This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json) Hash identifier: 1BsT84LGZQTHda7cw8RAG6FAAXaMFOXv5cDrjuwTstI= Subject key identifier: 04:1F:0A:EA:AB:48:3C:5F:FC:FC:38:8B:3A:CF:A3:17:D1:99:33:DB Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Certificate serial: 019BF6BF2F99C0DB4A989ADF2EB632AC6C67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft Manifest number: 0675 Signing time: Sun 25 Jan 2026 20:01:23 +0000 Manifest this update: Sun 25 Jan 2026 20:01:23 +0000 Manifest next update: Mon 26 Jan 2026 20:01:23 +0000 Files and hashes: 1: 2MeX37cZHGHHuxJtj1E28ddzIsI.roa (hash: LZd2fssCxVZOERqVCoqkBsBn4xYtLG5cKZGv8FiTdNw=) 2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: +g459yj6Bvwaau5AWflalW47G97+zIm5RHutb2dGtDQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:bf:2f:99:c0:db:4a:98:9a:df:2e:b6:32:ac:6c:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Validity Not Before: Jan 25 20:01:23 2026 GMT Not After : Jan 26 20:01:23 2026 GMT Subject: CN=041f0aeaab483c5ffcfc388b3acfa317d19933db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:a5:cb:24:c9:8e:1a:08:23:bd:23:a6:c6:58: 38:d3:c2:da:7d:6f:54:ea:89:9b:34:dc:39:df:b4: fb:d2:68:40:7b:e4:bb:cb:bf:32:5b:c8:6b:45:d0: 99:63:e7:1c:c7:97:8b:ba:ad:28:6d:8a:c5:d5:7b: 62:05:e1:3e:df:46:bd:eb:28:95:f2:1d:f1:df:92: 0d:a3:98:a6:11:a3:db:b3:6c:1b:90:c8:d9:bd:d0: 8c:6d:b7:0e:0c:f2:9c:58:7d:d1:3d:35:c1:e9:61: 2c:75:68:ae:47:8a:f1:40:db:39:c6:33:2b:a3:39: 7a:9a:af:e8:9e:f0:62:7c:5c:e2:d3:97:a0:ad:96: ce:92:18:b5:9f:bc:e6:3d:a9:31:34:9f:b6:70:c6: ef:a8:a3:be:cb:de:93:b1:21:0d:46:c2:3d:29:8b: 21:89:fb:e3:08:b2:6c:5e:c1:84:c3:52:e7:cc:2c: 6e:f7:8f:1c:de:bd:0f:27:ce:fd:37:e0:29:32:bf: 63:19:99:9b:8d:df:de:aa:97:e4:94:05:71:51:83: 08:29:5f:16:dd:1a:d1:03:fd:b1:c4:13:09:d8:45: 4d:eb:53:ce:0e:57:36:a4:35:cd:04:f2:21:7c:6b: a6:32:de:03:9e:d5:71:53:bc:4a:89:8d:50:7e:fa: 70:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:1F:0A:EA:AB:48:3C:5F:FC:FC:38:8B:3A:CF:A3:17:D1:99:33:DB X509v3 Authority Key Identifier: keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:a9:83:e2:6b:a8:df:62:b6:77:b7:9b:fd:fd:4b:02:82:f5: 0f:ff:3a:e3:9a:5f:24:c7:77:22:14:9d:30:56:9d:b7:1d:1f: 03:06:6f:60:0e:9b:fa:1a:1b:fb:cc:da:45:22:7f:a6:26:71: aa:53:a3:9b:21:fc:e2:24:11:d8:27:ca:ad:64:92:ae:fe:44: 2d:ea:66:b5:60:bc:70:af:28:02:22:3d:f8:a9:07:7d:17:53: e4:dc:a3:b0:15:77:5e:69:2b:14:05:8c:b7:24:7a:86:6f:be: fa:59:7a:ce:78:09:c1:02:f6:00:5c:91:a9:0f:c0:a6:c9:30: a0:02:ca:04:5b:7d:41:11:18:57:98:28:e3:2e:f6:85:b1:b1: e7:f8:0a:f9:b6:8f:a2:ca:17:a7:23:ac:bb:af:7a:db:5c:a5: a8:df:b3:b8:cb:0f:51:bb:e8:52:4e:a0:e4:52:1c:be:ac:dc: 17:89:2c:a3:28:a8:2e:5d:d3:e2:57:79:c1:a6:99:69:6e:dc: 6f:44:fe:4d:3e:dd:3e:44:86:15:b3:64:93:e0:61:41:9b:d9: ae:62:a4:76:56:47:b0:b3:e0:46:a4:a9:59:46:34:72:08:25: b4:f5:f5:86:d8:cd:51:05:06:b5:4b:78:10:8c:1b:c7:fb:fa: 0b:e3:de:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vy+ZwNtKmJrfLrYyrGxnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx ZWY1MTAwHhcNMjYwMTI1MjAwMTIzWhcNMjYwMTI2MjAwMTIzWjAzMTEwLwYDVQQD EygwNDFmMGFlYWFiNDgzYzVmZmNmYzM4OGIzYWNmYTMxN2QxOTkzM2RiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaXLJMmOGggjvSOmxlg408LafW9U 6ombNNw537T70mhAe+S7y78yW8hrRdCZY+ccx5eLuq0obYrF1XtiBeE+30a96yiV 8h3x35INo5imEaPbs2wbkMjZvdCMbbcODPKcWH3RPTXB6WEsdWiuR4rxQNs5xjMr ozl6mq/onvBifFzi05egrZbOkhi1n7zmPakxNJ+2cMbvqKO+y96TsSENRsI9KYsh ifvjCLJsXsGEw1LnzCxu948c3r0PJ879N+ApMr9jGZmbjd/eqpfklAVxUYMIKV8W 3RrRA/2xxBMJ2EVN61PODlc2pDXNBPIhfGumMt4DntVxU7xKiY1QfvpwxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAQfCuqrSDxf/Pw4izrPoxfRmTPbMB8GA1UdIwQY MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATamD4muo 32K2d7eb/f1LAoL1D/8645pfJMd3IhSdMFadtx0fAwZvYA6b+hob+8zaRSJ/piZx qlOjmyH84iQR2CfKrWSSrv5ELepmtWC8cK8oAiI9+KkHfRdT5NyjsBV3XmkrFAWM tyR6hm+++ll6zngJwQL2AFyRqQ/ApskwoALKBFt9QREYV5go4y72hbGx5/gK+baP osoXpyOsu69621ylqN+zuMsPUbvoUk6g5FIcvqzcF4ksoyioLl3T4ld5waaZaW7c b0T+TT7dPkSGFbNkk+BhQZvZrmKkdlZHsLPgRqSpWUY0cggltPX1htjNUQUGtUt4 EIwbx/v6C+Perw== -----END CERTIFICATE-----Generated at Mon Jan 26 01:33:29 2026 by rpki-client