This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft File: qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft (raw, json) Hash identifier: dSYdykWzLb2V5ziYjxrmRQsyTfdADWGNyjDIXQhqHsM= Subject key identifier: 84:F7:46:EB:71:20:4D:18:14:3C:82:B4:8B:BD:CA:F9:F7:94:52:EB Authority key identifier: A9:8E:59:43:C3:55:D4:8C:00:4E:6B:F4:A3:B6:CD:B8:C3:0A:DC:4C Certificate issuer: /CN=a98e5943c355d48c004e6bf4a3b6cdb8c30adc4c Certificate serial: 019BF61A3FE2FF74735D45BEB4934A4261D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft Manifest number: 17E9 Signing time: Sun 25 Jan 2026 17:01:13 +0000 Manifest this update: Sun 25 Jan 2026 17:01:13 +0000 Manifest next update: Mon 26 Jan 2026 17:01:13 +0000 Files and hashes: 1: TG-T28D3sM1IJX9-bR6zimuu3dQ.roa (hash: sKx/GRdEWeKSqR5AF1hTqJiMQ+ztWu0vS1aze4IWqmA=) 2: qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl (hash: ULp6KSyicuprdATcylfrYx4kCQXmIPTOM2IlZs0nr5w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:1a:3f:e2:ff:74:73:5d:45:be:b4:93:4a:42:61:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a98e5943c355d48c004e6bf4a3b6cdb8c30adc4c Validity Not Before: Jan 25 17:01:13 2026 GMT Not After : Jan 26 17:01:13 2026 GMT Subject: CN=84f746eb71204d18143c82b48bbdcaf9f79452eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3d:d6:a7:61:55:7f:47:e3:db:53:98:eb:77: 03:67:22:c3:c2:69:f5:8e:f2:b8:32:39:e6:34:56: 7b:05:7f:60:a7:f8:79:5d:49:4d:0e:34:09:c2:16: 2d:c0:ee:55:e6:79:2e:2d:8d:e2:d3:ce:51:2c:c3: 5f:72:81:2b:db:0e:ac:49:7b:46:44:e3:b3:20:2b: 3e:b5:a4:31:d5:c6:f6:c1:b2:5c:98:a8:93:04:4d: 6e:07:db:e1:34:c0:b1:e8:be:4e:3f:f4:de:c6:ec: 76:1a:f1:cb:8e:13:ed:b5:0e:d8:7d:7a:b2:61:7e: dc:3b:1a:40:f2:6f:7c:ae:ea:a4:57:f3:c7:45:ff: 18:01:99:41:72:df:5a:0d:d3:f7:ce:8c:d0:8d:0e: 98:fc:56:b2:9f:5a:c1:ae:76:f6:21:e1:09:19:9b: 89:95:0d:7a:a9:c0:34:36:38:74:02:21:21:4b:64: 52:ea:a3:36:f6:1d:03:41:d5:e6:d6:fe:61:b0:d4: 37:7c:e3:52:10:e3:4a:7f:2f:cb:59:ee:00:07:9d: d6:8b:d5:1d:02:8d:bc:87:19:b6:86:c7:7e:1f:5e: 6b:8c:fd:bc:51:5e:7e:0d:7f:6b:02:be:ac:c4:e1: 38:c3:44:c6:9d:dd:68:2c:3d:f7:e4:e1:8e:14:05: d4:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:F7:46:EB:71:20:4D:18:14:3C:82:B4:8B:BD:CA:F9:F7:94:52:EB X509v3 Authority Key Identifier: