This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft File: 2f8MyFNVS935CZqjzuvTUka5KPU.mft (raw, json) Hash identifier: 9S4xDbp6UKT1M09XgNG+kzvIWGiGPgTiT/44PAC+ObU= Subject key identifier: 69:92:08:21:D0:FF:FF:4C:6D:1D:81:97:B3:59:8E:3D:90:C0:B0:3B Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5 Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5 Certificate serial: 019BF42BC8357B114E8B612517A4FE3D570D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft Manifest number: 2A Signing time: Sun 25 Jan 2026 08:01:08 +0000 Manifest this update: Sun 25 Jan 2026 08:01:08 +0000 Manifest next update: Mon 26 Jan 2026 08:01:08 +0000 Files and hashes: 1: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (hash: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE=) 2: 2f8MyFNVS935CZqjzuvTUka5KPU.crl (hash: KUUPnr5z9Ow3IKqHUPB1JsosHn1xo9YlYrQc/rmzUU0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:2b:c8:35:7b:11:4e:8b:61:25:17:a4:fe:3d:57:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5 Validity Not Before: Jan 25 08:01:08 2026 GMT Not After : Jan 26 08:01:08 2026 GMT Subject: CN=69920821d0ffff4c6d1d8197b3598e3d90c0b03b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0e:14:e9:b5:7a:f9:90:16:45:3d:40:74:18: c0:2a:50:54:c2:71:47:d2:4d:cb:36:f9:b3:05:fa: 4d:ce:50:e9:b3:83:db:c2:d3:d9:20:b9:28:69:3d: 4d:ae:56:e6:7f:18:07:a8:52:3b:b5:5e:a4:87:d1: 57:7b:58:a5:e3:ac:79:1e:2d:ab:a4:95:7d:4d:60: bb:b0:29:20:19:46:00:b2:f6:b7:6c:a5:b1:1a:49: dd:99:b2:4d:1e:1a:35:67:32:4a:0d:a0:e4:0c:fa: b3:df:0a:89:24:66:77:b5:66:16:02:ac:d7:de:e6: d1:22:20:7a:c7:55:23:63:cd:9b:18:16:d5:ef:f2: 80:3a:75:47:dc:e5:7a:40:fc:ea:09:24:61:ca:e2: 19:27:d7:8c:2e:3c:2b:18:da:a6:41:60:6b:46:9b: 7a:c3:89:6a:64:06:f9:ba:26:ff:c8:c5:ef:b1:c0: d0:77:47:e5:6d:8b:61:6c:71:d2:8b:21:62:6d:64: d2:4b:4c:75:ae:da:4b:17:ce:2f:fc:5d:83:5f:50: a2:3d:cf:ea:20:ae:c9:7d:40:d7:4e:bd:36:50:2e: 5d:17:5c:1a:f6:dd:c3:eb:1a:bf:0c:a4:8b:92:3b: 0d:66:c5:78:59:25:5b:64:43:d5:db:84:42:9f:95: 90:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:92:08:21:D0:FF:FF:4C:6D:1D:81:97:B3:59:8E:3D:90:C0:B0:3B X509v3 Authority Key Identifier: keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:68:f5:23:71:4e:01:c9:dc:e0:2a:21:0f:33:d0:45:13:88: c3:ef:41:5e:f0:9e:51:01:f7:6b:0d:5b:12:82:9f:a9:f1:3c: ac:d0:b8:99:d4:d2:e9:89:af:c3:b8:f6:7d:b8:f8:fe:e7:00: d6:59:0e:e4:b2:11:be:27:dd:67:37:17:4e:f3:7b:21:40:da: 1f:b0:66:5d:1f:cd:6f:a4:d5:45:59:73:f0:d5:52:de:c2:b6: f5:50:52:72:8b:13:f3:d9:21:e5:27:94:ea:22:64:d3:1e:a7: b0:7e:5c:d7:0f:46:60:cf:5f:03:da:09:8b:6f:39:cc:1c:69: 43:2a:63:bf:c4:8a:82:24:97:4b:25:1e:2e:a0:00:82:ec:72: 7b:2c:ab:02:f0:a7:4a:34:e6:91:4f:10:ed:f7:3e:ca:60:69: 28:16:8f:01:0c:f0:f2:ab:c4:b1:f5:6c:1f:54:bc:f6:41:02: 47:8d:86:08:7d:e6:39:f6:4f:35:1c:5f:25:1e:81:56:c6:b4: 95:95:e9:fb:f7:d9:13:56:59:36:5a:47:cf:fe:cd:73:17:f0: 15:ea:05:dd:00:f5:2f:53:1d:22:dc:1b:58:6b:eb:3a:55:4a: d9:70:4a:75:99:c3:84:76:57:6b:4a:5f:6a:25:35:0e:cb:9e: 43:4f:e2:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0K8g1exFOi2ElF6T+PVcNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi OTI4ZjUwHhcNMjYwMTI1MDgwMTA4WhcNMjYwMTI2MDgwMTA4WjAzMTEwLwYDVQQD Eyg2OTkyMDgyMWQwZmZmZjRjNmQxZDgxOTdiMzU5OGUzZDkwYzBiMDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA4U6bV6+ZAWRT1AdBjAKlBUwnFH 0k3LNvmzBfpNzlDps4PbwtPZILkoaT1NrlbmfxgHqFI7tV6kh9FXe1il46x5Hi2r pJV9TWC7sCkgGUYAsva3bKWxGkndmbJNHho1ZzJKDaDkDPqz3wqJJGZ3tWYWAqzX 3ubRIiB6x1UjY82bGBbV7/KAOnVH3OV6QPzqCSRhyuIZJ9eMLjwrGNqmQWBrRpt6 w4lqZAb5uib/yMXvscDQd0flbYthbHHSiyFibWTSS0x1rtpLF84v/F2DX1CiPc/q IK7JfUDXTr02UC5dF1wa9t3D6xq/DKSLkjsNZsV4WSVbZEPV24RCn5WQ9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGmSCCHQ//9MbR2Bl7NZjj2QwLA7MB8GA1UdIwQY MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt Y2FmZTVlN2RiNzU4LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAtY2FmZTVlN2RiNzU4 LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL2j1I3FO Acnc4CohDzPQRROIw+9BXvCeUQH3aw1bEoKfqfE8rNC4mdTS6Ymvw7j2fbj4/ucA 1lkO5LIRvifdZzcXTvN7IUDaH7BmXR/Nb6TVRVlz8NVS3sK29VBScosT89kh5SeU 6iJk0x6nsH5c1w9GYM9fA9oJi285zBxpQypjv8SKgiSXSyUeLqAAguxyeyyrAvCn SjTmkU8Q7fc+ymBpKBaPAQzw8qvEsfVsH1S89kECR42GCH3mOfZPNRxfJR6BVsa0 lZXp+/fZE1ZZNlpHz/7NcxfwFeoF3QD1L1MdItwbWGvrOlVK2XBKdZnDhHZXa0pf aiU1DsueQ0/ipg== -----END CERTIFICATE-----Generated at Sun Jan 25 16:09:46 2026 by rpki-client