This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft File: YEBzL9vKpSkA2yRiB1v07xUVlpU.mft (raw, json) Hash identifier: Y6z/pf+6DqG3LRiTSd0BJkOpFyr8PdY85SDz74lSawk= Subject key identifier: 29:B5:A5:82:8E:78:C0:77:7F:E4:C5:A8:24:95:E8:A2:F0:BD:AF:E5 Authority key identifier: 60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95 Certificate issuer: /CN=6040732fdbcaa52900db2462075bf4ef15159695 Certificate serial: 019BF6BEB6A4A1E5D797FBE8DB543E8EA11F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft Manifest number: 0699 Signing time: Sun 25 Jan 2026 20:00:51 +0000 Manifest this update: Sun 25 Jan 2026 20:00:51 +0000 Manifest next update: Mon 26 Jan 2026 20:00:51 +0000 Files and hashes: 1: PUDvpR_aiNzuJCBLk51UIXHyhYI.roa (hash: Sq53LfucALVr4BVz660/k9ccPDQx9/Vh4c8LAplhshQ=) 2: YEBzL9vKpSkA2yRiB1v07xUVlpU.crl (hash: jXX9mlC9rLHNy6iV/eztVMMecWh8BELGSX3WG/fRY58=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:be:b6:a4:a1:e5:d7:97:fb:e8:db:54:3e:8e:a1:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6040732fdbcaa52900db2462075bf4ef15159695 Validity Not Before: Jan 25 20:00:51 2026 GMT Not After : Jan 26 20:00:51 2026 GMT Subject: CN=29b5a5828e78c0777fe4c5a82495e8a2f0bdafe5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4c:02:73:dc:65:03:6c:a8:f5:f3:97:55:54: 45:5a:83:6c:62:00:73:a8:95:ca:d1:84:82:a8:37: 70:e9:f0:da:56:68:99:4c:60:88:a0:7e:ee:b9:36: 1a:40:05:c6:01:63:ca:42:30:10:7e:c2:2d:0c:49: 41:9b:88:72:90:18:fe:c6:19:9a:56:2c:43:92:bb: b8:7d:85:6a:03:6f:6d:21:9c:8d:8f:12:2f:af:fc: 7c:aa:f7:ad:22:62:18:77:1f:34:32:27:7a:d9:7f: 3f:69:15:26:27:2a:ea:7e:67:e7:e0:e6:85:67:3f: c4:c0:15:69:c9:42:f4:4d:5c:d4:26:46:b5:db:81: a3:7f:f7:db:d0:a0:10:b2:f7:a3:c0:3f:af:83:dd: bd:36:a2:88:dd:9a:c4:1d:83:f8:4a:49:cc:61:a9: 00:f3:97:a9:75:46:d4:de:e4:66:05:f2:2e:26:3e: 10:75:3b:a3:21:5b:53:a5:d6:10:38:13:b2:93:2b: c7:ae:91:63:93:c6:25:19:c2:27:22:0b:96:48:95: e8:6b:1a:ec:a5:df:12:ac:05:68:8a:a2:4e:ec:7d: 47:e0:79:14:ee:fa:87:03:1f:a7:b5:a2:34:29:a6: 89:e2:38:af:41:96:b9:cb:b9:0a:cb:0a:c8:22:c6: 5b:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B5:A5:82:8E:78:C0:77:7F:E4:C5:A8:24:95:E8:A2:F0:BD:AF:E5 X509v3 Authority Key Identifier: keyid:60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:03:c2:e8:bb:de:62:fd:40:a6:39:07:8a:0f:69:31:f2:a8: 82:4d:7b:0d:3e:22:c5:22:50:55:81:20:17:5e:2f:5a:4e:42: 65:7f:6a:18:5b:a9:e9:ac:db:82:23:fc:1e:3c:cd:87:fb:77: df:7f:fa:31:ed:4a:96:d0:0d:59:ec:33:bb:d6:46:7b:ac:6b: 17:97:71:42:a2:09:fd:bd:1e:1b:39:1d:4c:6a:f6:55:7a:d6: 68:83:b0:d8:5f:a5:ab:b3:03:67:19:b4:cf:ad:1b:0d:02:3e: f0:3f:3d:36:93:ac:e0:4f:fb:99:05:ca:13:e3:27:ad:cc:d4: 9e:9c:ca:64:40:ec:fa:6c:9f:de:11:43:e4:32:6d:54:f3:87: 51:7e:23:cb:f7:e9:bf:60:bd:2f:2d:b4:83:eb:bc:36:61:a3: f4:85:5f:da:b4:03:24:09:ad:5f:fc:da:5d:ca:0f:5b:57:31: 31:6f:ef:b1:32:74:a4:30:d1:6c:c9:f2:c0:db:72:ec:9a:eb: 30:63:52:46:a7:ef:cc:c7:8c:53:a6:d6:39:f0:fc:e6:1a:30: 1c:3a:8b:34:f6:51:9e:dc:ca:e3:75:f1:50:37:91:8f:f9:ef: e3:6b:e3:83:a6:73:bd:88:40:ec:16:3e:d9:dc:7f:d2:a1:f4: c4:41:14:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vrakoeXXl/vo21Q+jqEfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNDA3MzJmZGJjYWE1MjkwMGRiMjQ2MjA3NWJmNGVmMTUx NTk2OTUwHhcNMjYwMTI1MjAwMDUxWhcNMjYwMTI2MjAwMDUxWjAzMTEwLwYDVQQD EygyOWI1YTU4MjhlNzhjMDc3N2ZlNGM1YTgyNDk1ZThhMmYwYmRhZmU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEwCc9xlA2yo9fOXVVRFWoNsYgBz qJXK0YSCqDdw6fDaVmiZTGCIoH7uuTYaQAXGAWPKQjAQfsItDElBm4hykBj+xhma VixDkru4fYVqA29tIZyNjxIvr/x8qvetImIYdx80Mid62X8/aRUmJyrqfmfn4OaF Zz/EwBVpyUL0TVzUJka124Gjf/fb0KAQsvejwD+vg929NqKI3ZrEHYP4SknMYakA 85epdUbU3uRmBfIuJj4QdTujIVtTpdYQOBOykyvHrpFjk8YlGcInIguWSJXoaxrs pd8SrAVoiqJO7H1H4HkU7vqHAx+ntaI0KaaJ4jivQZa5y7kKywrIIsZbgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCm1pYKOeMB3f+TFqCSV6KLwva/lMB8GA1UdIwQY MBaAFGBAcy/byqUpANskYgdb9O8VFZaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUt ZDJiNjk4MmJjNDg0LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUtZDJiNjk4MmJjNDg0 LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQPC6Lve Yv1ApjkHig9pMfKogk17DT4ixSJQVYEgF14vWk5CZX9qGFup6azbgiP8HjzNh/t3 33/6Me1KltANWewzu9ZGe6xrF5dxQqIJ/b0eGzkdTGr2VXrWaIOw2F+lq7MDZxm0 z60bDQI+8D89NpOs4E/7mQXKE+MnrczUnpzKZEDs+myf3hFD5DJtVPOHUX4jy/fp v2C9Ly20g+u8NmGj9IVf2rQDJAmtX/zaXcoPW1cxMW/vsTJ0pDDRbMnywNty7Jrr MGNSRqfvzMeMU6bWOfD85howHDqLNPZRntzK43XxUDeRj/nv42vjg6ZzvYhA7BY+ 2dx/0qH0xEEUOw== -----END CERTIFICATE-----Generated at Mon Jan 26 02:26:46 2026 by rpki-client