This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft File: pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft (raw, json) Hash identifier: MZmWYHrh66Z7rF1hQvT0nDgro/zYS7dkVoSA9vV+LDc= Subject key identifier: 1E:C9:89:C2:C8:B3:10:05:74:B4:EE:90:FE:CA:C5:19:CA:81:85:EF Authority key identifier: A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB Certificate issuer: /CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb Certificate serial: 019BF79AAD92F18C4E2DB1715110C4159539 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft Manifest number: 0C7C Signing time: Mon 26 Jan 2026 00:01:07 +0000 Manifest this update: Mon 26 Jan 2026 00:01:07 +0000 Manifest next update: Tue 27 Jan 2026 00:01:07 +0000 Files and hashes: 1: 1-bShfWRGm-TQCjM_Y3n8hxLi1-I.roa (hash: wGYwNx5Kv0DKEFJu4HUzIBbe8JuzhGj3QdIJepSq7/Q=) 2: pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl (hash: pwHoUrQ2JJKi5Sitb4bwGl9ESt414lLXAEaM+T8bzqc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:9a:ad:92:f1:8c:4e:2d:b1:71:51:10:c4:15:95:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb Validity Not Before: Jan 26 00:01:07 2026 GMT Not After : Jan 27 00:01:07 2026 GMT Subject: CN=1ec989c2c8b3100574b4ee90fecac519ca8185ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:20:fb:62:b0:0d:06:b7:4c:2e:a3:be:06:e9: 23:39:d6:0e:e6:9d:81:0d:39:18:73:d4:1a:c3:91: a0:7d:94:43:d7:b1:6a:92:ec:8c:47:a8:9d:8b:12: 75:89:c7:4e:f4:7c:1d:8e:bc:f0:21:40:88:e0:ca: a3:28:c5:83:f2:c4:2e:bc:9b:32:d9:78:aa:75:ae: 66:1a:50:92:4f:43:12:32:61:c4:17:84:41:2e:d1: fa:74:5f:c1:c7:aa:15:67:f4:cc:73:6d:bc:8d:42: 2d:a9:14:dc:a2:e3:2e:19:21:e8:31:1b:3d:73:09: f1:dc:27:28:6a:f0:97:9b:f2:79:c5:aa:83:e7:17: 6d:f2:8d:ab:c6:dd:f7:12:65:96:0a:13:09:9b:38: c4:03:5a:67:9d:66:ef:7d:50:85:18:67:02:08:b3: dc:4f:ba:e3:c2:db:24:b8:39:a2:3f:64:3b:6b:cd: 84:23:85:3e:1f:63:ce:24:40:b7:b9:d6:7b:67:df: 62:29:61:3c:14:d3:5e:17:36:f8:6b:5c:67:ab:ff: ba:ac:a5:81:b3:87:4a:1d:af:9f:21:f8:41:b8:20: cb:9e:74:83:85:68:c2:a3:44:15:12:bd:26:b9:65: a0:32:9e:64:c6:8f:70:f3:a6:7f:91:7b:67:34:39: 00:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C9:89:C2:C8:B3:10:05:74:B4:EE:90:FE:CA:C5:19:CA:81:85:EF X509v3 Authority Key Identifier: keyid:A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:b4:71:41:09:b6:5e:32:82:93:0c:9d:27:57:c5:de:ea:54: 9c:ee:6f:c5:3c:77:bf:a8:13:cd:ed:8f:18:52:82:08:0e:92: 0f:4f:0c:bf:b5:1f:51:3a:63:ec:28:17:97:db:5e:d0:f3:7a: 28:e9:ec:e8:6b:13:56:5a:f2:b2:4a:29:97:05:0c:b3:80:76: bb:22:d8:cd:02:c0:94:43:6b:a3:5b:b8:30:d2:29:ff:46:c1: ee:69:7d:ab:98:a5:99:35:50:73:dd:9b:36:be:bd:2a:17:84: 42:3e:5b:f1:99:ec:e5:07:22:ba:d2:56:bd:b0:df:ef:8c:ad: 1c:4d:ae:0f:9e:e1:4d:a4:9d:46:68:3c:96:34:0b:18:ad:d8: 3a:d5:3e:eb:35:8b:b3:a0:ea:56:e0:4c:ac:fe:ab:6a:bd:84: d8:bc:b5:eb:b5:ca:b0:4b:db:77:3c:6b:20:ac:91:a7:fd:ec: 1f:b3:57:a2:c3:21:e4:24:65:87:82:24:eb:6f:fb:96:d8:34: f1:13:cb:0e:fa:3c:ab:37:e4:9f:00:15:09:8a:88:8d:fb:79: 68:b1:d1:8d:7a:dd:93:db:73:cc:8f:de:5b:8c:7d:a3:f6:6f: c6:67:06:c7:2f:09:b0:d5:02:35:e9:2f:bc:e8:a2:c9:71:7e: 3e:43:bc:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3mq2S8YxOLbFxURDEFZU5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MGNkM2I5ZmI2NDY0OTE1YWQwZDM3NjA5MzRjMDE4Mjg4 OWYxZmIwHhcNMjYwMTI2MDAwMTA3WhcNMjYwMTI3MDAwMTA3WjAzMTEwLwYDVQQD EygxZWM5ODljMmM4YjMxMDA1NzRiNGVlOTBmZWNhYzUxOWNhODE4NWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CD7YrANBrdMLqO+BukjOdYO5p2B DTkYc9Qaw5GgfZRD17FqkuyMR6idixJ1icdO9HwdjrzwIUCI4MqjKMWD8sQuvJsy 2Xiqda5mGlCST0MSMmHEF4RBLtH6dF/Bx6oVZ/TMc228jUItqRTcouMuGSHoMRs9 cwnx3CcoavCXm/J5xaqD5xdt8o2rxt33EmWWChMJmzjEA1pnnWbvfVCFGGcCCLPc T7rjwtskuDmiP2Q7a82EI4U+H2POJEC3udZ7Z99iKWE8FNNeFzb4a1xnq/+6rKWB s4dKHa+fIfhBuCDLnnSDhWjCo0QVEr0muWWgMp5kxo9w86Z/kXtnNDkA5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7JicLIsxAFdLTukP7KxRnKgYXvMB8GA1UdIwQY MBaAFKUM07n7ZGSRWtDTdgk0wBgoifH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTct MzdlOWU4NmE5Mjc5LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTctMzdlOWU4NmE5Mjc5 LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7RxQQm2 XjKCkwydJ1fF3upUnO5vxTx3v6gTze2PGFKCCA6SD08Mv7UfUTpj7CgXl9te0PN6 KOns6GsTVlryskoplwUMs4B2uyLYzQLAlENro1u4MNIp/0bB7ml9q5ilmTVQc92b Nr69KheEQj5b8Zns5QciutJWvbDf74ytHE2uD57hTaSdRmg8ljQLGK3YOtU+6zWL s6DqVuBMrP6rar2E2Ly167XKsEvbdzxrIKyRp/3sH7NXosMh5CRlh4Ik62/7ltg0 8RPLDvo8qzfknwAVCYqIjft5aLHRjXrdk9tzzI/eW4x9o/ZvxmcGxy8JsNUCNekv vOiiyXF+PkO88w== -----END CERTIFICATE-----Generated at Mon Jan 26 06:23:36 2026 by rpki-client