This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft File: 0kSCMx_jdh3lOpm9N8j9am-foAc.mft (raw, json) Hash identifier: KQB17Y8P49hKLeSUYD6Qi4ZuD+w8gS7J8FYzhd1XeHI= Subject key identifier: E1:67:BB:DB:A7:0D:7F:09:E1:CD:9E:D0:11:C8:8D:32:C7:E5:F0:8D Authority key identifier: D2:44:82:33:1F:E3:76:1D:E5:3A:99:BD:37:C8:FD:6A:6F:9F:A0:07 Certificate issuer: /CN=d24482331fe3761de53a99bd37c8fd6a6f9fa007 Certificate serial: 019BF79AAEB110481574A6C13FB87B148F89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft Manifest number: 021C Signing time: Mon 26 Jan 2026 00:01:08 +0000 Manifest this update: Mon 26 Jan 2026 00:01:08 +0000 Manifest next update: Tue 27 Jan 2026 00:01:08 +0000 Files and hashes: 1: 0kSCMx_jdh3lOpm9N8j9am-foAc.crl (hash: 3wT0hIvyzb5721XACCtH/rS+yZRLAqf4FVXHuZoOSmY=) 2: iEJQwLdxS0IxuOaEeOzSHydGpSo.roa (hash: Xj6y/UERT3eVvhXQlqkmNoZn9cVGobnGl6x9D/dBts8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.crl rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:9a:ae:b1:10:48:15:74:a6:c1:3f:b8:7b:14:8f:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d24482331fe3761de53a99bd37c8fd6a6f9fa007 Validity Not Before: Jan 26 00:01:08 2026 GMT Not After : Jan 27 00:01:08 2026 GMT Subject: CN=e167bbdba70d7f09e1cd9ed011c88d32c7e5f08d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:88:16:d9:06:6e:ba:c3:47:28:9b:b8:82:ca: 1f:77:18:d8:99:85:4f:92:4c:d3:b6:b8:a5:67:34: ba:59:a2:2f:57:c5:65:0e:a2:a9:d4:34:4b:50:56: 1f:17:c7:54:63:16:d0:f7:3d:5d:ce:93:9c:fb:c3: 5a:ca:c4:7f:9c:3c:e1:79:c9:b4:be:82:62:46:a0: 87:f2:57:a3:cb:cc:98:e3:0d:c3:00:00:cc:54:4d: d5:7a:92:cb:a4:80:a2:a4:44:d9:9e:8c:71:6f:83: 39:14:01:79:f6:51:fd:46:23:68:49:a4:99:37:e8: fb:05:3f:9e:bb:a9:ae:19:be:dc:67:96:fd:85:f1: 4b:de:95:2c:d2:ea:2b:84:e9:b8:82:74:9c:a7:0a: bb:06:b3:e0:cf:dc:00:06:8e:c1:ff:64:99:43:fb: e4:e7:c6:7d:5a:3f:46:b4:98:a1:aa:8b:ea:95:89: 26:0d:c6:85:37:94:e8:ce:b2:3e:3b:65:b1:25:14: 1c:0c:19:9f:7c:e8:88:2d:d9:87:f4:fd:bb:03:18: 8e:89:23:59:8f:a0:9c:3b:bb:88:d4:57:bf:6f:e7: 9b:0d:26:70:1d:db:4b:d8:41:fd:19:e1:6d:37:19: cb:e0:31:d8:27:63:17:e0:d8:38:4d:70:b8:9b:fc: 20:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:67:BB:DB:A7:0D:7F:09:E1:CD:9E:D0:11:C8:8D:32:C7:E5:F0:8D X509v3 Authority Key Identifier: