This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft File: 4HG570GlOChYzZ7vmKf7nRJqpK4.mft (raw, json) Hash identifier: CcszYRhi/fbaWj0QHTuVcFd1vJxs53pFQ6dDeVOF+FU= Subject key identifier: 00:81:F8:EE:2A:05:AB:A1:D9:FB:E3:11:D4:D6:E3:D8:FC:AD:70:0C Authority key identifier: E0:71:B9:EF:41:A5:38:28:58:CD:9E:EF:98:A7:FB:9D:12:6A:A4:AE Certificate issuer: /CN=e071b9ef41a5382858cd9eef98a7fb9d126aa4ae Certificate serial: 019BF763B9F27BF7489432487DB77BB0B9F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft Manifest number: 0512 Signing time: Sun 25 Jan 2026 23:01:06 +0000 Manifest this update: Sun 25 Jan 2026 23:01:06 +0000 Manifest next update: Mon 26 Jan 2026 23:01:06 +0000 Files and hashes: 1: 4HG570GlOChYzZ7vmKf7nRJqpK4.crl (hash: LFO9aIvHmWKeLgUi9S6SPVkrA3KPY55jL8vflKCQoRs=) 2: JqYIovUOhpMaXbCswunFuuxrXZA.roa (hash: pzyg9bet0YZqCdKyQjx/ZoPH6pBnBtJrgE7rSpscrOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:63:b9:f2:7b:f7:48:94:32:48:7d:b7:7b:b0:b9:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e071b9ef41a5382858cd9eef98a7fb9d126aa4ae Validity Not Before: Jan 25 23:01:06 2026 GMT Not After : Jan 26 23:01:06 2026 GMT Subject: CN=0081f8ee2a05aba1d9fbe311d4d6e3d8fcad700c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b5:f0:16:1c:39:49:ed:34:d8:37:0d:38:af: 06:00:0d:85:13:bb:a1:c0:7b:5e:92:31:6c:45:88: 39:aa:ec:e0:05:be:9c:bf:c8:b7:04:f0:e2:7a:dd: 78:9e:1f:8e:ff:bc:e0:5a:aa:65:46:cb:54:98:b3: ab:61:c8:28:d3:08:c5:52:fa:bf:3d:84:97:34:50: 1d:98:5c:fd:59:97:46:6c:b3:8f:22:14:8f:45:0d: c2:c5:46:87:28:7d:db:df:4b:7d:2a:53:ab:ba:34: 76:ba:c6:b1:b4:cb:dd:6a:8e:c1:bf:e4:29:2d:ef: 36:56:35:fb:6f:80:d3:6d:93:c5:7e:bd:61:6e:6a: 6c:4e:af:92:c9:b1:9a:24:7f:56:d7:4a:44:35:b2: 14:2e:c7:03:ae:2b:1c:22:06:4c:15:95:ff:ec:1c: c0:87:88:32:6d:e2:aa:0e:62:bb:60:50:74:23:04: bc:85:34:dc:36:0c:e1:2a:f8:a5:6a:c8:5f:a2:85: 4e:31:dd:60:79:a0:0a:4d:5f:82:b1:05:d7:25:91: 7f:92:36:2c:a4:ce:32:44:b2:b4:ef:b2:15:82:df: 06:b4:9f:ea:02:47:9f:1e:cb:4a:49:2e:23:a1:d3: e2:2f:aa:b5:f5:5e:fb:5c:1c:9e:2b:f6:2b:50:2b: 34:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:81:F8:EE:2A:05:AB:A1:D9:FB:E3:11:D4:D6:E3:D8:FC:AD:70:0C X509v3 Authority Key Identifier: keyid:E0:71:B9:EF:41:A5:38:28:58:CD:9E:EF:98:A7:FB:9D:12:6A:A4:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:58:9d:5b:2c:b8:dc:43:21:38:db:16:d2:f6:c4:43:36:1e: 