This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft File: xU9qEXeCbFq2S9OvATiptXpLkeU.mft (raw, json) Hash identifier: Vzkj3SjHd8ndZPcekPFhuYt00E9Jr46lPUY5yRTXBFc= Subject key identifier: CA:70:C0:51:E6:E0:C5:B6:63:E7:04:38:85:18:5E:1B:95:5E:34:05 Authority key identifier: C5:4F:6A:11:77:82:6C:5A:B6:4B:D3:AF:01:38:A9:B5:7A:4B:91:E5 Certificate issuer: /CN=c54f6a1177826c5ab64bd3af0138a9b57a4b91e5 Certificate serial: 019BF5E400DB4F40A9996DD39ED1468A09BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft Manifest number: 7A Signing time: Sun 25 Jan 2026 16:01:58 +0000 Manifest this update: Sun 25 Jan 2026 16:01:58 +0000 Manifest next update: Mon 26 Jan 2026 16:01:58 +0000 Files and hashes: 1: AAL-YY9GVuWqbLX5GG1k3ImctWA.roa (hash: dOcDqpARrTucPUNtlVinnlKcwBaTZo2MLnDCrG84YIw=) 2: xU9qEXeCbFq2S9OvATiptXpLkeU.crl (hash: fiswTLwBSP2FKj1YzS3H+/gE9O8NuGOfG2A4bwCVybg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:e4:00:db:4f:40:a9:99:6d:d3:9e:d1:46:8a:09:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c54f6a1177826c5ab64bd3af0138a9b57a4b91e5 Validity Not Before: Jan 25 16:01:58 2026 GMT Not After : Jan 26 16:01:58 2026 GMT Subject: CN=ca70c051e6e0c5b663e7043885185e1b955e3405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:a6:ae:68:68:55:21:b0:1b:9a:5a:92:8e:83: 0a:50:6e:6c:4a:65:06:42:73:d4:3c:1f:a9:3e:d6: 5d:d0:fc:6a:52:78:e4:3b:94:c7:72:86:aa:61:e7: 8f:84:d0:7a:e1:d8:ee:03:89:ae:f1:01:48:11:56: bd:d4:44:51:36:12:ad:24:d9:dc:a6:57:28:96:94: cf:e8:48:4b:5e:4a:38:f2:73:ce:76:bc:68:4e:5b: b0:61:16:73:af:60:99:d9:c4:ad:65:fd:e3:9f:a2: e9:1c:0b:45:1e:a7:2c:0b:6b:7d:99:78:62:1b:67: ff:a2:ac:b1:2b:0f:d6:66:73:26:26:65:4c:b0:ee: e0:38:fb:60:e7:05:f6:0f:a1:6c:fd:38:af:98:b0: 09:a7:82:d3:f3:46:04:9e:85:bc:cd:06:8a:8e:1a: 85:bf:c5:c7:dc:15:1d:78:b3:e8:29:63:e6:20:32: 96:3a:a1:b7:c5:37:92:3f:34:93:fc:22:5a:57:af: ee:6d:d9:e0:c5:36:c9:94:d1:01:e1:c4:af:55:60: 35:11:cd:37:1c:84:2f:71:66:57:58:dc:1d:63:9b: 34:23:b0:a0:85:9e:99:77:ed:5d:51:6c:f9:1a:89: d8:ff:12:a8:c3:3e:2b:f4:fd:ef:8e:d8:cd:e3:c5: 43:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:70:C0:51:E6:E0:C5:B6:63:E7:04:38:85:18:5E:1B:95:5E:34:05 X509v3 Authority Key Identifier: keyid:C5:4F:6A:11:77:82:6C:5A:B6:4B:D3:AF:01:38:A9:B5:7A:4B:91:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU9qEXeCbFq2S9OvATiptXpLkeU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f367-3b9e-49d4-9686-2ea8ace5b95e/1/xU9qEXeCbFq2S9OvATiptXpLkeU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:ae:ba:52:66:b7:6a:97:d2:46:35:e5:7a:c1:ce:7b:a7:a6: 