This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.mft File: QNVZGnW9aT6dO3ZoNL8HT3se7jo.mft (raw, json) Hash identifier: zDgIAslxcz/ZXOEmPwE9YeHxKJn0JDP6dY3phgQasFc= Subject key identifier: 43:DD:CC:CA:1B:6D:23:5E:DE:55:45:FA:40:B5:F0:7B:14:B4:97:4E Authority key identifier: 40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A Certificate issuer: /CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a Certificate serial: 019BF9F66E9B48E4A8DAD92004DCC0F744A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.mft Manifest number: 0BF8 Signing time: Mon 26 Jan 2026 11:00:35 +0000 Manifest this update: Mon 26 Jan 2026 11:00:35 +0000 Manifest next update: Tue 27 Jan 2026 11:00:35 +0000 Files and hashes: 1: QNVZGnW9aT6dO3ZoNL8HT3se7jo.crl (hash: lNVwyqC6n6w/+9p/m2vFrmpo33QYlkxO8101NYlp9Y0=) 2: YVo8LjxK7TZOHy2e0UtRMc12yMo.roa (hash: y1sW6xShCe5Zkqn/itmgk+RBNdntx91KOyuie9DOHaM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.mft rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:f6:6e:9b:48:e4:a8:da:d9:20:04:dc:c0:f7:44:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40d5591a75bd693e9d3b766834bf074f7b1eee3a Validity Not Before: Jan 26 11:00:35 2026 GMT Not After : Jan 27 11:00:35 2026 GMT Subject: CN=43ddccca1b6d235ede5545fa40b5f07b14b4974e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:64:91:7d:51:70:e3:be:6c:28:b3:15:91:9d: 5d:ba:9c:cc:b2:dd:54:e3:c4:d2:e6:33:e9:0d:7a: a1:de:31:1c:8b:7b:2b:47:2f:fa:75:1b:56:e7:e8: 6c:0f:ef:19:f3:7f:67:2e:98:f3:7e:e3:ca:12:19: 39:f3:44:c3:36:44:db:7f:c0:b8:e5:93:69:40:dd: c7:29:71:15:02:d7:a9:cb:07:df:3a:fe:21:f8:f1: 34:57:65:9f:98:75:fb:5b:c8:15:ad:d0:3f:22:ca: 53:f9:56:dd:e4:16:72:ae:74:93:ea:75:6b:c4:c2: 02:32:74:6e:a6:5b:fe:1a:b6:c0:6f:76:69:b9:9d: e6:0f:43:47:88:c4:cc:ee:6b:1c:7a:3c:2b:82:a9: 7c:bc:f0:47:24:37:6f:8e:5b:1c:26:ce:88:39:81: 72:f6:67:04:65:5c:a8:25:e8:df:75:e7:d2:4b:b3: 3f:dd:a6:a3:09:5a:a8:d6:e9:49:6d:7b:7e:31:f8: f8:80:98:c9:54:b7:4e:2b:c1:6b:78:7a:6d:c6:76: 51:ad:32:57:d9:92:c1:57:34:85:35:e8:3e:94:c0: 34:bd:63:ff:85:3a:ef:79:d2:27:ed:56:b2:07:eb: bc:a6:95:84:c9:b2:88:a2:c1:e6:c4:1d:c2:9e:bb: 02:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:DD:CC:CA:1B:6D:23:5E:DE:55:45:FA:40:B5:F0:7B:14:B4:97:4E X509v3 Authority Key Identifier: keyid:40:D5:59:1A:75:BD:69:3E:9D:3B:76:68:34:BF:07:4F:7B:1E:EE:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVZGnW9aT6dO3ZoNL8HT3se7jo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9c9f28-4f41-472d-a63e-a10a3a4963fb/1/QNVZGnW9aT6dO3ZoNL8HT3se7jo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:42:67:d9:51:b1:03:c3:ca:92:45:24:26:b6:c6:d3:78:b5: 70:75:ba:93:f3:fb:33:83:70:8d:2c:13:5c:ea:1c:a3:05:25: fe:38:29:9d:7d:37:2e:88:4a:d1:f8:34:d2:94:23:64:7e:2c: c4:a8:22:30:01:b4:c4:60:1c:65:5d:e2:45:64:e0:55:03:1f: 53:f8:9b:3a:b8:21:e9:78:c0:4a:fb:31:f0:ff:61:d8:ce:f0: 52:0c:3e:06:1d:8b:0c:3a:63:f4:1f:df:71:49:31:f7:5f:25: 34:cc:d0:17:de:55:db:07:ac:71:32:6c:9c:2b:18:9a:f1:92: 82:d5:f9:a4:c6:3f:79:b9:f4:87:aa:02:ad:98:1b:b8:ff:61: 40:df:ee:9a:f8:42:4d:6e:74:e6:ac:cb:56:5d:5a:9e:55:57: d1:c0:1e:2e:ff:14:91:23:5c:aa:22:f4:6f:17:7a:87:4e:e6: 98:37:af:7c:30:d9:3d:f1:a1:4e:4f:78:a5:11:a7:10:8a:ca: 60:c3:4a:32:01:d3:57:f0:42:d9:fb:79:c9:ce:6b:41:77:5e: d0:32:d5:cd:6e:07:97:a1:e5:8a:3d:de:f8:79:19:cb:e9:52: 01:67:ca:e5:86:73:f7:8f:32:59:da:51:97:67:07:6e:7a:cc: 31:4d:ce:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv59m6bSOSo2tkgBNzA90SjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwZDU1OTFhNzViZDY5M2U5ZDNiNzY2ODM0YmYwNzRmN2Ix ZWVlM2EwHhcNMjYwMTI2MTEwMDM1WhcNMjYwMTI3MTEwMDM1WjAzMTEwLwYDVQQD Eyg0M2RkY2NjYTFiNmQyMzVlZGU1NTQ1ZmE0MGI1ZjA3YjE0YjQ5NzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWSRfVFw475sKLMVkZ1dupzMst1U 48TS5jPpDXqh3jEci3srRy/6dRtW5+hsD+8Z839nLpjzfuPKEhk580TDNkTbf8C4 5ZNpQN3HKXEVAtepywffOv4h+PE0V2WfmHX7W8gVrdA/IspT+Vbd5BZyrnST6nVr xMICMnRuplv+GrbAb3ZpuZ3mD0NHiMTM7mscejwrgql8vPBHJDdvjlscJs6IOYFy 9mcEZVyoJejfdefSS7M/3aajCVqo1ulJbXt+Mfj4gJjJVLdOK8FreHptxnZRrTJX 2ZLBVzSFNeg+lMA0vWP/hTrvedIn7VayB+u8ppWEybKIosHmxB3CnrsCvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEPdzMobbSNe3lVF+kC18HsUtJdOMB8GA1UdIwQY MBaAFEDVWRp1vWk+nTt2aDS/B097Hu46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2Ut YTEwYTNhNDk2M2ZiLzEvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy85YzlmMjgtNGY0MS00NzJkLWE2M2UtYTEwYTNhNDk2M2Zi LzEvUU5WWkduVzlhVDZkTzNab05MOEhUM3NlN2pvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeEJn2VGx A8PKkkUkJrbG03i1cHW6k/P7M4NwjSwTXOocowUl/jgpnX03LohK0fg00pQjZH4s xKgiMAG0xGAcZV3iRWTgVQMfU/ibOrgh6XjASvsx8P9h2M7wUgw+Bh2LDDpj9B/f cUkx918lNMzQF95V2wescTJsnCsYmvGSgtX5pMY/ebn0h6oCrZgbuP9hQN/umvhC TW505qzLVl1anlVX0cAeLv8UkSNcqiL0bxd6h07mmDevfDDZPfGhTk94pRGnEIrK YMNKMgHTV/BC2ft5yc5rQXde0DLVzW4Hl6Hlij3e+HkZy+lSAWfK5YZz948yWdpR l2cHbnrMMU3ORQ== -----END CERTIFICATE-----Generated at Mon Jan 26 14:16:36 2026 by rpki-client