83:21:32:96:ae:cb:fd:61:f4:24:e5:f4:c1:e8:36:05:73:20: 54:db:62:2e:f0:72:ea:30:b4:25:a2:c2:aa:5d:cd:66:d7:61: ee:29:99:c5:52:11:51:e4:7f:81:22:c6:f2:5d:3b:bc:98:eb: 80:1c:9d:5b:f0:29:8b:60:9c:e5:7f:85:85:7a:22:2b:4e:13: 84:f0:c1:59:80:d6:9d:dc:68:9f:92:23:a4:8b:13:c5:88:6a: e4:04:d8:ce:32:2b:d1:11:38:05:b3:39:7b:8e:e6:39:13:d1: 0f:5f:31:51:59:a6:64:25:d8:94:a5:2a:99:4c:10:d5:e5:2d: 08:06:29:45:08:72:18:fc:b3:45:47:3f:82:7b:9a:1f:8b:51: 52:aa:57:c7:bb:71:69:45:db:a2:bc:f6:49:8c:a7:b2:1d:9b: 88:4c:ce:b6:ca:cf:7e:dd:64:b4:6b:01:fa:e9:f5:49:9d:23: 6a:77:78:01:6f:5f:9c:97:ea:5f:c8:b6:e0:2f:63:7d:12:0a: 34:71:4b:8d:44:8e:1a:9e:2c:30:35:df:94:84:6f:38:5d:eb: 05:95:ce:18:97:6d:c2:9f:c9:17:f0:6f:38:61:4c:74:11:9e: 61:49:31:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3Y7nye/dIlDJIfbd7sLn5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNzFiOWVmNDFhNTM4Mjg1OGNkOWVlZjk4YTdmYjlkMTI2 YWE0YWUwHhcNMjYwMTI1MjMwMTA2WhcNMjYwMTI2MjMwMTA2WjAzMTEwLwYDVQQD EygwMDgxZjhlZTJhMDVhYmExZDlmYmUzMTFkNGQ2ZTNkOGZjYWQ3MDBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrXwFhw5Se002DcNOK8GAA2FE7uh wHtekjFsRYg5quzgBb6cv8i3BPDiet14nh+O/7zgWqplRstUmLOrYcgo0wjFUvq/ PYSXNFAdmFz9WZdGbLOPIhSPRQ3CxUaHKH3b30t9KlOrujR2usaxtMvdao7Bv+Qp Le82VjX7b4DTbZPFfr1hbmpsTq+SybGaJH9W10pENbIULscDriscIgZMFZX/7BzA h4gybeKqDmK7YFB0IwS8hTTcNgzhKvilashfooVOMd1geaAKTV+CsQXXJZF/kjYs pM4yRLK077IVgt8GtJ/qAkefHstKSS4jodPiL6q19V77XByeK/YrUCs0iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFACB+O4qBauh2fvjEdTW49j8rXAMMB8GA1UdIwQY MBaAFOBxue9BpTgoWM2e75in+50SaqSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iODE0NjAtZTA2Yy00MzUyLWFiMWIt YmIzODBiY2FiZDI4LzEvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iODE0NjAtZTA2Yy00MzUyLWFiMWItYmIzODBiY2FiZDI4 LzEvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1idWyy4 3EMhONsW0vbEQzYegyEylq7L/WH0JOX0weg2BXMgVNtiLvBy6jC0JaLCql3NZtdh 7imZxVIRUeR/gSLG8l07vJjrgBydW/Api2Cc5X+FhXoiK04ThPDBWYDWndxon5Ij pIsTxYhq5ATYzjIr0RE4BbM5e47mORPRD18xUVmmZCXYlKUqmUwQ1eUtCAYpRQhy GPyzRUc/gnuaH4tRUqpXx7txaUXborz2SYynsh2biEzOtsrPft1ktGsB+un1SZ0j and4AW9fnJfqX8i24C9jfRIKNHFLjUSOGp4sMDXflIRvOF3rBZXOGJdtwp/JF/Bv OGFMdBGeYUkx1g== -----END CERTIFICATE-----Generated at Mon Jan 26 01:48:49 2026 by rpki-client