This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft File: QA4H15n7NVyVICXz0nsA6bTuNO0.mft (raw, json) Hash identifier: AiHQpfXhIc0czVyTSnrG+8h3neFoJySyks/7thujZt4= Subject key identifier: 89:1C:28:7A:D6:4D:41:AB:17:48:5B:F5:00:B4:1C:6F:05:E7:FB:95 Authority key identifier: 40:0E:07:D7:99:FB:35:5C:95:20:25:F3:D2:7B:00:E9:B4:EE:34:ED Certificate issuer: /CN=400e07d799fb355c952025f3d27b00e9b4ee34ed Certificate serial: 019BF4D036419E3B9C28F9BAC3C360E1C09C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft Manifest number: 0A51 Signing time: Sun 25 Jan 2026 11:00:44 +0000 Manifest this update: Sun 25 Jan 2026 11:00:44 +0000 Manifest next update: Mon 26 Jan 2026 11:00:44 +0000 Files and hashes: 1: QA4H15n7NVyVICXz0nsA6bTuNO0.crl (hash: r8pq/NKPlojTM1gBvsSxcVfY3Y1g4Sp5aOTty2pTkVg=) 2: YFsmm4apHvY6ZL8EsMyBPmZGQ-E.roa (hash: QK8FK49xDAR7s4a20/0YVNHlxDPHbZSZvfiRmsUbSrc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:d0:36:41:9e:3b:9c:28:f9:ba:c3:c3:60:e1:c0:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400e07d799fb355c952025f3d27b00e9b4ee34ed Validity Not Before: Jan 25 11:00:44 2026 GMT Not After : Jan 26 11:00:44 2026 GMT Subject: CN=891c287ad64d41ab17485bf500b41c6f05e7fb95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:49:58:73:98:78:1e:80:27:9d:e5:9b:fc:f2: 12:65:94:75:44:fa:42:fc:b5:6a:54:0c:56:a7:e1: 41:72:3f:a7:d8:6e:bd:9a:ce:a2:41:4a:60:6f:0d: 0e:2f:7c:f3:e8:f4:eb:79:02:9c:ab:83:a1:47:06: 20:2a:28:cc:9c:e8:5c:88:1b:bd:d3:85:a7:f1:a0: 8f:e8:ef:39:4b:77:dd:c3:71:22:18:9f:de:99:fc: 24:cc:cf:e1:f3:16:7c:c6:73:5b:37:7d:74:57:f0: 31:c5:e0:57:2b:69:5e:95:a5:77:71:ad:64:31:18: 79:59:96:de:ef:30:31:3b:bf:3e:33:71:62:88:1b: 28:08:82:48:aa:4d:d1:db:08:96:39:18:67:ff:d9: 71:02:95:00:39:5e:7c:9c:84:bb:25:73:c0:0b:b3: 4d:9b:06:e5:63:d8:27:75:6d:51:ea:e2:3b:3a:bf: 1f:3e:34:15:58:30:92:fb:84:c5:7a:57:94:fe:1f: fc:2f:af:ba:fb:bd:44:45:70:24:68:cc:c4:0e:c3: 2d:21:88:bc:92:f8:a6:8d:f4:57:83:09:24:c4:c2: af:50:15:a9:f0:48:84:b4:90:c0:5f:b4:a9:70:5e: 3a:87:c7:85:7c:f8:12:15:a3:30:71:4e:0a:2b:d6: 11:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:1C:28:7A:D6:4D:41:AB:17:48:5B:F5:00:B4:1C:6F:05:E7:FB:95 X509v3 Authority Key Identifier: keyid:40:0E:07:D7:99:FB:35:5C:95:20:25:F3:D2:7B:00:E9:B4:EE:34:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA4H15n7NVyVICXz0nsA6bTuNO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f36b6-d701-4335-af30-48fe633b1b3f/1/QA4H15n7NVyVICXz0nsA6bTuNO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:4d:3c:c0:f8:0e:7f:f5:c8:5d:e5:94:44:5b:9e:9a:82:20: 