This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json) Hash identifier: 0FFaVqwNTzjX49SbEnU76UpyYB6jicEbeLfR1IXjrAQ= Subject key identifier: D1:66:AF:D9:7E:4E:18:C7:96:9B:C9:29:BD:A6:E9:CF:61:49:1D:EF Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Certificate serial: 019BF5AC67CB077123875B775558A8E2AD61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft Manifest number: 0B15 Signing time: Sun 25 Jan 2026 15:01:15 +0000 Manifest this update: Sun 25 Jan 2026 15:01:15 +0000 Manifest next update: Mon 26 Jan 2026 15:01:15 +0000 Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: 9mxegQXXmVLuTXsIBGmR5KTlXGPHBTTIR5pWc5LqoU0=) 2: K7zaYiA4cUm1xenNoU5bzoYVcUA.roa (hash: loCWwpkjmfHoTvN0F0nQ8C+FbDYIJy/va2o4zLxPRX0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ac:67:cb:07:71:23:87:5b:77:55:58:a8:e2:ad:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Validity Not Before: Jan 25 15:01:15 2026 GMT Not After : Jan 26 15:01:15 2026 GMT Subject: CN=d166afd97e4e18c7969bc929bda6e9cf61491def Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1f:c2:9b:d9:78:bf:18:cc:69:8a:b6:24:68: 76:31:7f:f6:b9:c1:1e:ce:cc:c5:fe:88:59:b6:97: d3:2f:a6:04:05:2c:ba:00:6d:8d:eb:7d:2f:fd:12: 03:ba:4f:2c:a8:cc:28:cd:cb:64:50:73:2b:e3:cb: d2:f6:9b:6b:e6:a8:9e:70:8e:16:3d:1c:f2:49:87: 6a:72:92:e1:b4:bc:6b:29:0c:6b:a2:3e:b3:4d:a5: dd:2c:f0:8f:b1:03:73:7f:e8:9b:f5:e1:49:6d:02: d9:8b:b1:aa:33:1d:55:bd:1e:ae:45:c7:8b:99:28: 97:80:49:34:b3:90:a0:a7:32:29:57:05:2f:24:42: 73:c5:dc:f0:ff:e6:9a:cf:66:d9:c5:39:bd:b7:d7: 75:79:49:c4:a1:e1:21:f0:e9:96:1e:84:1c:9f:32: 4f:e2:09:f1:1b:42:7b:59:b8:26:ac:42:c0:6f:18: f5:db:4a:d8:c0:09:ff:6f:fb:3d:27:94:0a:31:86: 2e:cb:b1:ee:9c:49:1e:4c:60:d3:4d:ac:fa:f9:e2: 14:a2:21:fb:44:5f:e2:f1:79:6a:30:7d:47:6e:e0: dc:f6:7d:b6:24:55:bb:7d:8b:dd:27:7a:d8:f4:3a: 1e:2f:7e:33:96:2f:2e:0b:da:f7:93:8b:20:1a:bb: 76:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:66:AF:D9:7E:4E:18:C7:96:9B:C9:29:BD:A6:E9:CF:61:49:1D:EF X509v3 Authority Key Identifier: keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:60:e8:fd:bf:19:39:53:9a:66:07:f1:4b:c8:a8:4b:b0:98: 96:2d:94:f8:2a:83:3a:88:f6:4e:e3:c7:55:91:ef:c8:fd:72: a1:ea:e2:1d:a6:bd:38:28:88:80:54:97:e8:45:59:30:2f:71: 87:17:48:c6:fb:43:93:f3:36:7e:f2:32:1d:a7:32:2e:af:92: 67:16:ef:d7:91:77:11:18:e3:55:2a:ac:e8:a2:64:fd:d2:78: e1:df:2f:0c:82:c6:64:ba:b0:7b:f9:50:11:91:f5:f1:29:e5: b1:2a:71:40:07:6a:64:bb:b5:c0:60:f1:67:03:3e:c4:1a:8b: ef:5d:07:1c:f6:e5:7c:ee:f0:b4:b9:0e:46:b4:0a:16:80:e6: cd:33:21:c9:dc:65:86:31:16:e4:76:77:bd:4f:a8:a9:b2:8d: 54:ff:2e:2d:54:d7:c9:45:7a:c0:0b:1b:6c:f8:8b:fc:32:05: 34:a7:6f:f8:7b:7f:51:42:0b:86:23:30:39:8f:62:24:87:59: 5a:62:bd:2e:0a:ed:c7:56:12:7f:90:27:20:b6:f2:5c:12:6f: 12:d7:bb:c6:f5:a8:68:a3:47:22:91:3a:80:12:f1:23:b1:08: fd:0f:fa:ed:51:e0:37:ad:c6:95:d5:f4:ab:df:74:72:fe:e3: 0b:b4:4f:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1rGfLB3Ejh1t3VVio4q1hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5 MjQ5YTYwHhcNMjYwMTI1MTUwMTE1WhcNMjYwMTI2MTUwMTE1WjAzMTEwLwYDVQQD EyhkMTY2YWZkOTdlNGUxOGM3OTY5YmM5MjliZGE2ZTljZjYxNDkxZGVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx/Cm9l4vxjMaYq2JGh2MX/2ucEe zszF/ohZtpfTL6YEBSy6AG2N630v/RIDuk8sqMwozctkUHMr48vS9ptr5qiecI4W PRzySYdqcpLhtLxrKQxroj6zTaXdLPCPsQNzf+ib9eFJbQLZi7GqMx1VvR6uRceL mSiXgEk0s5CgpzIpVwUvJEJzxdzw/+aaz2bZxTm9t9d1eUnEoeEh8OmWHoQcnzJP 4gnxG0J7WbgmrELAbxj120rYwAn/b/s9J5QKMYYuy7HunEkeTGDTTaz6+eIUoiH7 RF/i8XlqMH1HbuDc9n22JFW7fYvdJ3rY9DoeL34zli8uC9r3k4sgGrt2DQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNFmr9l+ThjHlpvJKb2m6c9hSR3vMB8GA1UdIwQY MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAomDo/b8Z OVOaZgfxS8ioS7CYli2U+CqDOoj2TuPHVZHvyP1yoeriHaa9OCiIgFSX6EVZMC9x hxdIxvtDk/M2fvIyHacyLq+SZxbv15F3ERjjVSqs6KJk/dJ44d8vDILGZLqwe/lQ EZH18SnlsSpxQAdqZLu1wGDxZwM+xBqL710HHPblfO7wtLkORrQKFoDmzTMhydxl hjEW5HZ3vU+oqbKNVP8uLVTXyUV6wAsbbPiL/DIFNKdv+Ht/UUILhiMwOY9iJIdZ WmK9Lgrtx1YSf5AnILbyXBJvEte7xvWoaKNHIpE6gBLxI7EI/Q/67VHgN63GldX0 q990cv7jC7RPLA== -----END CERTIFICATE-----Generated at Sun Jan 25 22:52:47 2026 by rpki-client