This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft File: ctdCYWpoBB9_D80HkvOOQQOnncI.mft (raw, json) Hash identifier: IgqwzO7FHp6OIzEiSazAVP1qAiMr/RAO7E/cG4bFE6I= Subject key identifier: 68:66:0F:67:43:C2:2C:0B:50:22:25:45:E9:0A:0A:7C:FE:75:4C:54 Authority key identifier: 72:D7:42:61:6A:68:04:1F:7F:0F:CD:07:92:F3:8E:41:03:A7:9D:C2 Certificate issuer: /CN=72d742616a68041f7f0fcd0792f38e4103a79dc2 Certificate serial: 019BF42B90C70A4CEE4B30F42F13BA22E89F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft Manifest number: 04BA Signing time: Sun 25 Jan 2026 08:00:54 +0000 Manifest this update: Sun 25 Jan 2026 08:00:54 +0000 Manifest next update: Mon 26 Jan 2026 08:00:54 +0000 Files and hashes: 1: ctdCYWpoBB9_D80HkvOOQQOnncI.crl (hash: Op2OKXm5feWpMFmjimxYlQ32yb3I1I++3QLwAJfb+V4=) 2: m0MG-eJyS0zFzaAWWkTJJ5qGS-I.roa (hash: Iq+qXgVKWt2Kx6N9DmTJowNt5dRM8IzSViFs0l/+0uY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:2b:90:c7:0a:4c:ee:4b:30:f4:2f:13:ba:22:e8:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72d742616a68041f7f0fcd0792f38e4103a79dc2 Validity Not Before: Jan 25 08:00:54 2026 GMT Not After : Jan 26 08:00:54 2026 GMT Subject: CN=68660f6743c22c0b50222545e90a0a7cfe754c54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b2:0e:4c:8f:91:f6:ba:85:a7:75:d1:1a:f9: a7:72:a6:c2:8d:a6:83:94:5f:9b:85:ad:83:68:5b: cc:76:fd:af:ac:ac:e9:01:9f:be:7b:b7:42:b6:05: 21:96:54:6a:2a:db:49:9e:e5:cb:40:d0:0e:f5:ef: 88:1f:1f:ae:51:87:29:44:65:73:e0:7f:5e:83:b3: 98:35:c5:60:0e:ae:87:aa:a6:23:c0:3d:ea:4c:30: 8d:b9:81:a4:bb:ee:76:3d:74:b8:1a:d3:c7:47:62: 96:17:e2:33:1f:65:79:bc:d2:d8:03:c4:26:31:8b: 6a:31:2f:50:88:ba:ed:f2:7f:75:ed:27:51:8a:41: 9d:24:93:f1:79:47:4d:b3:c2:3b:30:fb:8f:c5:9f: 20:05:7b:20:fe:9a:8b:6f:9c:70:fe:da:e8:53:d2: 72:82:66:de:2f:e3:a2:04:34:d5:6f:59:a3:61:c6: cb:93:c4:84:99:c9:91:42:06:0b:24:bb:d0:9f:07: 57:15:b7:88:05:e0:18:10:68:ca:2c:68:06:4d:54: 22:fd:4b:da:40:13:82:7e:3e:ca:d8:29:69:a9:97: 9c:11:4f:c6:20:6a:95:06:e9:76:e6:62:2a:36:32: 4f:39:09:9f:89:a9:23:a2:74:23:8b:22:86:2e:11: 46:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:66:0F:67:43:C2:2C:0B:50:22:25:45:E9:0A:0A:7C:FE:75:4C:54 X509v3 Authority Key Identifier: keyid:72:D7:42:61:6A:68:04:1F:7F:0F:CD:07:92:F3:8E:41:03:A7:9D:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:93:26:48:4c:04:2d:ce:1f:85:2d:89:fb:b2:2c:bb:61:61: 