This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft File: _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json) Hash identifier: As1d8mma+1Be/GzEQL+7gLTxS/OnW5WQkMx4PoCrKe8= Subject key identifier: 9E:E8:48:FF:1D:75:4B:8B:7C:E0:86:C7:52:2F:7A:33:22:76:DC:67 Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Certificate serial: 019BF9C03F1C642D9C31A70ABD742EC5737A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft Manifest number: 0D43 Signing time: Mon 26 Jan 2026 10:01:24 +0000 Manifest this update: Mon 26 Jan 2026 10:01:24 +0000 Manifest next update: Tue 27 Jan 2026 10:01:24 +0000 Files and hashes: 1: H7yvjO1PteMvFud2cVf980xvhOM.roa (hash: RhQsj0SDsU/JKqzjG9Bf/mkgnMQmL8vD/s9sreGOu30=) 2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: IGVbqUzMpCP2cG4eE+QKWP49lzZpLckDTKx1KMi0zC4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:c0:3f:1c:64:2d:9c:31:a7:0a:bd:74:2e:c5:73:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8 Validity Not Before: Jan 26 10:01:24 2026 GMT Not After : Jan 27 10:01:24 2026 GMT Subject: CN=9ee848ff1d754b8b7ce086c7522f7a332276dc67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:74:55:eb:84:7a:b6:0a:15:bb:7f:cb:9d:46: 36:51:5e:37:10:bc:12:bf:f2:fe:e8:11:c8:72:8b: 14:2e:c2:91:77:cc:8c:3a:e2:c4:5b:5e:8f:28:67: b6:46:b3:c8:0d:2c:7a:34:3a:b7:5b:24:fd:16:ec: c8:f6:e6:2e:c7:3e:01:8a:53:5f:9a:a2:be:11:aa: 57:07:09:7f:5d:4d:8e:c1:b2:34:0a:76:97:fa:04: bd:5b:05:ba:0d:57:db:3c:61:61:57:a6:7d:28:b6: e5:79:b4:a4:c3:25:33:fb:03:4d:ed:06:f6:62:b9: 2b:d2:e0:e5:33:05:66:2c:b2:f2:a0:46:43:33:71: ed:89:e0:ad:87:6d:b7:59:90:f2:87:91:c6:24:d0: 79:40:39:66:f4:8a:5f:96:67:24:ae:0f:9b:ae:f4: 6e:e5:30:de:f0:3b:5a:bc:1c:15:e2:d0:f9:17:98: f1:d1:ba:cd:c7:fa:30:91:c5:e0:21:ce:df:72:34: d5:a4:8f:05:a0:bc:4a:9a:84:6e:80:44:14:d1:d8: 09:69:4b:3c:ec:a2:6e:af:89:53:06:35:0b:25:76: 74:96:0f:a6:03:f8:e4:79:ec:18:78:ba:41:3c:d0: b0:5e:ec:b9:31:92:2d:ec:13:f4:06:33:f1:9c:c2: d3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:E8:48:FF:1D:75:4B:8B:7C:E0:86:C7:52:2F:7A:33:22:76:DC:67 X509v3 Authority Key Identifier: keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:39:29:01:d5:50:ad:76:3f:04:3d:35:70:aa:9e:92:e3:3e: fa:c9:61:b9:83:b6:0e:3f:d9:e9:e0:9f:f9:26:37:d7:24:be: 10:17:a3:05:3e:5f:7b:5a:68:f7:9e:8b:1a:56:73:1a:57:27: e0:c8:ea:8c:46:c7:9a:c6:cb:a0:05:8a:d7:30:79:c0:c6:73: 28:95:12:de:64:8c:1e:7e:a4:5b:3d:fa:d5:4a:e8:18:4f:27: dd:02:a7:9e:94:3d:ca:73:25:46:be:c0:f7:f9:14:5d:c9:6e: 4e:31:91:07:6f:8b:aa:e5:d2:7a:0b:5e:04:4c:c1:ed:3c:4a: 11:a4:3f:ff:39:68:da:f2:ca:f2:7c:55:be:07:b1:e2:5d:dd: 0f:84:98:aa:54:e1:df:26:67:e2:39:fa:01:d3:e3:dd:f2:36: e0:a7:17:be:88:87:99:0f:a8:7e:5f:6b:80:03:1f:e6:37:4a: e5:56:1e:bc:77:77:56:b8:f6:62:b1:6d:54:8b:10:c8:65:d8: fe:d9:17:b4:11:0b:99:33:f9:1f:9a:86:22:5d:c8:40:49:c2: ab:cd:c9:82:46:10:05:69:d9:08:ea:3d:b1:6a:50:14:2f:bf: 5e:ee:d4:5a:17:e6:d7:6b:ee:87:68:f7:5d:24:e8:89:c6:09: 21:e5:a7:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5wD8cZC2cMacKvXQuxXN6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz M2U1ZDgwHhcNMjYwMTI2MTAwMTI0WhcNMjYwMTI3MTAwMTI0WjAzMTEwLwYDVQQD Eyg5ZWU4NDhmZjFkNzU0YjhiN2NlMDg2Yzc1MjJmN2EzMzIyNzZkYzY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonRV64R6tgoVu3/LnUY2UV43ELwS v/L+6BHIcosULsKRd8yMOuLEW16PKGe2RrPIDSx6NDq3WyT9FuzI9uYuxz4BilNf mqK+EapXBwl/XU2OwbI0CnaX+gS9WwW6DVfbPGFhV6Z9KLblebSkwyUz+wNN7Qb2 Yrkr0uDlMwVmLLLyoEZDM3HtieCth223WZDyh5HGJNB5QDlm9Ipflmckrg+brvRu 5TDe8DtavBwV4tD5F5jx0brNx/owkcXgIc7fcjTVpI8FoLxKmoRugEQU0dgJaUs8 7KJur4lTBjULJXZ0lg+mA/jkeewYeLpBPNCwXuy5MZIt7BP0BjPxnMLT4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ7oSP8ddUuLfOCGx1IvejMidtxnMB8GA1UdIwQY MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2 LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzkpAdVQ rXY/BD01cKqekuM++slhuYO2Dj/Z6eCf+SY31yS+EBejBT5fe1po956LGlZzGlcn 4MjqjEbHmsbLoAWK1zB5wMZzKJUS3mSMHn6kWz361UroGE8n3QKnnpQ9ynMlRr7A 9/kUXcluTjGRB2+LquXSegteBEzB7TxKEaQ//zlo2vLK8nxVvgex4l3dD4SYqlTh 3yZn4jn6AdPj3fI24KcXvoiHmQ+ofl9rgAMf5jdK5VYevHd3Vrj2YrFtVIsQyGXY /tkXtBELmTP5H5qGIl3IQEnCq83JgkYQBWnZCOo9sWpQFC+/Xu7UWhfm12vuh2j3 XSToicYJIeWnwg== -----END CERTIFICATE-----Generated at Mon Jan 26 13:12:53 2026 by rpki-client