This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft File: BYmfOXZIcDij-mNDlSsUtNBysz0.mft (raw, json) Hash identifier: 88jVLPmH+w3w6GTGPjUryfp+bN1yLdo84Ve2nqN2ODI= Subject key identifier: 4A:B2:B7:B8:29:AC:D4:52:41:EB:FD:65:97:1C:41:A5:9A:78:2D:91 Authority key identifier: 05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D Certificate issuer: /CN=05899f3976487038a3fa6343952b14b4d072b33d Certificate serial: 019BF6BEAB724531BDAE02BFF6B13FD1A789 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft Manifest number: 151D Signing time: Sun 25 Jan 2026 20:00:49 +0000 Manifest this update: Sun 25 Jan 2026 20:00:49 +0000 Manifest next update: Mon 26 Jan 2026 20:00:49 +0000 Files and hashes: 1: 0JPqCz5cVo8rTb1eJx0gidaWu88.roa (hash: SDGEZvOiOT/nixCGJaFSNPktvCrQB07+Pf6zV5KlOY4=) 2: BYmfOXZIcDij-mNDlSsUtNBysz0.crl (hash: TGYDfolmmq6cWHdPQhp5lhnx6ENGAfMaBQ9F3YUV8Kc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:be:ab:72:45:31:bd:ae:02:bf:f6:b1:3f:d1:a7:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05899f3976487038a3fa6343952b14b4d072b33d Validity Not Before: Jan 25 20:00:49 2026 GMT Not After : Jan 26 20:00:49 2026 GMT Subject: CN=4ab2b7b829acd45241ebfd65971c41a59a782d91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d3:35:17:cd:c7:9f:a2:83:b2:e1:08:42:b6: 06:c0:23:a9:88:24:f2:d5:a4:cf:db:dd:d6:8a:de: e0:bd:22:64:82:42:ff:58:33:e7:5f:25:01:3c:fc: d5:89:88:6c:a6:6c:c1:00:92:61:2d:36:65:cb:5d: 58:0a:00:3b:5d:c4:dd:9f:7b:2f:80:b9:2e:ff:f1: df:86:82:fd:97:63:ca:1b:f3:80:79:33:64:c2:a1: 23:f0:7b:9b:cd:2f:6c:36:e7:28:88:ac:a1:dd:a0: f3:6b:09:04:6d:30:b5:92:db:3d:44:07:e8:fe:75: b8:e8:6c:4a:62:56:ba:64:af:24:c5:e9:d2:6c:8d: 67:55:27:e2:3e:e1:b1:88:93:55:cf:4e:d9:21:12: 31:69:82:34:b0:90:49:10:dd:24:7f:55:9c:93:d3: ab:7c:9d:cc:20:4d:86:37:e5:91:2a:65:44:cf:9a: b9:4a:05:ce:b7:7c:de:a7:57:cf:2c:81:5c:cb:eb: 21:97:44:dc:5b:2a:00:41:7c:1c:6c:8c:ae:bf:45: 4c:97:ed:b6:8e:90:49:03:de:d9:ca:08:8d:1c:80: 2e:f0:bc:31:78:91:90:5e:db:f2:e5:d9:bd:02:a2: f2:09:97:84:ae:e6:b0:14:a9:ae:9c:a5:c0:51:a3: 25:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:B2:B7:B8:29:AC:D4:52:41:EB:FD:65:97:1C:41:A5:9A:78:2D:91 X509v3 Authority Key Identifier: keyid:05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:74:67:76:c3:ef:57:6c:cb:47:d6:67:e6:eb:41:40:26:1e: cc:58:10:2c:ac:8c:50:b7:01:32:5f:6e:7e:f6:04:0c:f9:4a: b9:0b:49:3c:15:13:4f:a2:4e:44:a5:c7:b7:e6:ea:56:87:1f: f2:17:72:4f:b4:e0:54:52:61:0d:d6:09:c7:ff:ad:d1:92:55: 47:89:51:c3:22:c0:b5:56:49:5d:87:75:06:06:e9:11:f2:37: 88:47:29:a6:1b:be:d5:75:88:9a:fe:36:5e:1e:cb:03:71:6a: cb:bc:8c:b1:33:15:39:69:19:5f:d1:4e:a1:48:ee:a7:12:c5: 29:64:7a:22:43:05:bd:6f:64:9e:8b:ba:2b:27:28:3a:9c:37: 0f:59:4b:64:3b:9c:72:c3:1a:8c:95:e4:39:f4:61:bf:2c:18: ad:55:b1:b2:91:3b:a1:d6:2f:e1:cc:b3:1d:f7:d2:8b:f5:ff: 74:a3:a9:4a:05:93:de:a2:4a:16:40:d7:07:59:ba:ab:49:29: 7b:3d:be:8f:25:2f:61:48:73:53:c5:f0:c1:6f:1a:4f:01:af: 1f:eb:99:a3:c2:a2:82:e7:5f:e7:f7:d7:c7:1e:d8:02:5f:9f: a4:97:30:7d:51:2f:77:61:b3:17:20:d5:83:f8:d1:b2:a9:9d: de:e2:ad:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vqtyRTG9rgK/9rE/0aeJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1ODk5ZjM5NzY0ODcwMzhhM2ZhNjM0Mzk1MmIxNGI0ZDA3 MmIzM2QwHhcNMjYwMTI1MjAwMDQ5WhcNMjYwMTI2MjAwMDQ5WjAzMTEwLwYDVQQD Eyg0YWIyYjdiODI5YWNkNDUyNDFlYmZkNjU5NzFjNDFhNTlhNzgyZDkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9M1F83Hn6KDsuEIQrYGwCOpiCTy 1aTP293Wit7gvSJkgkL/WDPnXyUBPPzViYhspmzBAJJhLTZly11YCgA7XcTdn3sv gLku//HfhoL9l2PKG/OAeTNkwqEj8HubzS9sNucoiKyh3aDzawkEbTC1kts9RAfo /nW46GxKYla6ZK8kxenSbI1nVSfiPuGxiJNVz07ZIRIxaYI0sJBJEN0kf1Wck9Or fJ3MIE2GN+WRKmVEz5q5SgXOt3zep1fPLIFcy+shl0TcWyoAQXwcbIyuv0VMl+22 jpBJA97ZygiNHIAu8LwxeJGQXtvy5dm9AqLyCZeEruawFKmunKXAUaMlIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEqyt7gprNRSQev9ZZccQaWaeC2RMB8GA1UdIwQY MBaAFAWJnzl2SHA4o/pjQ5UrFLTQcrM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzIt MDhjMjEyMzU4MGVkLzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzItMDhjMjEyMzU4MGVk LzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXRndsPv V2zLR9Zn5utBQCYezFgQLKyMULcBMl9ufvYEDPlKuQtJPBUTT6JORKXHt+bqVocf 8hdyT7TgVFJhDdYJx/+t0ZJVR4lRwyLAtVZJXYd1BgbpEfI3iEcpphu+1XWImv42 Xh7LA3Fqy7yMsTMVOWkZX9FOoUjupxLFKWR6IkMFvW9knou6KycoOpw3D1lLZDuc csMajJXkOfRhvywYrVWxspE7odYv4cyzHffSi/X/dKOpSgWT3qJKFkDXB1m6q0kp ez2+jyUvYUhzU8XwwW8aTwGvH+uZo8Kigudf5/fXxx7YAl+fpJcwfVEvd2GzFyDV g/jRsqmd3uKtVQ== -----END CERTIFICATE-----Generated at Sun Jan 25 22:34:47 2026 by rpki-client