This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json) Hash identifier: grEixJCfcmvn9AwR96dM9chyUR8OiggnO36qvi/mwdI= Subject key identifier: 23:6D:24:71:49:A8:6D:0F:CA:D5:44:09:80:4E:52:80:01:B7:8D:8A Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Certificate serial: 019BF5AC978F08F3AA98B15E3F4B6AB63FD1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft Manifest number: 05D3 Signing time: Sun 25 Jan 2026 15:01:27 +0000 Manifest this update: Sun 25 Jan 2026 15:01:27 +0000 Manifest next update: Mon 26 Jan 2026 15:01:27 +0000 Files and hashes: 1: 1-cEaaO_Ysid8Br5DRVo96OE6Rw0.roa (hash: fjeWtz//51nB13NzQwtc912b3agAHVfHErKRO/L6d0o=) 2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: MF0iZ6tG5PHKgqGB8nNK9cTrtZhUCKu4lg0wxN0fYQ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:97:8f:08:f3:aa:98:b1:5e:3f:4b:6a:b6:3f:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Validity Not Before: Jan 25 15:01:27 2026 GMT Not After : Jan 26 15:01:27 2026 GMT Subject: CN=236d247149a86d0fcad54409804e528001b78d8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:af:e3:67:d6:ca:49:f7:6c:75:e2:e8:98:a2: be:cd:bb:57:17:42:35:7d:9e:63:00:56:3c:c9:76: 3a:4c:ff:44:8b:12:2b:68:41:27:70:d5:25:ff:cc: ba:d6:0b:79:90:b1:b2:e3:0e:9b:3f:3b:2e:10:48: a5:a4:88:31:2c:be:2d:a0:a0:6d:bf:6a:b2:85:f7: 8a:95:86:d0:d4:5d:1a:6f:c6:98:d6:da:96:1e:9e: 12:17:e1:14:d2:20:a6:92:52:1a:00:a0:32:5d:2c: 5f:40:3a:fe:f6:e5:f8:a2:3d:f6:86:51:65:2c:a8: e3:07:3e:55:c5:f9:18:ca:cf:ea:23:e3:88:02:bd: 0b:ee:e2:de:8d:ec:0e:79:9f:5f:fc:47:25:7d:38: 2c:92:e0:e8:35:d4:7e:4f:15:96:65:8a:b0:1d:c8: d0:a4:c0:42:58:3c:63:fe:b7:08:71:7c:3c:ef:95: 8f:7a:6b:e0:63:8d:12:70:3a:bd:7d:07:f5:08:ea: e5:26:e2:cb:9b:83:16:76:9a:96:dc:0c:f8:bf:c7: 00:bf:99:b6:8e:28:ce:a7:09:e4:b6:19:ad:c5:f2: e7:6c:5d:7a:9b:b8:7d:74:9d:6b:38:eb:c6:91:11: 0f:73:3f:bf:7f:ae:46:fd:75:65:9b:16:d9:f8:42: a0:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:6D:24:71:49:A8:6D:0F:CA:D5:44:09:80:4E:52:80:01:B7:8D:8A X509v3 Authority Key Identifier: keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:bc:d1:4f:82:c2:e8:b9:43:28:58:c8:29:e7:6e:e4:92:8b: a5:4d:2a:24:78:7c:71:91:16:00:76:da:4b:6c:c6:82:ed:f1: cf:4c:7f:af:bb:e5:00:d2:30:5e:bb:e0:29:f0:4a:31:47:6a: f9:ae:28:b4:00:74:8d:b3:f3:1d:13:69:86:77:09:90:39:d2: 95:aa:c2:57:28:c2:bb:5b:ae:0d:1f:12:08:a1:e7:2d:59:6a: d6:42:aa:dd:65:6b:d4:45:95:a7:d1:b8:43:09:97:07:5f:44: c5:01:61:b7:e6:b8:ee:c5:5d:5a:f3:b6:8d:c9:ea:03:99:5a: 2f:0c:f5:91:ab:f6:c3:9d:93:5d:65:af:cc:c8:9d:39:7b:8f: 72:2a:7c:04:76:34:15:34:99:ba:8a:19:e4:b3:ea:12:e7:f2: 51:c6:a5:e0:e4:63:21:8d:4c:48:86:fe:dc:ac:1a:04:7b:84: a5:35:6f:cd:c5:c9:52:89:d6:2f:aa:82:83:bf:7f:aa:03:65: cf:f4:69:b4:35:49:36:3b:6f:9f:df:c5:09:f5:70:d2:3d:e6: 22:55:1f:f2:c8:3a:cf:6e:cc:29:56:7c:29:fb:87:4b:da:ea: 52:48:dc:33:a2:1e:bb:e6:2c:23:3a:64:91:ee:45:16:4f:59: 2b:fa:87:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rJePCPOqmLFeP0tqtj/RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz MDI2ZDAwHhcNMjYwMTI1MTUwMTI3WhcNMjYwMTI2MTUwMTI3WjAzMTEwLwYDVQQD EygyMzZkMjQ3MTQ5YTg2ZDBmY2FkNTQ0MDk4MDRlNTI4MDAxYjc4ZDhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq/jZ9bKSfdsdeLomKK+zbtXF0I1 fZ5jAFY8yXY6TP9EixIraEEncNUl/8y61gt5kLGy4w6bPzsuEEilpIgxLL4toKBt v2qyhfeKlYbQ1F0ab8aY1tqWHp4SF+EU0iCmklIaAKAyXSxfQDr+9uX4oj32hlFl LKjjBz5VxfkYys/qI+OIAr0L7uLejewOeZ9f/EclfTgskuDoNdR+TxWWZYqwHcjQ pMBCWDxj/rcIcXw875WPemvgY40ScDq9fQf1COrlJuLLm4MWdpqW3Az4v8cAv5m2 jijOpwnkthmtxfLnbF16m7h9dJ1rOOvGkREPcz+/f65G/XVlmxbZ+EKgzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCNtJHFJqG0PytVECYBOUoABt42KMB8GA1UdIwQY MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS7zRT4LC 6LlDKFjIKedu5JKLpU0qJHh8cZEWAHbaS2zGgu3xz0x/r7vlANIwXrvgKfBKMUdq +a4otAB0jbPzHRNphncJkDnSlarCVyjCu1uuDR8SCKHnLVlq1kKq3WVr1EWVp9G4 QwmXB19ExQFht+a47sVdWvO2jcnqA5laLwz1kav2w52TXWWvzMidOXuPcip8BHY0 FTSZuooZ5LPqEufyUcal4ORjIY1MSIb+3KwaBHuEpTVvzcXJUonWL6qCg79/qgNl z/RptDVJNjtvn9/FCfVw0j3mIlUf8sg6z27MKVZ8KfuHS9rqUkjcM6Ieu+YsIzpk ke5FFk9ZK/qHpA== -----END CERTIFICATE-----Generated at Sun Jan 25 19:44:51 2026 by rpki-client