vf4Q= Subject key identifier: B5:38:6C:8A:03:19:CB:D0:D3:2B:EB:2C:11:32:8A:9B:72:2D:09:AC Authority key identifier: B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB Certificate issuer: /CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab Certificate serial: 019BF4D09F603C79E13EC1E0D943D31717C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft Manifest number: 09BC Signing time: Sun 25 Jan 2026 11:01:11 +0000 Manifest this update: Sun 25 Jan 2026 11:01:11 +0000 Manifest next update: Mon 26 Jan 2026 11:01:11 +0000 Files and hashes: 1: R2homvSPlS0ZNmTrlajY_zO_3zQ.roa (hash: up0EjA2CeJ2YIvafcu9UiDmzcn/ykgETYaqOziBtni8=) 2: sHATRrrVXff13IGLu7z7t9sQcKs.crl (hash: fh3tHlzdGXJaqRH4zFAmlvPp38iGuUJ3vWZwDdl830w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.crl rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:d0:9f:60:3c:79:e1:3e:c1:e0:d9:43:d3:17:17:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab Validity Not Before: Jan 25 11:01:11 2026 GMT Not After : Jan 26 11:01:11 2026 GMT Subject: CN=b5386c8a0319cbd0d32beb2c11328a9b722d09ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:88:11:60:70:de:19:cb:e2:07:43:8a:52:c3: 79:f2:91:40:e8:6c:24:c7:ca:cb:19:9c:29:05:6b: eb:a4:10:00:ca:f2:29:78:db:58:1d:b1:c7:df:f5: 99:3d:01:54:9e:61:68:24:3f:98:d5:49:17:b4:9d: 78:b5:32:61:0c:a2:7b:21:71:0e:2d:6f:e8:42:55: a9:5d:3b:33:1f:ee:a9:ec:ed:61:d6:3b:4d:c9:9c: 06:ed:a0:84:50:3c:39:f1:c3:c5:b3:e2:ec:2c:90: cd:c3:b4:bc:3f:d3:52:c6:32:84:d8:3d:16:ad:a1: 9b:27:b5:63:d4:41:7d:22:99:55:c8:09:01:55:b6: 1c:4e:2e:30:48:da:f6:57:48:7a:0d:7c:4c:8d:a9: 1d:30:5e:ee:d7:0a:6d:6b:f1:59:f7:48:03:8a:af: c9:7a:c4:5d:f3:fd:9e:30:56:04:dc:44:cb:0e:1a: 53:a0:89:23:58:1d:5c:38:3d:33:3e:e0:16:05:3b: b5:93:20:c8:2d:58:1a:72:6a:55:8e:1f:b2:20:0a: 71:00:ac:be:26:7e:d5:c3:e7:ee:1e:85:78:e4:71: 4f:9b:aa:27:4d:e1:a8:ed:48:3d:8e:0e:4c:b9:99: c8:bf:bf:5c:2a:86:80:93:38:70:4a:43:6f:b4:8e: 73:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:38:6C:8A:03:19:CB:D0:D3:2B:EB:2C:11:32:8A:9B:72:2D:09:AC X509v3 Authority Key Identifier: keyid:B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:f7:c6:71:cc:48:6f:60:7a:a0:34:85:d3:7a:96:10:cc:83: ad:c8:9f:40:e2:61:37:83:fd:2f:3e:0c:f9:50:d5:cc:21:d5: 38:f9:c4:15:48:b2:a1:bb:18:2a:d1:d0:82:34:d5:2e:7a:0f: db:ed:ae:a1:1e:54:dd:42:d4:0d:03:a3:ef:10:a3:fc:83:fe: a3:a9:88:eb:d8:ec:d1:55:81:b9:36:d8:f7:68:7e:80:5b:c8: 27:44:5e:c9:3d:5b:ad:d6:6c:5c:a1:c8:e9:64:19:c2:70:2a: 77:03:44:46:1f:00:0d:1e:cc:e5:3e:44:8f:00:4f:d8:9a:1c: f8:22:b2:f8:a7:c2:35:3e:1e:9a:f1:e4:2b:aa:06:d5:3a:fd: 64:c7:a3:fe:16:f9:a3:5f:6f:c8:44:2f:be:f8:5c:82:17:a5: ed:bc:0b:52:64:62:49:2b:a7:32:5e:7f:9e:7f:eb:31:6c:06: 91:d2:f0:c3:cc:42:30:01:3d:77:aa:25:06:80:f5:d9:e3:cd: 95:80:77:87:30:83:0d:09:b5:f9:19:b4:b8:c3:3c:34:f2:a2: 7d:0d:46:96:81:06:2e:d3:1d:a7:65:c4:c0:e7:47:9d:bb:ff: c2:24:03:92:fe:39:76:02:33:59:ee:12:48:43:32:6c:e9:8a: 0a:60:11:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv00J9gPHnhPsHg2UPTFxfJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNzAxMzQ2YmFkNTVkZjdmNWRjODE4YmJiYmNmYmI3ZGIx MDcwYWIwHhcNMjYwMTI1MTEwMTExWhcNMjYwMTI2MTEwMTExWjAzMTEwLwYDVQQD EyhiNTM4NmM4YTAzMTljYmQwZDMyYmViMmMxMTMyOGE5YjcyMmQwOWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4gRYHDeGcviB0OKUsN58pFA6Gwk x8rLGZwpBWvrpBAAyvIpeNtYHbHH3/WZPQFUnmFoJD+Y1UkXtJ14tTJhDKJ7IXEO LW/oQlWpXTszH+6p7O1h1jtNyZwG7aCEUDw58cPFs+LsLJDNw7S8P9NSxjKE2D0W raGbJ7Vj1EF9IplVyAkBVbYcTi4wSNr2V0h6DXxMjakdMF7u1wpta/FZ90gDiq/J esRd8/2eMFYE3ETLDhpToIkjWB1cOD0zPuAWBTu1kyDILVgacmpVjh+yIApxAKy+ Jn7Vw+fuHoV45HFPm6onTeGo7Ug9jg5MuZnIv79cKoaAkzhwSkNvtI5z6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLU4bIoDGcvQ0yvrLBEyiptyLQmsMB8GA1UdIwQY MBaAFLBwE0a61V339dyBi7u8+7fbEHCrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzkt N2QxMWZjZjE3MTIzLzEvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzktN2QxMWZjZjE3MTIz LzEvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/fGccxI b2B6oDSF03qWEMyDrcifQOJhN4P9Lz4M+VDVzCHVOPnEFUiyobsYKtHQgjTVLnoP 2+2uoR5U3ULUDQOj7xCj/IP+o6mI69js0VWBuTbY92h+gFvIJ0ReyT1brdZsXKHI 6WQZwnAqdwNERh8ADR7M5T5EjwBP2Joc+CKy+KfCNT4emvHkK6oG1Tr9ZMej/hb5 o19vyEQvvvhcghel7bwLUmRiSSunMl5/nn/rMWwGkdLww8xCMAE9d6olBoD12ePN lYB3hzCDDQm1+Rm0uMM8NPKifQ1GloEGLtMdp2XEwOdHnbv/wiQDkv45dgIzWe4S SEMybOmKCmARyw== -----END CERTIFICATE-----Generated at Sun Jan 25 16:24:17 2026 by rpki-client