This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json) Hash identifier: 5XIvN9zj2lBj96mhxwQozoUextuy71J8Vj5Q8nNtIVM= Subject key identifier: 01:68:F9:64:5C:CD:44:D4:66:FA:75:55:4E:23:E8:65:36:C8:9E:77 Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Certificate serial: 019BF79A2DBD9DF59BA2391CAD95B1A9B665 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft Manifest number: 1716 Signing time: Mon 26 Jan 2026 00:00:35 +0000 Manifest this update: Mon 26 Jan 2026 00:00:35 +0000 Manifest next update: Tue 27 Jan 2026 00:00:35 +0000 Files and hashes: 1: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: ZwVJY9LpdZ5oFbjC7H/i+H1hBr3ccAkNDb03NoljljU=) 2: aJRCmul5cvMFEkfsWwNh6YKtWg0.roa (hash: scsks3FGlAv25a5TwoetFCR7muYAvHPLPp8bABvEfPI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:9a:2d:bd:9d:f5:9b:a2:39:1c:ad:95:b1:a9:b6:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87 Validity Not Before: Jan 26 00:00:35 2026 GMT Not After : Jan 27 00:00:35 2026 GMT Subject: CN=0168f9645ccd44d466fa75554e23e86536c89e77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:f6:6d:a9:bb:a7:68:e0:bf:86:2c:cb:1b:71: 35:48:f9:b3:8e:89:9a:3c:b0:48:bc:ef:97:4d:bf: 36:c5:7b:ff:a6:93:da:86:f3:a5:bf:0a:2b:89:d9: 73:d7:29:d5:30:6c:e5:2e:26:61:cf:cd:85:89:2b: 24:7e:e8:df:8f:36:65:10:48:08:ef:14:9b:d4:0e: 09:3d:7c:61:bf:cc:7d:1e:dd:19:2b:94:8d:b8:97: 8e:1b:9c:37:fe:f6:47:26:cb:6c:e0:f9:c4:09:9d: d4:45:27:9a:bf:6b:0e:d5:c9:62:07:79:f9:d6:f3: f9:33:d6:bc:8d:35:53:bd:69:9c:6c:20:d0:08:12: d2:e0:51:55:73:c3:ab:8f:91:5c:b5:50:22:3a:88: ca:96:b4:b6:e5:82:da:d4:8c:7d:c7:82:f4:75:2c: 07:35:78:10:a3:df:5f:6e:6e:5d:2b:ee:e2:38:09: ef:39:50:29:c3:f0:58:39:c9:d5:70:f2:73:90:2e: 12:25:84:63:96:24:de:f2:87:31:c2:3b:50:85:26: 54:ed:0e:a3:f2:5e:14:95:7f:68:49:ed:49:17:a0: 56:bb:98:39:90:c3:f8:0f:93:c4:2f:13:3c:92:ef: df:83:ed:3a:87:39:cb:51:7a:c7:fa:ea:71:8f:57: 84:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:68:F9:64:5C:CD:44:D4:66:FA:75:55:4E:23:E8:65:36:C8:9E:77 X509v3 Authority Key Identifier: keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:92:72:c1:fd:ec:c6:2a:1e:7a:b1:a0:9c:02:d4:ab:1f:93: df:a5:6f:a1:22:6d:6c:dd:ab:44:67:b1:0e:63:a0:89:c6:54: ea:49:6f:7c:7f:49:e9:f6:4a:9e:14:d5:c1:94:5c:ca:ba:b9: 98:56:8f:fa:1a:ed:23:59:f6:a0:47:19:78:82:33:46:22:75: 3a:99:b3:47:df:52:30:09:bd:db:aa:f1:50:96:af:ed:55:8b: 45:de:5a:df:4a:6e:df:09:db:d1:7a:c1:63:ce:0c:11:d5:cf: 76:b7:9d:54:2a:f3:31:6b:d6:f2:10:b9:79:40:99:06:5c:83: 5a:bc:04:70:12:06:ee:4a:d7:96:a5:e3:7a:b0:c1:f8:1e:00: 3f:e9:a8:be:09:94:9b:5a:d4:6b:65:88:53:c2:d7:a5:d3:14: 36:2d:e6:7c:28:c0:42:c1:43:36:cb:6e:d7:47:7e:7e:ef:45: e3:07:21:1e:3e:89:3a:43:d5:ef:06:54:d8:95:6a:19:3a:03: 16:b7:be:6f:9f:e7:f9:92:1f:45:f2:74:84:77:cb:a5:b0:f5: f7:97:12:ee:e7:6b:bf:38:9e:36:04:3e:d4:45:87:4b:6b:cc: 45:81:4c:39:aa:e0:fb:1e:e6:77:2d:19:a2:71:25:2d:95:1b: 67:32:cb:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3mi29nfWbojkcrZWxqbZlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl NzVkODcwHhcNMjYwMTI2MDAwMDM1WhcNMjYwMTI3MDAwMDM1WjAzMTEwLwYDVQQD EygwMTY4Zjk2NDVjY2Q0NGQ0NjZmYTc1NTU0ZTIzZTg2NTM2Yzg5ZTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vZtqbunaOC/hizLG3E1SPmzjoma PLBIvO+XTb82xXv/ppPahvOlvworidlz1ynVMGzlLiZhz82FiSskfujfjzZlEEgI 7xSb1A4JPXxhv8x9Ht0ZK5SNuJeOG5w3/vZHJsts4PnECZ3URSeav2sO1cliB3n5 1vP5M9a8jTVTvWmcbCDQCBLS4FFVc8Orj5FctVAiOojKlrS25YLa1Ix9x4L0dSwH NXgQo99fbm5dK+7iOAnvOVApw/BYOcnVcPJzkC4SJYRjliTe8ocxwjtQhSZU7Q6j 8l4UlX9oSe1JF6BWu5g5kMP4D5PELxM8ku/fg+06hznLUXrH+upxj1eEswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAFo+WRczUTUZvp1VU4j6GU2yJ53MB8GA1UdIwQY MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5Jywf3s xioeerGgnALUqx+T36VvoSJtbN2rRGexDmOgicZU6klvfH9J6fZKnhTVwZRcyrq5 mFaP+hrtI1n2oEcZeIIzRiJ1OpmzR99SMAm926rxUJav7VWLRd5a30pu3wnb0XrB Y84MEdXPdredVCrzMWvW8hC5eUCZBlyDWrwEcBIG7krXlqXjerDB+B4AP+movgmU m1rUa2WIU8LXpdMUNi3mfCjAQsFDNstu10d+fu9F4wchHj6JOkPV7wZU2JVqGToD Fre+b5/n+ZIfRfJ0hHfLpbD195cS7udrvzieNgQ+1EWHS2vMRYFMOarg+x7mdy0Z onElLZUbZzLL9Q== -----END CERTIFICATE-----Generated at Mon Jan 26 05:12:58 2026 by rpki-client