This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json) Hash identifier: H7sOleNNVNDhf5Sjl3yPrC5mQMDzbwo5Dyp9ww7eo9o= Subject key identifier: 9C:00:07:75:0B:A4:39:E3:70:73:A5:38:0F:08:A2:06:BD:77:EF:DB Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a Certificate serial: 019BF72D1067D020C25DB46BB46D16B4724E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft Manifest number: 1718 Signing time: Sun 25 Jan 2026 22:01:24 +0000 Manifest this update: Sun 25 Jan 2026 22:01:24 +0000 Manifest next update: Mon 26 Jan 2026 22:01:24 +0000 Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: /1BISwQHozpkhEAEG4Em2W8cbtoAQEekQAqQkpxHzz4=) 2: xhpLteHeEuI9N2i0WjCkJHYwXtM.roa (hash: ZhHw/D8clg9QeWX4KlvzTONGmYlvYOv2tFZIA342W2c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:10:67:d0:20:c2:5d:b4:6b:b4:6d:16:b4:72:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a Validity Not Before: Jan 25 22:01:24 2026 GMT Not After : Jan 26 22:01:24 2026 GMT Subject: CN=9c0007750ba439e37073a5380f08a206bd77efdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:db:27:d3:16:64:b5:4e:64:12:07:b2:d3:c8: 74:61:92:8f:79:51:64:4e:9a:cd:06:b8:3d:45:9e: ae:a0:db:c1:04:c6:29:2a:2c:01:75:e7:85:c9:47: 1b:f5:52:90:8c:ad:0c:3c:f0:0a:92:5e:36:35:69: c2:18:63:04:1f:b1:bb:2c:2b:97:8f:17:c5:9b:e4: b6:4e:c8:06:13:6e:2c:f5:cb:5a:bf:21:7e:b2:ba: ef:a4:b2:11:a9:05:62:83:06:6c:c6:ac:29:64:7c: 3e:08:02:ed:93:43:96:9c:3f:ae:f7:3a:f7:81:6b: 12:68:45:e9:6d:03:7a:73:67:80:8c:5e:7d:55:08: c2:f9:30:f8:1a:97:a5:7a:09:28:47:64:db:f3:4f: b8:21:e1:5e:e2:67:fa:5c:b6:98:95:8b:d1:13:df: 22:20:f5:50:56:bd:93:5d:b4:f2:28:57:a9:00:9f: 11:c8:c8:75:17:28:c3:c5:01:55:33:db:be:44:50: 37:1a:8d:c5:32:00:9c:c5:7f:32:e5:b6:92:29:d5: 8e:f2:ba:74:0b:73:7f:6b:9d:27:36:4d:8c:0e:fc: a8:d7:10:3e:4a:2a:6b:47:cb:fb:b1:5c:d1:4a:82: 68:8b:a5:a8:9f:b4:dc:35:ec:02:25:88:c0:71:69: 1e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:00:07:75:0B:A4:39:E3:70:73:A5:38:0F:08:A2:06:BD:77:EF:DB X509v3 Authority Key Identifier: keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:3a:3c:7e:a0:a6:49:4c:41:cc:07:b9:92:a3:5e:85:7f:fb: d7:5f:9a:bc:49:ca:75:82:9a:1e:ce:45:3d:61:4f:56:cf:81: 94:f6:ae:45:65:36:e8:70:e8:9a:7b:9f:2e:60:78:e1:1d:a9: cf:e8:13:f5:58:08:df:64:fb:be:dd:82:fe:a6:6f:36:4f:15: f3:23:a1:7d:2c:6e:e3:04:94:68:c0:71:53:8d:43:38:c3:c1: 82:96:2b:02:1f:74:d2:54:1b:7b:82:7e:f2:17:31:ba:1b:00: 64:23:30:91:1e:a6:69:4a:db:26:95:a2:de:16:0f:21:9c:dd: eb:a3:5a:0c:f7:bf:20:75:07:a0:99:d1:53:43:74:b9:34:16: 38:2a:93:cf:5e:1e:be:05:61:2e:e9:12:f0:1e:05:c3:a2:a2: 82:8e:75:85:b7:d8:65:5c:26:3f:26:54:e8:71:d1:f0:88:e0: c6:06:c9:d0:8b:e9:eb:cf:f0:39:ad:54:e0:87:2b:0d:69:f8: ff:17:4a:f9:36:c6:73:8d:c6:de:20:5b:2a:8f:c4:83:a4:5a: 0c:e0:44:32:fb:05:92:76:bb:68:94:f0:db:65:92:8c:43:57: eb:f0:54:60:0b:58:e2:b7:3d:91:8e:56:fe:9e:6e:c9:c0:85: 67:8d:42:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LRBn0CDCXbRrtG0WtHJOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk OTEzM2EwHhcNMjYwMTI1MjIwMTI0WhcNMjYwMTI2MjIwMTI0WjAzMTEwLwYDVQQD Eyg5YzAwMDc3NTBiYTQzOWUzNzA3M2E1MzgwZjA4YTIwNmJkNzdlZmRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNsn0xZktU5kEgey08h0YZKPeVFk TprNBrg9RZ6uoNvBBMYpKiwBdeeFyUcb9VKQjK0MPPAKkl42NWnCGGMEH7G7LCuX jxfFm+S2TsgGE24s9ctavyF+srrvpLIRqQVigwZsxqwpZHw+CALtk0OWnD+u9zr3 gWsSaEXpbQN6c2eAjF59VQjC+TD4GpelegkoR2Tb80+4IeFe4mf6XLaYlYvRE98i IPVQVr2TXbTyKFepAJ8RyMh1FyjDxQFVM9u+RFA3Go3FMgCcxX8y5baSKdWO8rp0 C3N/a50nNk2MDvyo1xA+SiprR8v7sVzRSoJoi6Won7TcNewCJYjAcWkeDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJwAB3ULpDnjcHOlOA8Ioga9d+/bMB8GA1UdIwQY MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjo8fqCm SUxBzAe5kqNehX/711+avEnKdYKaHs5FPWFPVs+BlPauRWU26HDomnufLmB44R2p z+gT9VgI32T7vt2C/qZvNk8V8yOhfSxu4wSUaMBxU41DOMPBgpYrAh900lQbe4J+ 8hcxuhsAZCMwkR6maUrbJpWi3hYPIZzd66NaDPe/IHUHoJnRU0N0uTQWOCqTz14e vgVhLukS8B4Fw6Kigo51hbfYZVwmPyZU6HHR8IjgxgbJ0Ivp68/wOa1U4IcrDWn4 /xdK+TbGc43G3iBbKo/Eg6RaDOBEMvsFkna7aJTw22WSjENX6/BUYAtY4rc9kY5W /p5uycCFZ41Cxw== -----END CERTIFICATE-----Generated at Mon Jan 26 03:32:51 2026 by rpki-client