7e:d0:ea:eb:32:ab:95:8f:6f:6c:cb:62:28:e2:2e:6b:0c:bc: b6:00:64:b4:a5:1d:71:a2:3a:e5:55:29:2f:d6:92:ae:e9:2b: 60:88:27:5a:f8:cb:51:d8:41:df:42:f3:08:1c:6f:10:eb:f7: dc:c7:bb:5d:a4:5c:df:37:6d:49:ab:5f:19:94:bd:f3:f8:b2: ac:66:74:0e:ab:62:5b:16:69:73:2f:69:cf:d3:c5:99:22:ed: c3:f8:3f:91:dd:46:39:c6:20:87:d1:c6:ad:cd:9d:25:37:a0: 50:a1:97:95:a9:81:ca:04:fd:0a:ae:29:df:70:47:6b:08:52: 56:8b:f6:ac:28:53:04:ed:81:77:28:c0:dc:36:fb:d0:7e:7d: 56:ef:80:8b:b8:e6:67:cd:da:34:a3:cc:f6:29:bb:14:ea:82: 4f:70:51:e0:30:00:67:a0:c7:15:99:72:65:9e:60:8d:27:c9: 36:48:0b:79:4d:a6:5d:b1:44:cd:2c:fd:a7:b4:26:00:4a:2b: 87:e4:ce:59:9d:79:d3:ad:de:33:f5:1c:3e:26:9e:d6:8c:43: 0d:2e:07:57:d2:80:9f:87:9c:9c:29:06:48:ec:19:11:c4:12: 96:60:09:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv15ADbT0CpmW3TntFGigm6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1NGY2YTExNzc4MjZjNWFiNjRiZDNhZjAxMzhhOWI1N2E0 YjkxZTUwHhcNMjYwMTI1MTYwMTU4WhcNMjYwMTI2MTYwMTU4WjAzMTEwLwYDVQQD EyhjYTcwYzA1MWU2ZTBjNWI2NjNlNzA0Mzg4NTE4NWUxYjk1NWUzNDA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqauaGhVIbAbmlqSjoMKUG5sSmUG QnPUPB+pPtZd0PxqUnjkO5THcoaqYeePhNB64djuA4mu8QFIEVa91ERRNhKtJNnc plcolpTP6EhLXko48nPOdrxoTluwYRZzr2CZ2cStZf3jn6LpHAtFHqcsC2t9mXhi G2f/oqyxKw/WZnMmJmVMsO7gOPtg5wX2D6Fs/TivmLAJp4LT80YEnoW8zQaKjhqF v8XH3BUdeLPoKWPmIDKWOqG3xTeSPzST/CJaV6/ubdngxTbJlNEB4cSvVWA1Ec03 HIQvcWZXWNwdY5s0I7CghZ6Zd+1dUWz5GonY/xKowz4r9P3vjtjN48VDgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMpwwFHm4MW2Y+cEOIUYXhuVXjQFMB8GA1UdIwQY MBaAFMVPahF3gmxatkvTrwE4qbV6S5HlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGYzNjctM2I5ZS00OWQ0LTk2ODYt MmVhOGFjZTViOTVlLzEveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8xNGYzNjctM2I5ZS00OWQ0LTk2ODYtMmVhOGFjZTViOTVl LzEveFU5cUVYZUNiRnEyUzlPdkFUaXB0WHBMa2VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY666Uma3 apfSRjXlesHOe6emftDq6zKrlY9vbMtiKOIuawy8tgBktKUdcaI65VUpL9aSrukr YIgnWvjLUdhB30LzCBxvEOv33Me7XaRc3zdtSatfGZS98/iyrGZ0DqtiWxZpcy9p z9PFmSLtw/g/kd1GOcYgh9HGrc2dJTegUKGXlamBygT9Cq4p33BHawhSVov2rChT BO2BdyjA3Db70H59Vu+Ai7jmZ83aNKPM9im7FOqCT3BR4DAAZ6DHFZlyZZ5gjSfJ NkgLeU2mXbFEzSz9p7QmAEorh+TOWZ15063eM/UcPiae1oxDDS4HV9KAn4ecnCkG SOwZEcQSlmAJfw== -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:55 2026 by rpki-client