This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft File: yIYjh23RrY5iSiPdUossZMgKhSE.mft (raw, json) Hash identifier: 9CsH2NQ5//8MSUxmJk9i4vxqx0SUKg6Smk01OTWVsHg= Subject key identifier: A9:2D:83:9D:FB:CE:19:83:BC:78:FD:84:F5:E7:3F:53:71:13:BF:74 Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 Certificate issuer: /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Certificate serial: 019BF83F5539453141C932970217BB1825DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft Manifest number: 070B Signing time: Mon 26 Jan 2026 03:00:58 +0000 Manifest this update: Mon 26 Jan 2026 03:00:58 +0000 Manifest next update: Tue 27 Jan 2026 03:00:58 +0000 Files and hashes: 1: h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa (hash: L8O1+G2QnBwVNFEY7LCl7zf6sGt3HNSfVfaE38wa8Uo=) 2: yIYjh23RrY5iSiPdUossZMgKhSE.crl (hash: 2ig6EOkJcETdU30M5k6IRwQtYM3vRK5y/eg2WOV7md0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:3f:55:39:45:31:41:c9:32:97:02:17:bb:18:25:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Validity Not Before: Jan 26 03:00:58 2026 GMT Not After : Jan 27 03:00:58 2026 GMT Subject: CN=a92d839dfbce1983bc78fd84f5e73f537113bf74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4f:33:7a:82:65:d2:4a:b2:9a:84:05:0f:50: cb:89:ad:6a:0e:9a:4b:fa:cd:36:e0:d4:a9:4a:c6: 2f:7c:73:20:e6:27:89:1a:fb:9e:99:a1:c6:c8:76: c7:c9:4b:6a:87:bd:15:38:ec:e3:34:75:cc:ac:63: 0b:9b:c1:c0:16:22:27:9e:b1:df:f4:82:5d:39:6a: 48:e7:46:9e:b1:ad:3a:a9:ba:2f:11:57:32:7b:b7: 03:36:67:62:60:aa:96:b0:e9:6b:14:0b:98:d9:5e: 26:92:ef:a7:2b:c1:24:91:4b:42:15:bc:86:33:8f: fe:e1:2a:2f:46:08:08:e2:fc:a5:9b:43:4a:9f:c2: aa:bb:74:33:d4:d1:4c:55:80:47:25:c5:f8:60:4e: a9:b3:be:6d:eb:2b:7f:f6:7e:53:06:5a:2c:af:59: ab:fb:0e:a5:1b:ae:70:58:5b:2c:4a:c6:ac:51:ba: 4b:85:c2:95:cb:ac:f4:ff:d1:ed:b9:69:8b:49:82: bf:31:a5:36:39:2a:80:5d:32:2a:86:a3:2e:d2:3e: 97:30:13:4f:43:30:85:2b:a4:a7:f6:1c:7b:64:98: 1f:1e:84:ca:be:c3:21:5f:00:c1:fd:b4:71:7d:da: fd:ae:24:8f:6a:07:9d:4b:4e:e5:c5:67:b2:71:d0: ed:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2D:83:9D:FB:CE:19:83:BC:78:FD:84:F5:E7:3F:53:71:13:BF:74 X509v3 Authority Key Identifier: keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:8b:cc:cd:67:cd:e5:5e:37:39:2e:a9:b9:80:9c:75:6e:a0: 05:5a:d3:bd:37:af:72:63:b8:81:78:fa:c6:c7:95:99:b4:6b: 22:16:bf:77:81:77:83:76:1e:1c:d9:ce:70:23:e5:4b:67:06: 4a:f2:78:fa:fe:72:2c:e8:e2:d3:36:0f:21:91:08:50:c9:64: ca:e0:55:cf:c8:79:bf:a9:63:32:7b:cf:d4:21:03:c9:2b:b2: e3:b8:02:24:6c:a1:4e:1c:0d:01:82:cd:8e:5b:fe:56:6e:77: 6f:11:0c:bf:0f:1b:a8:47:46:7b:98:31:aa:99:33:09:b8:67: 0a:a4:36:0b:ca:45:28:4f:40:da:83:ed:95:44:5e:35:a6:69: f3:43:92:e9:75:40:0e:8b:bc:74:67:13:21:57:4f:33:6f:34: 36:c5:ee:73:2e:95:52:c6:cb:3a:17:5f:d7:b8:3c:75:08:f4: 98:fb:a7:76:fa:30:c2:2c:ba:9f:88:a7:6a:ec:77:57:18:fd: d8:30:e1:a8:d2:7d:a7:7c:84:3b:05:c5:92:d7:ec:e7:9b:6e: b0:31:5e:c2:77:1a:15:f2:8c:ae:cb:9a:0b:ed:f2:e4:11:66: a0:7f:41:b4:94:7c:62:10:16:48:67:cf:ea:9a:77:e3:a9:6d: d0:90:fd:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4P1U5RTFByTKXAhe7GCXdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw YTg1MjEwHhcNMjYwMTI2MDMwMDU4WhcNMjYwMTI3MDMwMDU4WjAzMTEwLwYDVQQD EyhhOTJkODM5ZGZiY2UxOTgzYmM3OGZkODRmNWU3M2Y1MzcxMTNiZjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU8zeoJl0kqymoQFD1DLia1qDppL +s024NSpSsYvfHMg5ieJGvuemaHGyHbHyUtqh70VOOzjNHXMrGMLm8HAFiInnrHf 9IJdOWpI50aesa06qbovEVcye7cDNmdiYKqWsOlrFAuY2V4mku+nK8EkkUtCFbyG M4/+4SovRggI4vylm0NKn8Kqu3Qz1NFMVYBHJcX4YE6ps75t6yt/9n5TBlosr1mr +w6lG65wWFssSsasUbpLhcKVy6z0/9HtuWmLSYK/MaU2OSqAXTIqhqMu0j6XMBNP QzCFK6Sn9hx7ZJgfHoTKvsMhXwDB/bRxfdr9riSPagedS07lxWeycdDtAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKktg537zhmDvHj9hPXnP1NxE790MB8GA1UdIwQY MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt MmViNTEyNjFkZGJhLzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdovMzWfN 5V43OS6puYCcdW6gBVrTvTevcmO4gXj6xseVmbRrIha/d4F3g3YeHNnOcCPlS2cG SvJ4+v5yLOji0zYPIZEIUMlkyuBVz8h5v6ljMnvP1CEDySuy47gCJGyhThwNAYLN jlv+Vm53bxEMvw8bqEdGe5gxqpkzCbhnCqQ2C8pFKE9A2oPtlUReNaZp80OS6XVA Dou8dGcTIVdPM280NsXucy6VUsbLOhdf17g8dQj0mPundvowwiy6n4inaux3Vxj9 2DDhqNJ9p3yEOwXFktfs55tusDFewncaFfKMrsuaC+3y5BFmoH9BtJR8YhAWSGfP 6pp346lt0JD9IA== -----END CERTIFICATE-----Generated at Mon Jan 26 05:38:48 2026 by rpki-client