This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft File: zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json) Hash identifier: j+PDjU1drGOqpaag6eLBra0NixH+ehX23/yzUQpDNAk= Subject key identifier: 75:4D:CD:DE:C4:00:03:85:B6:18:04:74:8B:79:A9:5A:3D:1E:4B:27 Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 Certificate issuer: /CN=ce49fc134b706542caf1a1efbe034f7011b49436 Certificate serial: 019BF57567C720A36767B4D29C5FB6D47DBE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft Manifest number: 0710 Signing time: Sun 25 Jan 2026 14:01:10 +0000 Manifest this update: Sun 25 Jan 2026 14:01:10 +0000 Manifest next update: Mon 26 Jan 2026 14:01:10 +0000 Files and hashes: 1: jv18kUzHEBlDlkIHJKkxODrKqc0.roa (hash: wdFZODPpunDdGOXTc+SSGtgRA0zL9y523IFxS0/YWn0=) 2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: xynUBnhFYfjErcE/b0R4FxCugXJiBsNiT7q0FLz7oKw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:75:67:c7:20:a3:67:67:b4:d2:9c:5f:b6:d4:7d:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436 Validity Not Before: Jan 25 14:01:10 2026 GMT Not After : Jan 26 14:01:10 2026 GMT Subject: CN=754dcddec4000385b61804748b79a95a3d1e4b27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:02:a3:78:ec:f9:9f:f3:fd:00:af:10:a0:04: 63:08:43:a8:80:b0:4a:08:bd:7e:91:90:21:18:e4: 36:be:85:fa:8f:b6:e9:89:63:1b:65:db:00:57:a5: d0:e0:cd:ac:d2:73:61:ae:39:d3:ac:41:0b:d8:2c: 20:32:e0:fb:40:56:96:48:ac:e5:a6:05:4a:6d:34: 79:99:5f:41:d7:22:49:07:0f:01:1b:28:0a:05:01: ab:8f:fa:e5:be:cd:90:4c:24:98:49:67:e5:95:fb: 26:03:c4:42:ad:98:f2:52:01:e8:25:9f:da:2f:56: 22:66:74:59:db:50:db:46:d9:5e:57:ac:a8:bb:cc: d9:44:b7:45:aa:35:6f:46:d3:67:4b:7f:89:34:19: ea:84:75:8d:3f:ea:c0:11:c2:b1:fb:d1:3f:bc:f3: 46:4e:0d:bc:54:a9:9f:97:fa:77:44:34:dc:cf:d2: 25:c6:23:93:3e:c1:84:9a:f3:31:fa:93:b6:0e:49: 33:1f:c5:c8:f5:c8:96:d8:34:1a:f6:d3:03:02:88: 1c:00:06:07:fe:9d:01:c5:5b:9e:e9:91:7d:25:ed: 26:60:a9:83:a5:b3:a2:60:7d:9a:15:dd:a0:b2:17: 59:b8:6b:25:39:90:fa:5a:d9:86:3a:68:11:c0:cf: 82:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:4D:CD:DE:C4:00:03:85:B6:18:04:74:8B:79:A9:5A:3D:1E:4B:27 X509v3 Authority Key Identifier: keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:d7:c5:be:03:7a:e5:26:0b:34:f7:86:62:a7:99:21:63:43: c5:6c:c6:eb:67:0c:da:2b:f9:dd:0b:d3:e2:06:23:9a:3b:b4: 89:f2:8b:db:86:6a:74:2a:f4:5a:9a:c8:a7:64:9d:e3:bc:45: fa:e8:45:21:a2:03:cc:02:2e:ed:73:61:10:24:69:f6:5f:bb: e0:9c:e2:4a:59:48:23:92:51:c2:70:f8:94:8a:76:b8:37:e3: 51:d2:24:4f:98:fd:c2:b4:49:06:88:05:09:eb:7c:b6:95:05: ef:ba:a2:f9:8e:f7:fe:f4:c7:0d:87:cf:9b:c9:b7:00:70:6a: 6e:c7:b1:2d:60:f5:41:6a:24:a9:a8:cf:28:67:4b:bd:62:fa: 2b:e2:01:6a:91:1b:22:e8:d3:63:56:83:3a:55:3f:b5:84:73: ae:a7:7c:0b:0a:f8:43:f9:78:e9:34:12:76:08:e4:e7:40:bc: 89:b5:6d:e6:ff:a7:03:cf:d3:12:2d:51:b1:55:38:a0:3e:78: 59:5f:23:66:e8:61:83:66:eb:28:de:ab:f8:da:ac:48:37:0c: db:be:df:24:b0:4c:32:66:f9:21:42:8c:98:61:83:4b:94:4c: d2:c9:86:12:44:e8:85:75:20:10:42:98:14:d1:7a:7a:9d:b8: 75:91:ea:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1dWfHIKNnZ7TSnF+21H2+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi NDk0MzYwHhcNMjYwMTI1MTQwMTEwWhcNMjYwMTI2MTQwMTEwWjAzMTEwLwYDVQQD Eyg3NTRkY2RkZWM0MDAwMzg1YjYxODA0NzQ4Yjc5YTk1YTNkMWU0YjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQKjeOz5n/P9AK8QoARjCEOogLBK CL1+kZAhGOQ2voX6j7bpiWMbZdsAV6XQ4M2s0nNhrjnTrEEL2CwgMuD7QFaWSKzl pgVKbTR5mV9B1yJJBw8BGygKBQGrj/rlvs2QTCSYSWfllfsmA8RCrZjyUgHoJZ/a L1YiZnRZ21DbRtleV6you8zZRLdFqjVvRtNnS3+JNBnqhHWNP+rAEcKx+9E/vPNG Tg28VKmfl/p3RDTcz9IlxiOTPsGEmvMx+pO2DkkzH8XI9ciW2DQa9tMDAogcAAYH /p0BxVue6ZF9Je0mYKmDpbOiYH2aFd2gshdZuGslOZD6WtmGOmgRwM+CowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHVNzd7EAAOFthgEdIt5qVo9HksnMB8GA1UdIwQY MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABdfFvgN6 5SYLNPeGYqeZIWNDxWzG62cM2iv53QvT4gYjmju0ifKL24ZqdCr0WprIp2Sd47xF +uhFIaIDzAIu7XNhECRp9l+74JziSllII5JRwnD4lIp2uDfjUdIkT5j9wrRJBogF Cet8tpUF77qi+Y73/vTHDYfPm8m3AHBqbsexLWD1QWokqajPKGdLvWL6K+IBapEb IujTY1aDOlU/tYRzrqd8Cwr4Q/l46TQSdgjk50C8ibVt5v+nA8/TEi1RsVU4oD54 WV8jZuhhg2brKN6r+NqsSDcM277fJLBMMmb5IUKMmGGDS5RM0smGEkTohXUgEEKY FNF6ep24dZHqeg== -----END CERTIFICATE-----Generated at Sun Jan 25 19:24:55 2026 by rpki-client