keyid:A9:8E:59:43:C3:55:D4:8C:00:4E:6B:F4:A3:B6:CD:B8:C3:0A:DC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:74:3d:cc:bc:ec:81:48:b1:1d:8c:5a:dd:49:47:1e:05:d9: ac:79:e5:9f:39:a5:b6:41:13:e9:aa:ac:b2:5e:70:c2:15:9a: 04:2b:00:25:72:31:7f:5a:81:1b:d2:d3:c9:e8:22:ee:12:38: a2:28:04:91:c0:d3:c4:29:a1:9f:59:d8:66:f3:5a:93:2b:e3: da:46:d2:22:1e:dd:5c:02:93:f4:37:c3:3d:d0:7f:fa:d4:f2: ae:11:04:0e:06:48:15:6c:01:63:46:2b:f1:1e:0b:75:71:0b: b7:25:ce:97:66:b5:23:99:8a:7a:26:5c:08:5c:e7:6d:ef:5b: df:60:58:68:f3:5b:a5:c2:31:36:3c:d3:bf:7c:7d:c6:9a:c3: 01:b4:97:62:8a:9a:93:91:4b:c3:42:74:c8:c0:e7:9c:12:0e: b4:32:6b:a1:11:6a:73:d8:e4:d2:0b:c4:b7:8c:bc:c7:4b:b8: 43:0e:d2:50:a2:57:54:bd:81:d1:e7:44:19:92:36:d3:c9:0e: 7b:a7:ca:91:d3:c8:38:43:ab:07:c2:e7:28:c7:9d:d5:78:29: d6:b6:05:b8:e9:99:cb:fe:e4:0a:40:e3:fb:ee:60:64:a4:08: e3:7b:a6:64:e7:ce:ae:84:e4:5a:32:b8:20:8e:c7:27:64:39: 49:ab:d1:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2Gj/i/3RzXUW+tJNKQmHWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5OGU1OTQzYzM1NWQ0OGMwMDRlNmJmNGEzYjZjZGI4YzMw YWRjNGMwHhcNMjYwMTI1MTcwMTEzWhcNMjYwMTI2MTcwMTEzWjAzMTEwLwYDVQQD Eyg4NGY3NDZlYjcxMjA0ZDE4MTQzYzgyYjQ4YmJkY2FmOWY3OTQ1MmViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD3Wp2FVf0fj21OY63cDZyLDwmn1 jvK4MjnmNFZ7BX9gp/h5XUlNDjQJwhYtwO5V5nkuLY3i085RLMNfcoEr2w6sSXtG ROOzICs+taQx1cb2wbJcmKiTBE1uB9vhNMCx6L5OP/Texux2GvHLjhPttQ7YfXqy YX7cOxpA8m98ruqkV/PHRf8YAZlBct9aDdP3zozQjQ6Y/Fayn1rBrnb2IeEJGZuJ lQ16qcA0Njh0AiEhS2RS6qM29h0DQdXm1v5hsNQ3fONSEONKfy/LWe4AB53Wi9Ud Ao28hxm2hsd+H15rjP28UV5+DX9rAr6sxOE4w0TGnd1oLD335OGOFAXUiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIT3RutxIE0YFDyCtIu9yvn3lFLrMB8GA1UdIwQY MBaAFKmOWUPDVdSMAE5r9KO2zbjDCtxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDkyY2QtN2ZlMy00MjIzLTgzNTAt M2M3NzNhNmM0MmY5LzEvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9jZDkyY2QtN2ZlMy00MjIzLTgzNTAtM2M3NzNhNmM0MmY5 LzEvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnQ9zLzs gUixHYxa3UlHHgXZrHnlnzmltkET6aqssl5wwhWaBCsAJXIxf1qBG9LTyegi7hI4 oigEkcDTxCmhn1nYZvNakyvj2kbSIh7dXAKT9DfDPdB/+tTyrhEEDgZIFWwBY0Yr 8R4LdXELtyXOl2a1I5mKeiZcCFznbe9b32BYaPNbpcIxNjzTv3x9xprDAbSXYoqa k5FLw0J0yMDnnBIOtDJroRFqc9jk0gvEt4y8x0u4Qw7SUKJXVL2B0edEGZI208kO e6fKkdPIOEOrB8LnKMed1Xgp1rYFuOmZy/7kCkDj++5gZKQI43umZOfOroTkWjK4 II7HJ2Q5SavR1w== -----END CERTIFICATE-----Generated at Mon Jan 26 00:18:24 2026 by rpki-client