19:53:af:47:31:e2:82:7b:ee:82:2b:27:19:a7:d9:05:49:34: 6a:25:c7:92:e5:53:70:a7:58:33:fa:9f:c8:c2:41:3e:e9:94: ad:1c:58:36:93:d1:c7:de:93:27:71:11:e0:2f:a9:f6:2b:35: 93:61:25:11:ed:e3:98:45:89:79:d1:78:85:3c:c6:e5:d3:81: 28:f1:9f:4b:17:a2:fc:ed:57:ed:b1:15:91:c3:be:9f:a4:da: 43:3d:28:bb:4b:13:31:79:49:89:ba:4c:9b:23:f0:3a:f6:a0: c1:e5:90:91:7c:db:13:77:3f:55:0b:67:ef:a2:64:cd:bf:fb: 9b:77:fc:30:28:1c:5b:07:15:ae:e4:aa:90:61:62:43:bc:40: cd:12:b6:fd:13:f5:7e:ee:cc:2b:88:6d:fe:f7:66:63:43:b3: 1d:6d:8d:6e:1d:cf:85:58:3c:c0:ea:9b:56:85:24:71:1c:af: 88:fc:ea:fc:98:00:09:65:29:07:d2:6e:0a:d4:5b:43:fb:ae: 24:f8:a9:77:f6:ba:e9:2a:30:15:eb:66:93:46:ac:d5:4b:64: 2d:71:30:c7:47:dd:95:b4:18:03:0b:7d:f3:89:8f:0e:58:cc: 49:81:b7:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0K5DHCkzuSzD0LxO6IuifMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZDc0MjYxNmE2ODA0MWY3ZjBmY2QwNzkyZjM4ZTQxMDNh NzlkYzIwHhcNMjYwMTI1MDgwMDU0WhcNMjYwMTI2MDgwMDU0WjAzMTEwLwYDVQQD Eyg2ODY2MGY2NzQzYzIyYzBiNTAyMjI1NDVlOTBhMGE3Y2ZlNzU0YzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLIOTI+R9rqFp3XRGvmncqbCjaaD lF+bha2DaFvMdv2vrKzpAZ++e7dCtgUhllRqKttJnuXLQNAO9e+IHx+uUYcpRGVz 4H9eg7OYNcVgDq6HqqYjwD3qTDCNuYGku+52PXS4GtPHR2KWF+IzH2V5vNLYA8Qm MYtqMS9QiLrt8n917SdRikGdJJPxeUdNs8I7MPuPxZ8gBXsg/pqLb5xw/troU9Jy gmbeL+OiBDTVb1mjYcbLk8SEmcmRQgYLJLvQnwdXFbeIBeAYEGjKLGgGTVQi/Uva QBOCfj7K2ClpqZecEU/GIGqVBul25mIqNjJPOQmfiakjonQjiyKGLhFGfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGhmD2dDwiwLUCIlRekKCnz+dUxUMB8GA1UdIwQY MBaAFHLXQmFqaAQffw/NB5LzjkEDp53CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmJkMjEtZDE0Ny00Yzc4LThkMmUt YTIwOWI5MGYyN2Q5LzEvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8yYmJkMjEtZDE0Ny00Yzc4LThkMmUtYTIwOWI5MGYyN2Q5 LzEvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZMmSEwE Lc4fhS2J+7Isu2FhGVOvRzHignvugisnGafZBUk0aiXHkuVTcKdYM/qfyMJBPumU rRxYNpPRx96TJ3ER4C+p9is1k2ElEe3jmEWJedF4hTzG5dOBKPGfSxei/O1X7bEV kcO+n6TaQz0ou0sTMXlJibpMmyPwOvagweWQkXzbE3c/VQtn76Jkzb/7m3f8MCgc WwcVruSqkGFiQ7xAzRK2/RP1fu7MK4ht/vdmY0OzHW2Nbh3PhVg8wOqbVoUkcRyv iPzq/JgACWUpB9JuCtRbQ/uuJPipd/a66SowFetmk0as1UtkLXEwx0fdlbQYAwt9 84mPDljMSYG3bQ== -----END CERTIFICATE-----Generated at Sun Jan 25 17:36:43 2026 by rpki-client