This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json) Hash identifier: s7/HrKqw80eRK3jTldhNdBw37mgfwk8Jy+Ll5/z2VXU= Subject key identifier: AF:AF:AA:A7:C7:2A:C1:2E:16:0B:11:F1:94:A8:2C:22:29:44:36:A2 Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Certificate serial: 019BF83F2882ACB1FB810211FD09F9927842 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft Manifest number: 0112 Signing time: Mon 26 Jan 2026 03:00:47 +0000 Manifest this update: Mon 26 Jan 2026 03:00:47 +0000 Manifest next update: Tue 27 Jan 2026 03:00:47 +0000 Files and hashes: 1: BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa (hash: kLXCiyzJI0lL3gfuo31f6jHCm4NoCsgw/6nrJV+kat0=) 2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: uC8V5QlmTWaFBLKxmUcWCQY9AFQ6YqTWFs+RbgI3oZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:3f:28:82:ac:b1:fb:81:02:11:fd:09:f9:92:78:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Validity Not Before: Jan 26 03:00:47 2026 GMT Not After : Jan 27 03:00:47 2026 GMT Subject: CN=afafaaa7c72ac12e160b11f194a82c22294436a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:55:d2:42:26:9b:16:07:0f:a8:0f:42:34:9e: f5:c7:86:30:2f:1d:b2:d2:f0:be:19:70:e6:62:e5: 98:de:35:6f:98:14:5f:90:a8:69:0e:b2:29:d7:5e: d2:a6:b2:3e:26:99:98:da:3e:44:d1:4d:81:a0:5b: b3:78:80:e6:a9:46:0e:f4:0d:04:ac:b6:8a:53:ff: 51:9b:92:17:bf:d8:45:e1:ae:35:27:cb:19:69:30: d7:9b:6b:f1:9d:91:ca:9f:05:5d:8a:e2:05:24:7b: f7:8f:88:91:ac:26:ee:08:f6:4b:cc:58:81:f4:df: 93:c5:53:1f:76:a2:04:49:1f:02:21:62:cb:f0:69: 9b:f3:d6:5b:51:d1:66:54:e4:73:05:31:8f:db:6d: f6:40:72:59:a0:6d:bd:96:34:43:ca:94:8e:f2:e0: 55:b6:c7:6c:4c:f7:5a:07:f8:2a:6d:72:52:46:c5: 7c:4d:63:54:30:f8:66:8a:cc:b9:48:87:47:d2:33: d3:76:37:f5:96:07:41:3d:c6:38:78:d9:ab:6e:42: 45:60:6a:81:0b:72:67:79:6e:e0:69:e4:8a:dc:15: 6b:dc:07:37:74:bc:1f:bd:c0:0d:b8:24:23:86:c1: 53:09:a4:6c:a9:fa:dc:08:a9:23:1e:5e:f8:88:be: c6:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:AF:AA:A7:C7:2A:C1:2E:16:0B:11:F1:94:A8:2C:22:29:44:36:A2 X509v3 Authority Key Identifier: keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:2d:d8:b3:e1:4e:c6:77:60:a6:b0:d6:65:77:33:15:4f:19: 0e:b6:07:79:e4:bf:c5:42:fe:df:e3:61:e8:75:37:05:5a:af: a6:2f:fc:08:24:81:a9:2e:fd:23:de:2c:2f:4f:6a:52:40:b7: 7f:00:b0:9a:da:87:3c:da:9b:9d:7b:f0:eb:49:c3:3f:30:98: a7:6a:df:aa:fa:2b:a5:10:52:aa:ce:62:71:4c:a5:df:58:02: 47:14:b3:85:bb:d3:3b:e0:6f:11:60:99:66:38:f5:02:8a:fe: c7:6e:71:cf:8c:ff:7c:a4:ff:43:4d:f9:64:c3:82:e0:87:02: 92:d3:6d:8d:5e:b2:4e:bf:ba:0f:75:c5:bf:42:ec:11:52:ff: fc:96:80:cb:76:74:b8:d5:d2:69:88:4d:3e:4f:c2:1f:38:df: 5f:c8:0d:9c:b6:d1:62:16:63:4b:19:e3:2a:e9:67:f5:09:2b: 58:62:e5:49:bc:c3:e3:15:99:de:75:cb:8c:63:fe:75:73:d7: 4d:ab:7b:29:3a:db:64:6a:33:e2:fd:b9:d1:4b:5b:47:62:4b: 83:01:71:79:a7:ab:89:a3:46:71:fb:9d:8a:df:93:7b:9c:ed: 37:c3:be:db:34:1b:49:dc:e3:d3:7c:49:33:2e:c1:fc:3d:fb: 78:15:82:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4PyiCrLH7gQIR/Qn5knhCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1 ZTk2NjMwHhcNMjYwMTI2MDMwMDQ3WhcNMjYwMTI3MDMwMDQ3WjAzMTEwLwYDVQQD EyhhZmFmYWFhN2M3MmFjMTJlMTYwYjExZjE5NGE4MmMyMjI5NDQzNmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FXSQiabFgcPqA9CNJ71x4YwLx2y 0vC+GXDmYuWY3jVvmBRfkKhpDrIp117SprI+JpmY2j5E0U2BoFuzeIDmqUYO9A0E rLaKU/9Rm5IXv9hF4a41J8sZaTDXm2vxnZHKnwVdiuIFJHv3j4iRrCbuCPZLzFiB 9N+TxVMfdqIESR8CIWLL8Gmb89ZbUdFmVORzBTGP2232QHJZoG29ljRDypSO8uBV tsdsTPdaB/gqbXJSRsV8TWNUMPhmisy5SIdH0jPTdjf1lgdBPcY4eNmrbkJFYGqB C3JneW7gaeSK3BVr3Ac3dLwfvcANuCQjhsFTCaRsqfrcCKkjHl74iL7G4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK+vqqfHKsEuFgsR8ZSoLCIpRDaiMB8GA1UdIwQY MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfi3Ys+FO xndgprDWZXczFU8ZDrYHeeS/xUL+3+Nh6HU3BVqvpi/8CCSBqS79I94sL09qUkC3 fwCwmtqHPNqbnXvw60nDPzCYp2rfqvorpRBSqs5icUyl31gCRxSzhbvTO+BvEWCZ Zjj1Aor+x25xz4z/fKT/Q035ZMOC4IcCktNtjV6yTr+6D3XFv0LsEVL//JaAy3Z0 uNXSaYhNPk/CHzjfX8gNnLbRYhZjSxnjKuln9QkrWGLlSbzD4xWZ3nXLjGP+dXPX Tat7KTrbZGoz4v250UtbR2JLgwFxeaeriaNGcfudit+Te5ztN8O+2zQbSdzj03xJ My7B/D37eBWCdQ== -----END CERTIFICATE-----Generated at Mon Jan 26 11:47:10 2026 by rpki-client