keyid:D2:44:82:33:1F:E3:76:1D:E5:3A:99:BD:37:C8:FD:6A:6F:9F:A0:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:58:bb:cd:36:95:bd:03:f7:28:59:73:a3:fb:68:7d:94:f4: 52:75:37:29:68:3d:6e:21:23:c6:d9:b1:29:96:14:84:5a:34: 2e:34:16:0d:a8:18:08:df:b3:70:90:6e:e7:8b:bf:f3:14:aa: 6e:85:e5:cf:9c:2f:58:6c:ef:2f:9e:a7:1d:3d:b1:10:62:06: 96:e4:18:d0:c7:48:e9:a4:1c:25:cd:8c:98:62:b5:4f:b0:12: 65:e4:3d:5f:a8:1c:81:56:91:58:3f:a2:0a:11:07:65:1b:34: b4:41:3c:68:39:4c:75:e3:ca:7a:e5:bf:5e:2d:62:53:1d:7a: bb:f9:94:d2:be:88:5e:9a:05:49:86:f4:62:d3:38:51:2b:93: 4e:8d:55:13:92:ce:39:d6:d4:90:46:07:99:19:92:e9:e7:8b: 25:e2:46:fc:df:0b:fc:7f:fb:46:f8:1c:3e:79:57:cc:da:6f: 07:5d:8e:2a:72:c0:8b:90:df:bc:d5:9e:ff:d2:bf:81:d4:20: 90:ef:e5:52:9f:c3:92:2e:d2:1c:46:05:f5:47:68:a3:73:69: 2e:8a:d6:af:61:b0:e2:f5:b6:55:85:88:4b:74:13:28:5c:6f: 42:c3:87:a8:12:fb:f5:9b:1c:6d:2d:1a:4c:bd:cf:1e:8b:6a: 85:f3:4b:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3mq6xEEgVdKbBP7h7FI+JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNDQ4MjMzMWZlMzc2MWRlNTNhOTliZDM3YzhmZDZhNmY5 ZmEwMDcwHhcNMjYwMTI2MDAwMTA4WhcNMjYwMTI3MDAwMTA4WjAzMTEwLwYDVQQD EyhlMTY3YmJkYmE3MGQ3ZjA5ZTFjZDllZDAxMWM4OGQzMmM3ZTVmMDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IgW2QZuusNHKJu4gsofdxjYmYVP kkzTtrilZzS6WaIvV8VlDqKp1DRLUFYfF8dUYxbQ9z1dzpOc+8NaysR/nDzhecm0 voJiRqCH8lejy8yY4w3DAADMVE3VepLLpICipETZnoxxb4M5FAF59lH9RiNoSaSZ N+j7BT+eu6muGb7cZ5b9hfFL3pUs0uorhOm4gnScpwq7BrPgz9wABo7B/2SZQ/vk 58Z9Wj9GtJihqovqlYkmDcaFN5TozrI+O2WxJRQcDBmffOiILdmH9P27AxiOiSNZ j6CcO7uI1Fe/b+ebDSZwHdtL2EH9GeFtNxnL4DHYJ2MX4Ng4TXC4m/wg2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOFnu9unDX8J4c2e0BHIjTLH5fCNMB8GA1UdIwQY MBaAFNJEgjMf43Yd5TqZvTfI/Wpvn6AHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yNWI2MWItMzdlOS00NDA4LWFjYzEt ODdjMDNjZGQ3ZjlmLzEvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi8yNWI2MWItMzdlOS00NDA4LWFjYzEtODdjMDNjZGQ3Zjlm LzEvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkVi7zTaV vQP3KFlzo/tofZT0UnU3KWg9biEjxtmxKZYUhFo0LjQWDagYCN+zcJBu54u/8xSq boXlz5wvWGzvL56nHT2xEGIGluQY0MdI6aQcJc2MmGK1T7ASZeQ9X6gcgVaRWD+i ChEHZRs0tEE8aDlMdePKeuW/Xi1iUx16u/mU0r6IXpoFSYb0YtM4USuTTo1VE5LO OdbUkEYHmRmS6eeLJeJG/N8L/H/7RvgcPnlXzNpvB12OKnLAi5DfvNWe/9K/gdQg kO/lUp/Dki7SHEYF9Udoo3NpLorWr2Gw4vW2VYWIS3QTKFxvQsOHqBL79ZscbS0a TL3PHotqhfNLkg== -----END CERTIFICATE-----Generated at Mon Jan 26 04:24:12 2026 by rpki-client