This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft File: Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json) Hash identifier: ECRpojRxtLYDtwTkvYOxKplNRkWjoDEOMT1IvjzQKHU= Subject key identifier: CB:D2:0B:45:B9:3F:FC:1B:4C:E9:EE:56:13:9A:CB:79:C9:C3:74:CC Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85 Certificate issuer: /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85 Certificate serial: 019BF42BC7F279954768E15CF0438396B0A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft Manifest number: 03CC Signing time: Sun 25 Jan 2026 08:01:08 +0000 Manifest this update: Sun 25 Jan 2026 08:01:08 +0000 Manifest next update: Mon 26 Jan 2026 08:01:08 +0000 Files and hashes: 1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: iEHomdojOY8nHXg1J+yOiL2Yyv1csJoJV3vPs7qR2Pc=) 2: m1FgC_uB4h1eEkeEsgOeeKgc-D8.asa (hash: Lgsi1P76MGixnlSYLkqlowZ1I35F9xwj9pmnAksLG6U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:2b:c7:f2:79:95:47:68:e1:5c:f0:43:83:96:b0:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85 Validity Not Before: Jan 25 08:01:08 2026 GMT Not After : Jan 26 08:01:08 2026 GMT Subject: CN=cbd20b45b93ffc1b4ce9ee56139acb79c9c374cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5a:a4:21:cf:28:72:4f:d4:2a:1e:64:10:63: b2:9d:64:de:b1:39:dc:5e:cc:9f:5f:49:46:74:77: 33:10:9f:95:57:e2:8f:19:a7:ad:b9:7c:10:f2:3d: 11:4f:29:84:c3:cf:4a:33:cb:e3:8f:9d:b7:9a:59: 0f:f9:01:ff:82:46:4e:07:be:35:2f:17:03:c7:89: 11:dc:79:02:75:b7:98:ba:3e:8d:02:8e:0a:06:00: 92:74:ad:68:38:75:10:ca:ab:9f:a7:c4:77:a4:f7: 15:43:4c:85:aa:c9:2d:f4:73:b2:3c:40:f1:3e:93: 20:c1:62:07:28:9b:37:55:f6:35:0d:00:d3:6e:e5: 76:f0:ee:dc:cb:8e:23:fb:3a:8e:7c:19:b5:0c:97: 93:6c:93:91:9e:3c:9f:13:2b:af:89:90:5f:30:35: bc:68:c0:db:6a:6d:a9:75:e8:d7:65:e9:4a:be:07: f9:40:bd:76:4e:12:d8:e5:d8:d7:f7:79:d7:60:59: 21:ca:34:2a:e3:fd:d7:4b:e1:8a:a7:c4:54:6c:6e: fa:72:93:5f:81:0b:f0:d3:e2:fa:46:07:04:92:33: 08:98:16:55:85:8f:7e:8f:1a:f0:39:fb:67:d6:bd: 09:53:b6:8f:39:ff:75:9a:20:a4:c1:bf:09:98:5d: 9b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:D2:0B:45:B9:3F:FC:1B:4C:E9:EE:56:13:9A:CB:79:C9:C3:74:CC X509v3 Authority Key Identifier: keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:c9:ce:21:1c:60:e7:d5:7f:60:27:d2:70:53:f8:5e:4b:9f: 5c:73:a7:a1:04:a0:70:9b:57:28:eb:38:0d:da:ee:08:61:d7: 89:42:76:48:37:f2:7c:81:d7:b9:09:39:6e:4e:b3:f6:ec:b4: c4:07:25:03:e0:84:54:bf:96:d2:d7:97:f7:48:99:fb:2c:07: 32:a0:9d:ad:e6:11:78:c7:ce:cb:eb:b2:0f:8f:00:78:43:f7: 08:af:7e:f2:2d:c8:9d:64:f4:8f:56:06:7f:24:f9:3d:6b:62: 5d:d9:2d:7b:c9:4b:87:96:c1:9f:f1:4a:49:21:7e:4b:5d:83: 61:e9:76:a2:7a:73:ea:e7:39:d4:7e:b1:e7:ae:96:1f:c8:36: be:d2:33:7c:c7:16:90:f7:1c:bb:7e:12:99:59:79:ab:d0:ed: 80:73:ea:ae:ff:9d:31:40:62:e4:ba:6c:de:8a:39:67:85:4f: 50:50:7d:eb:e8:51:76:e0:3e:c5:97:bc:71:92:5e:80:19:1d: b5:cc:85:4e:89:05:f1:14:19:25:92:5c:bc:0f:5b:de:97:ca: 5f:d0:67:e4:02:17:a5:ab:41:81:53:64:36:17:55:77:53:9e: 7a:cc:1e:90:4e:2c:67:d4:e7:35:d6:96:40:35:1a:54:0e:07: b3:0e:83:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0K8fyeZVHaOFc8EODlrCnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3 OTJmODUwHhcNMjYwMTI1MDgwMTA4WhcNMjYwMTI2MDgwMTA4WjAzMTEwLwYDVQQD EyhjYmQyMGI0NWI5M2ZmYzFiNGNlOWVlNTYxMzlhY2I3OWM5YzM3NGNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lqkIc8ock/UKh5kEGOynWTesTnc XsyfX0lGdHczEJ+VV+KPGaetuXwQ8j0RTymEw89KM8vjj523mlkP+QH/gkZOB741 LxcDx4kR3HkCdbeYuj6NAo4KBgCSdK1oOHUQyqufp8R3pPcVQ0yFqskt9HOyPEDx PpMgwWIHKJs3VfY1DQDTbuV28O7cy44j+zqOfBm1DJeTbJORnjyfEyuviZBfMDW8 aMDbam2pdejXZelKvgf5QL12ThLY5djX93nXYFkhyjQq4/3XS+GKp8RUbG76cpNf gQvw0+L6RgcEkjMImBZVhY9+jxrwOftn1r0JU7aPOf91miCkwb8JmF2brwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMvSC0W5P/wbTOnuVhOay3nJw3TMMB8GA1UdIwQY MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5 LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8nOIRxg 59V/YCfScFP4XkufXHOnoQSgcJtXKOs4DdruCGHXiUJ2SDfyfIHXuQk5bk6z9uy0 xAclA+CEVL+W0teX90iZ+ywHMqCdreYReMfOy+uyD48AeEP3CK9+8i3InWT0j1YG fyT5PWtiXdkte8lLh5bBn/FKSSF+S12DYel2onpz6uc51H6x566WH8g2vtIzfMcW kPccu34SmVl5q9DtgHPqrv+dMUBi5Lps3oo5Z4VPUFB96+hRduA+xZe8cZJegBkd tcyFTokF8RQZJZJcvA9b3pfKX9Bn5AIXpatBgVNkNhdVd1OeeswekE4sZ9TnNdaW QDUaVA4Hsw6DbQ== -----END CERTIFICATE-----Generated at Sun Jan 25 16:46:10 2026 by rpki-client