9f:5b:b7:ae:95:ef:12:e1:e8:1e:44:f1:23:47:e6:37:9a:b7: 57:97:43:6b:e6:91:e9:d3:da:4e:e0:1c:ba:2d:86:16:13:b5: ab:f3:93:35:ee:2c:68:cb:76:c3:5d:94:40:ab:47:ce:1c:ba: 56:ae:c0:47:34:3e:18:2d:a1:7f:43:9b:18:09:5d:23:25:5d: 29:06:f7:6e:55:d1:a0:30:ce:2c:17:28:04:2f:8e:c8:74:49: 85:72:a4:2b:4b:57:ae:e4:3f:28:61:81:a9:c3:e4:d4:ae:89: 97:fb:10:42:e2:15:27:00:27:76:68:81:65:d3:27:e9:49:bc: 9b:06:cb:25:67:50:64:6c:16:cf:74:fd:12:75:b7:af:de:53: 51:52:13:3e:15:d6:d2:54:cc:b9:26:b0:28:3e:48:21:a5:02: d9:96:a7:bd:5c:69:0d:e1:f2:fa:18:52:e7:e6:3c:0c:30:c3: 34:1c:04:ff:e2:fe:83:e9:17:17:9d:ff:f2:8a:e8:4e:df:44: 19:50:da:b1:2b:8f:d9:46:61:e5:fb:6d:ef:c2:d6:2d:f0:ef: ae:e3:dd:0a:09:6b:44:56:33:69:ee:61:90:d5:0f:02:90:60: 2b:80:36:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv00DZBnjucKPm6w8Ng4cCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMGUwN2Q3OTlmYjM1NWM5NTIwMjVmM2QyN2IwMGU5YjRl ZTM0ZWQwHhcNMjYwMTI1MTEwMDQ0WhcNMjYwMTI2MTEwMDQ0WjAzMTEwLwYDVQQD Eyg4OTFjMjg3YWQ2NGQ0MWFiMTc0ODViZjUwMGI0MWM2ZjA1ZTdmYjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvElYc5h4HoAnneWb/PISZZR1RPpC /LVqVAxWp+FBcj+n2G69ms6iQUpgbw0OL3zz6PTreQKcq4OhRwYgKijMnOhciBu9 04Wn8aCP6O85S3fdw3EiGJ/emfwkzM/h8xZ8xnNbN310V/AxxeBXK2lelaV3ca1k MRh5WZbe7zAxO78+M3FiiBsoCIJIqk3R2wiWORhn/9lxApUAOV58nIS7JXPAC7NN mwblY9gndW1R6uI7Or8fPjQVWDCS+4TFeleU/h/8L6+6+71ERXAkaMzEDsMtIYi8 kvimjfRXgwkkxMKvUBWp8EiEtJDAX7SpcF46h8eFfPgSFaMwcU4KK9YRcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIkcKHrWTUGrF0hb9QC0HG8F5/uVMB8GA1UdIwQY MBaAFEAOB9eZ+zVclSAl89J7AOm07jTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjM2YjYtZDcwMS00MzM1LWFmMzAt NDhmZTYzM2IxYjNmLzEvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8yZjM2YjYtZDcwMS00MzM1LWFmMzAtNDhmZTYzM2IxYjNm LzEvUUE0SDE1bjdOVnlWSUNYejBuc0E2YlR1Tk8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVU08wPgO f/XIXeWURFuemoIgn1u3rpXvEuHoHkTxI0fmN5q3V5dDa+aR6dPaTuAcui2GFhO1 q/OTNe4saMt2w12UQKtHzhy6Vq7ARzQ+GC2hf0ObGAldIyVdKQb3blXRoDDOLBco BC+OyHRJhXKkK0tXruQ/KGGBqcPk1K6Jl/sQQuIVJwAndmiBZdMn6Um8mwbLJWdQ ZGwWz3T9EnW3r95TUVITPhXW0lTMuSawKD5IIaUC2ZanvVxpDeHy+hhS5+Y8DDDD NBwE/+L+g+kXF53/8oroTt9EGVDasSuP2UZh5ftt78LWLfDvruPdCglrRFYzae5h kNUPApBgK4A2pQ== -----END CERTIFICATE-----Generated at Sun Jan 25 16:18:59 2026 by rpki-client