This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json) Hash identifier: yrDBM/tHWNLgKrCDaGdolKg+GU+tqMFEEh4VIE8DPLw= Subject key identifier: C5:48:C5:A4:43:29:CA:53:7B:CA:98:55:33:78:B5:16:66:88:3E:DD Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Certificate serial: 019BF9F6A3248ACDEEA9369697250A1DC74B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft Manifest number: 0827 Signing time: Mon 26 Jan 2026 11:00:48 +0000 Manifest this update: Mon 26 Jan 2026 11:00:48 +0000 Manifest next update: Tue 27 Jan 2026 11:00:48 +0000 Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: 0cpFQVLsbxFR4R6esQQpMx0w+HWo+QkjmCnmYlPts2Q=) 2: dshUZvB4McXbpCwuJto_ABAOvNQ.roa (hash: V5ln1lpZELvPyBOpg3oQ56WAm93C6lBYruWQT9Rpyxo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:f6:a3:24:8a:cd:ee:a9:36:96:97:25:0a:1d:c7:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Validity Not Before: Jan 26 11:00:48 2026 GMT Not After : Jan 27 11:00:48 2026 GMT Subject: CN=c548c5a44329ca537bca98553378b51666883edd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:97:2b:97:ff:61:c8:37:53:fe:8c:96:d3:eb: 38:2e:95:53:42:6b:83:ba:58:6f:2e:da:8a:0c:b2: 41:db:8d:c3:61:28:9b:70:90:5a:5a:5c:6b:ef:95: ad:d5:1b:fd:15:97:d1:ae:46:11:76:46:bb:7f:d3: da:d3:a3:7f:da:aa:6c:bb:47:0a:06:fb:50:e3:b1: a1:ac:a3:74:66:a4:cf:e7:ae:5a:1d:c7:38:ce:70: b5:01:f8:d8:47:04:f9:3b:0e:a1:ca:3f:ed:5e:db: 93:87:f0:d4:7e:79:f9:1f:94:ef:39:af:bd:97:69: d4:c4:6f:0f:0c:f2:1d:e8:4c:1d:82:7e:cb:a4:c3: 74:bc:2f:07:92:2b:b9:3b:90:2b:ba:b9:74:04:cc: 7a:16:cb:97:20:ec:94:86:cb:a4:29:c5:ee:89:a5: fd:a3:a0:38:d3:69:53:1f:3e:11:a3:0b:a2:b9:5d: 34:4d:81:df:27:c3:fe:22:2e:21:4c:63:f6:25:d2: 2f:3c:04:be:c4:ae:75:84:e2:80:7c:2c:d9:dd:63: 27:d7:22:f1:72:2d:27:aa:8a:30:75:9d:d4:d8:26: 7f:d9:da:00:5d:b4:18:0b:e0:d2:d5:bc:55:1c:97: af:c2:96:57:64:ff:34:c2:b6:e9:30:c0:18:4a:d2: 5f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:48:C5:A4:43:29:CA:53:7B:CA:98:55:33:78:B5:16:66:88:3E:DD X509v3 Authority Key Identifier: keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:a1:b1:36:fb:77:e4:d4:58:92:7b:50:5c:1d:ea:79:bc:af: c4:2b:16:2a:d6:15:d6:79:d7:29:e1:0f:ad:66:f9:35:cd:1c: 16:dd:00:11:50:4c:6f:80:f5:f0:9b:f4:e8:54:af:f6:ef:38: b2:ff:8c:dd:6c:2a:1b:6a:f8:1e:39:28:16:8f:25:02:df:9c: 10:0c:fb:0f:6a:a0:3f:f5:0a:f6:87:e3:d5:93:93:16:08:a5: d2:a9:6f:0b:b1:e2:50:ab:fb:01:50:c1:c5:3b:7d:53:ad:c8: 46:44:2d:b0:6d:0f:1f:c7:44:e5:77:c4:c1:01:7a:ab:4f:33: c9:e7:10:1d:26:1c:1e:b4:81:9f:60:99:57:3e:24:33:2b:63: 52:b9:02:92:ba:4d:2e:e6:6b:31:65:e5:a3:df:c4:a0:06:0a: 78:95:75:9e:aa:be:52:c5:05:f0:b7:c2:ca:99:07:31:4c:3b: 89:4c:a0:3f:c7:e2:ee:6b:58:c9:3c:68:d9:80:8c:ca:08:13: de:58:48:4d:78:9a:1f:e6:72:42:06:c5:bd:15:ce:82:01:22: ba:1b:e8:16:80:3f:b6:e0:37:a9:e3:d4:13:11:d0:4c:03:e6: 84:51:20:d6:b3:35:d9:06:5c:8e:30:c1:da:bf:1e:63:99:08: 28:ae:de:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv59qMkis3uqTaWlyUKHcdLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4 YTc5MzgwHhcNMjYwMTI2MTEwMDQ4WhcNMjYwMTI3MTEwMDQ4WjAzMTEwLwYDVQQD EyhjNTQ4YzVhNDQzMjljYTUzN2JjYTk4NTUzMzc4YjUxNjY2ODgzZWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJcrl/9hyDdT/oyW0+s4LpVTQmuD ulhvLtqKDLJB243DYSibcJBaWlxr75Wt1Rv9FZfRrkYRdka7f9Pa06N/2qpsu0cK BvtQ47GhrKN0ZqTP565aHcc4znC1AfjYRwT5Ow6hyj/tXtuTh/DUfnn5H5TvOa+9 l2nUxG8PDPId6Ewdgn7LpMN0vC8Hkiu5O5Arurl0BMx6FsuXIOyUhsukKcXuiaX9 o6A402lTHz4RowuiuV00TYHfJ8P+Ii4hTGP2JdIvPAS+xK51hOKAfCzZ3WMn1yLx ci0nqoowdZ3U2CZ/2doAXbQYC+DS1bxVHJevwpZXZP80wrbpMMAYStJfUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMVIxaRDKcpTe8qYVTN4tRZmiD7dMB8GA1UdIwQY MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6GxNvt3 5NRYkntQXB3qebyvxCsWKtYV1nnXKeEPrWb5Nc0cFt0AEVBMb4D18Jv06FSv9u84 sv+M3WwqG2r4HjkoFo8lAt+cEAz7D2qgP/UK9ofj1ZOTFgil0qlvC7HiUKv7AVDB xTt9U63IRkQtsG0PH8dE5XfEwQF6q08zyecQHSYcHrSBn2CZVz4kMytjUrkCkrpN LuZrMWXlo9/EoAYKeJV1nqq+UsUF8LfCypkHMUw7iUygP8fi7mtYyTxo2YCMyggT 3lhITXiaH+ZyQgbFvRXOggEiuhvoFoA/tuA3qePUExHQTAPmhFEg1rM12QZcjjDB 2r8eY5kIKK7eRA== -----END CERTIFICATE-----Generated at Mon Jan 26 18:58:25 2026 by rpki-client