This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json) Hash identifier: PYkQ7nclVWpK0bFNM0rNHuXbmgeaEVGGGUEa6ZYeF9c= Subject key identifier: 86:7B:AE:6F:86:9E:50:0C:3D:19:AE:E8:DB:66:BF:F5:ED:1D:56:77 Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95 Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995 Certificate serial: 019BF72D4B643C49044B56C4DB0EB923B48E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft Manifest number: 17EA Signing time: Sun 25 Jan 2026 22:01:39 +0000 Manifest this update: Sun 25 Jan 2026 22:01:39 +0000 Manifest next update: Mon 26 Jan 2026 22:01:39 +0000 Files and hashes: 1: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: 0/LLz8RtHI0YvujDnRYWytyinPMOqAqPBE+Tt9A/pPE=) 2: hnuU_eck5x_jb8etQeMJYN7agCw.roa (hash: WjEdC6KQw2C4VlNncqPImg4Zkitm7oOt+PVE/RuPsE0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:4b:64:3c:49:04:4b:56:c4:db:0e:b9:23:b4:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995 Validity Not Before: Jan 25 22:01:39 2026 GMT Not After : Jan 26 22:01:39 2026 GMT Subject: CN=867bae6f869e500c3d19aee8db66bff5ed1d5677 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4c:d2:ee:7d:98:52:2a:95:a3:bc:8d:f0:c3: 56:17:a5:92:df:9f:75:c3:eb:e4:33:b5:ec:5a:6e: 96:f1:2f:47:cd:13:3d:73:cc:32:74:a8:6e:d5:3b: 50:6b:cc:8d:c7:94:d2:ae:46:19:1a:72:4e:85:9d: a9:c5:b4:6c:b4:ce:59:1d:fe:f6:c8:99:e5:76:25: 4a:2e:8c:a9:3f:7f:23:27:e1:9f:23:db:86:e5:8d: 5f:c0:f3:b6:95:c1:48:5d:e2:6f:2c:d9:18:52:f2: 40:02:c3:74:df:37:9b:97:46:73:8c:72:c6:f3:c6: a9:7c:5e:e9:8b:1f:e3:c1:6d:20:7b:80:80:d1:9e: 0f:da:11:d7:b5:37:bb:ed:17:35:f1:67:e0:51:78: d6:e7:8c:5c:14:a7:07:8c:26:4b:55:f9:ad:4c:b8: 1d:13:cd:aa:f1:ed:93:14:54:61:e2:b3:28:c4:55: 44:2c:27:56:62:4e:de:17:0f:fd:a3:53:bf:64:f5: f9:4a:cf:80:9e:5b:99:fa:ae:5d:89:70:e3:d0:4a: a5:15:70:0c:a3:75:c8:ea:a2:31:f9:c2:cb:f6:96: 97:41:7a:11:c6:87:c9:bf:b2:02:f5:c9:aa:6e:69: ab:7d:6c:ba:ff:a3:71:80:7d:99:b6:dc:6a:fd:0a: 62:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:7B:AE:6F:86:9E:50:0C:3D:19:AE:E8:DB:66:BF:F5:ED:1D:56:77 X509v3 Authority Key Identifier: keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:d9:58:e4:ce:5d:dd:fa:4b:41:33:68:eb:dd:1e:51:7c:8a: b8:17:ce:6e:f5:64:5e:f3:b2:e6:7e:e3:ca:9c:94:ba:7d:48: 9e:2a:e8:b8:30:1d:bc:e0:ab:3f:37:c4:d1:27:c8:75:d9:05: 83:a2:2f:54:a0:83:7e:66:3d:21:be:5d:51:7f:85:0e:2d:f8: 52:b6:31:44:84:6c:6f:dd:c2:1f:2d:e1:99:23:5c:31:7b:4e: b4:85:45:60:3b:28:26:1e:0f:99:02:db:24:81:9d:39:82:f3: 6d:f5:b9:5f:94:2e:67:3f:fd:88:48:bd:69:21:cc:f8:e8:dd: 6c:8b:2f:11:f9:fb:4f:b5:4a:f6:ca:70:8f:ad:ae:89:c5:1b: a0:55:0d:c4:53:e5:3d:a7:b1:da:74:8d:9e:8f:40:2b:53:3f: f5:fd:75:c0:1b:2d:d8:e2:f1:24:b6:e1:ad:85:92:e7:ff:90: 04:19:0b:cd:fd:2f:52:fb:cb:52:e2:09:ec:28:1c:2e:c4:27: db:b5:d7:1e:b0:df:29:47:9f:fb:2c:11:9a:37:9c:01:74:4f: 01:b3:88:d6:7e:70:b8:a9:05:b0:56:dd:35:25:6d:26:ea:ac: ab:e6:58:30:e9:cb:33:0a:b6:cf:f8:a5:79:5d:40:7b:f9:d2: 16:08:59:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LUtkPEkES1bE2w65I7SOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm MDc5OTUwHhcNMjYwMTI1MjIwMTM5WhcNMjYwMTI2MjIwMTM5WjAzMTEwLwYDVQQD Eyg4NjdiYWU2Zjg2OWU1MDBjM2QxOWFlZThkYjY2YmZmNWVkMWQ1Njc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0zS7n2YUiqVo7yN8MNWF6WS3591 w+vkM7XsWm6W8S9HzRM9c8wydKhu1TtQa8yNx5TSrkYZGnJOhZ2pxbRstM5ZHf72 yJnldiVKLoypP38jJ+GfI9uG5Y1fwPO2lcFIXeJvLNkYUvJAAsN03zebl0ZzjHLG 88apfF7pix/jwW0ge4CA0Z4P2hHXtTe77Rc18WfgUXjW54xcFKcHjCZLVfmtTLgd E82q8e2TFFRh4rMoxFVELCdWYk7eFw/9o1O/ZPX5Ss+AnluZ+q5diXDj0EqlFXAM o3XI6qIx+cLL9paXQXoRxofJv7IC9cmqbmmrfWy6/6NxgH2Zttxq/QpitwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIZ7rm+GnlAMPRmu6Ntmv/XtHVZ3MB8GA1UdIwQY MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGNlY5M5d 3fpLQTNo690eUXyKuBfObvVkXvOy5n7jypyUun1InirouDAdvOCrPzfE0SfIddkF g6IvVKCDfmY9Ib5dUX+FDi34UrYxRIRsb93CHy3hmSNcMXtOtIVFYDsoJh4PmQLb JIGdOYLzbfW5X5QuZz/9iEi9aSHM+OjdbIsvEfn7T7VK9spwj62uicUboFUNxFPl Paex2nSNno9AK1M/9f11wBst2OLxJLbhrYWS5/+QBBkLzf0vUvvLUuIJ7CgcLsQn 27XXHrDfKUef+ywRmjecAXRPAbOI1n5wuKkFsFbdNSVtJuqsq+ZYMOnLMwq2z/il eV1Ae/nSFghZ7A== -----END CERTIFICATE-----Generated at Mon Jan 26 08:42:25 2026 by rpki-client