This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft File: lb24W36o8fqvdR52xBR8gbYOmU0.mft (raw, json) Hash identifier: yjHMJx8mKSmPZBisWteTsJdnlk59+yFxFaGd/LlS6/I= Subject key identifier: 8C:D2:8D:57:29:AA:B8:BE:D8:31:AF:28:47:92:B9:35:D1:30:16:B2 Authority key identifier: 95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D Certificate issuer: /CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d Certificate serial: 019BF6BEE15FBA2EFBA81718977781C67B55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft Manifest number: 019C Signing time: Sun 25 Jan 2026 20:01:03 +0000 Manifest this update: Sun 25 Jan 2026 20:01:03 +0000 Manifest next update: Mon 26 Jan 2026 20:01:03 +0000 Files and hashes: 1: X3R-floHCctncemlohut39fAAWo.roa (hash: HcALHXWtxViwkG5KOnEw6VMEEbxHOixZaFpjLNGdypY=) 2: lb24W36o8fqvdR52xBR8gbYOmU0.crl (hash: AqFqeFgp9v28SKBqlFN45zaoAsSu1kb6uW4HEqjnijI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:be:e1:5f:ba:2e:fb:a8:17:18:97:77:81:c6:7b:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d Validity Not Before: Jan 25 20:01:03 2026 GMT Not After : Jan 26 20:01:03 2026 GMT Subject: CN=8cd28d5729aab8bed831af284792b935d13016b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:12:b6:f9:f4:59:cf:ca:6d:30:4a:f7:ee:6d: 28:35:48:b4:7c:c0:e4:d2:6c:d7:77:15:3f:bc:27: b6:d5:8a:f3:90:36:85:5e:e1:1b:da:81:e1:83:c6: 39:f6:2e:d6:0f:f5:06:63:d0:8e:d7:2b:c7:c7:6e: 44:0e:b9:79:8d:34:d9:73:47:14:a3:7e:cc:e7:fa: 0e:7a:00:3f:25:28:0a:0f:cd:51:23:2f:66:25:25: a3:13:10:d1:43:c5:29:51:f2:95:9f:bc:fd:bc:f4: a4:e7:ba:74:57:a4:9c:a0:83:3f:21:38:24:4a:d1: 16:51:26:d5:12:df:7b:99:52:5c:cb:4a:d4:bb:5f: 61:8f:03:f1:10:b8:c3:bf:4e:e6:fc:d3:8a:0f:19: 20:42:75:ce:81:28:64:c1:96:2e:d9:c5:ff:4c:41: a2:d8:df:8a:7d:15:10:44:e1:1a:68:4b:ad:8e:de: 11:84:e6:24:fe:9e:b9:fd:c4:a8:89:09:1a:7d:de: 3f:d9:6e:6a:09:b5:42:ef:c4:43:46:e8:c8:ca:83: 8f:f1:be:f6:40:97:3a:db:3c:da:8a:a6:f5:0e:7e: 0f:a3:e7:3a:18:09:65:f0:ed:2e:ea:72:13:b9:ce: 1a:f7:69:89:60:77:d7:56:be:d8:83:be:cc:b5:a8: 6c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D2:8D:57:29:AA:B8:BE:D8:31:AF:28:47:92:B9:35:D1:30:16:B2 X509v3 Authority Key Identifier: keyid:95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:57:b9:86:8f:98:e4:0a:7c:dc:c4:08:78:24:39:d0:25:07: 63:eb:12:6d:d2:bf:d8:9b:c5:c3:f5:38:bc:df:c3:dc:ce:67: 77:ec:e3:4a:7b:52:30:b0:aa:4e:c8:5e:35:77:1b:14:94:50: 53:43:be:54:09:17:f1:01:ee:8e:24:47:bd:73:93:91:10:36: 67:29:50:da:d3:81:e8:f6:be:2b:34:28:a3:37:16:26:6a:25: cd:7a:34:42:05:b4:9e:94:10:8a:ee:f7:04:ca:22:b1:8a:fa: 22:62:d6:5e:59:58:6f:3f:0b:9b:2f:f3:ee:24:a9:82:3f:32: 3d:72:85:1e:94:f6:47:5d:4d:dc:f0:10:3e:dd:11:34:ac:5e: 13:2a:18:14:cb:27:36:fb:d4:58:a1:c4:f2:4e:06:e1:d5:f6: 75:de:72:64:f3:a0:57:91:33:43:3d:ff:3a:2b:df:cb:81:ea: a6:db:5c:2b:c8:d8:e5:b5:08:fc:38:52:cb:32:a6:65:1e:6f: 0e:76:b5:5f:c3:23:b5:0d:38:eb:fe:19:b0:bc:68:30:e3:18: 9d:8f:89:2c:e9:ce:74:8d:e3:c2:2a:65:67:07:5b:23:0c:e9: 3e:27:42:8a:5b:04:f1:d6:37:b1:1f:18:87:da:2f:b2:f7:1d: ff:93:85:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vuFfui77qBcYl3eBxntVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YmRiODViN2VhOGYxZmFhZjc1MWU3NmM0MTQ3YzgxYjYw ZTk5NGQwHhcNMjYwMTI1MjAwMTAzWhcNMjYwMTI2MjAwMTAzWjAzMTEwLwYDVQQD Eyg4Y2QyOGQ1NzI5YWFiOGJlZDgzMWFmMjg0NzkyYjkzNWQxMzAxNmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RK2+fRZz8ptMEr37m0oNUi0fMDk 0mzXdxU/vCe21YrzkDaFXuEb2oHhg8Y59i7WD/UGY9CO1yvHx25EDrl5jTTZc0cU o37M5/oOegA/JSgKD81RIy9mJSWjExDRQ8UpUfKVn7z9vPSk57p0V6ScoIM/ITgk StEWUSbVEt97mVJcy0rUu19hjwPxELjDv07m/NOKDxkgQnXOgShkwZYu2cX/TEGi 2N+KfRUQROEaaEutjt4RhOYk/p65/cSoiQkafd4/2W5qCbVC78RDRujIyoOP8b72 QJc62zzaiqb1Dn4Po+c6GAll8O0u6nITuc4a92mJYHfXVr7Yg77Mtahs0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIzSjVcpqri+2DGvKEeSuTXRMBayMB8GA1UdIwQY MBaAFJW9uFt+qPH6r3UedsQUfIG2DplNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMt MTAyNDBjYTBiMTgyLzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMtMTAyNDBjYTBiMTgy LzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHFe5ho+Y 5Ap83MQIeCQ50CUHY+sSbdK/2JvFw/U4vN/D3M5nd+zjSntSMLCqTsheNXcbFJRQ U0O+VAkX8QHujiRHvXOTkRA2ZylQ2tOB6Pa+KzQoozcWJmolzXo0QgW0npQQiu73 BMoisYr6ImLWXllYbz8Lmy/z7iSpgj8yPXKFHpT2R11N3PAQPt0RNKxeEyoYFMsn NvvUWKHE8k4G4dX2dd5yZPOgV5EzQz3/Oivfy4HqpttcK8jY5bUI/DhSyzKmZR5v Dna1X8MjtQ046/4ZsLxoMOMYnY+JLOnOdI3jwiplZwdbIwzpPidCilsE8dY3sR8Y h9ovsvcd/5OF0w== -----END CERTIFICATE-----Generated at Mon Jan 26 02:48:01 2026 by rpki-client