This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft File: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft (raw, json) Hash identifier: cx/U+GMP2ty6IoubDqvpVapWdf4K3+qBCbZCdX5xdJc= Subject key identifier: A2:61:13:64:13:FB:C8:7E:7B:82:11:92:93:2C:30:28:66:A6:99:12 Authority key identifier: 5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 Certificate issuer: /CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Certificate serial: 019BF42C2CD5F4F1B74362D2BCB1DFFDEB38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft Manifest number: 071C Signing time: Sun 25 Jan 2026 08:01:34 +0000 Manifest this update: Sun 25 Jan 2026 08:01:34 +0000 Manifest next update: Mon 26 Jan 2026 08:01:34 +0000 Files and hashes: 1: THdWL7NkPv4mTySRB7BlP8UazKk.roa (hash: 1vgf1jLYUS95We+9isSyrDAIekez9YYY5fniWvh9gyE=) 2: XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl (hash: zIIO88KaBbZwVgRlEkBlJvMKor12PRMDbbFZ5aJOFvg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:2c:2c:d5:f4:f1:b7:43:62:d2:bc:b1:df:fd:eb:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da38f7c3ecad29ec50644b70068b92a1be47074 Validity Not Before: Jan 25 08:01:34 2026 GMT Not After : Jan 26 08:01:34 2026 GMT Subject: CN=a261136413fbc87e7b821192932c302866a69912 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:1d:bb:b1:85:3f:86:98:85:e2:50:83:10:6e: dc:11:17:a7:4f:1f:c7:a2:ff:15:57:01:b0:31:cd: 83:67:e2:4e:04:7e:3a:09:2b:0d:69:43:ce:e7:47: ed:db:ea:53:b4:fb:3e:1a:d0:1b:e9:88:1f:f7:ed: d5:b4:33:12:1a:70:20:4a:e2:2f:83:7c:05:43:b4: 20:f7:6e:7b:88:3d:02:42:85:5f:a2:9f:61:07:a2: f1:05:9a:72:c9:43:4e:f8:15:cb:da:76:85:90:54: f9:ae:49:0e:0e:18:60:81:58:47:81:c6:18:a9:5c: 39:6a:57:9a:6b:5d:e4:e7:ec:96:30:ed:2e:a7:33: 7f:bb:19:c1:71:8b:46:32:fa:4b:cf:c1:25:1e:a0: 53:66:14:07:fb:4f:2f:19:bd:e6:67:4a:ce:83:35: ce:11:45:50:7c:9a:b1:a0:d4:e5:e5:25:9f:03:1f: c4:11:57:18:d5:02:f2:0c:4f:78:60:d0:35:49:1b: 25:93:aa:a7:b9:c3:c7:5f:ea:c2:32:06:fa:2f:04: 43:bc:d1:06:3d:cd:3e:d7:7f:79:f5:35:0e:ca:29: 27:2b:a9:cf:f4:14:67:f3:18:e4:fa:03:f6:36:e7: c8:46:30:12:e9:85:a6:cf:df:19:c6:4c:6d:af:40: ad:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:61:13:64:13:FB:C8:7E:7B:82:11:92:93:2C:30:28:66:A6:99:12 X509v3 Authority Key Identifier: keyid:5D:A3:8F:7C:3E:CA:D2:9E:C5:06:44:B7:00:68:B9:2A:1B:E4:70:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/bba8e7-b9d2-4d9b-88b9-9408f1bc0d12/1/XaOPfD7K0p7FBkS3AGi5KhvkcHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:47:4f:8d:26:d4:fe:7b:64:2c:d2:35:ee:ba:82:20:10:67: 36:41:05:be:77:8b:2a:cc:6b:7d:0b:81:ea:02:14:1f:2b:e0: 74:89:27:e4:97:16:0d:0d:db:ba:71:b5:6b:a3:60:3c:ca:6e: 5d:44:bd:b8:11:17:98:4f:ec:6b:f2:79:3e:5b:52:fc:d9:b2: 90:91:a0:f5:1f:30:9a:17:0a:a7:b4:5a:04:42:66:38:ff:e7: 72:f5:b4:a2:48:c3:b3:c1:9d:1b:99:b4:48:c1:41:18:0e:8d: c9:df:4f:82:85:a9:5d:9e:a8:02:05:74:9d:94:f5:d5:93:cd: 99:6a:97:59:88:8a:d4:fc:d5:22:86:c2:9d:91:88:fc:ec:47: b1:0e:12:83:c8:9c:3d:ff:1d:40:64:96:11:6f:4a:84:0e:27: 94:a4:3e:aa:96:ed:8e:50:ad:67:d5:8a:4a:81:62:6d:29:c3: 0c:0b:1d:a4:35:1a:c6:66:01:d9:7e:f0:cb:2f:d2:4e:1d:f9: 1d:89:a0:09:a0:34:62:b6:6b:d7:85:76:ab:fa:05:2f:f1:9c: 46:92:bb:d2:c5:50:ea:cd:64:b2:ca:39:8a:39:27:be:2f:a3: c0:92:fd:54:c9:aa:04:c4:0d:dc:cd:0f:c8:7c:71:0f:81:22: 3b:3f:e9:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0LCzV9PG3Q2LSvLHf/es4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYTM4ZjdjM2VjYWQyOWVjNTA2NDRiNzAwNjhiOTJhMWJl NDcwNzQwHhcNMjYwMTI1MDgwMTM0WhcNMjYwMTI2MDgwMTM0WjAzMTEwLwYDVQQD EyhhMjYxMTM2NDEzZmJjODdlN2I4MjExOTI5MzJjMzAyODY2YTY5OTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3x27sYU/hpiF4lCDEG7cERenTx/H ov8VVwGwMc2DZ+JOBH46CSsNaUPO50ft2+pTtPs+GtAb6Ygf9+3VtDMSGnAgSuIv g3wFQ7Qg9257iD0CQoVfop9hB6LxBZpyyUNO+BXL2naFkFT5rkkODhhggVhHgcYY qVw5aleaa13k5+yWMO0upzN/uxnBcYtGMvpLz8ElHqBTZhQH+08vGb3mZ0rOgzXO EUVQfJqxoNTl5SWfAx/EEVcY1QLyDE94YNA1SRslk6qnucPHX+rCMgb6LwRDvNEG Pc0+13959TUOyiknK6nP9BRn8xjk+gP2NufIRjAS6YWmz98Zxkxtr0CtwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKJhE2QT+8h+e4IRkpMsMChmppkSMB8GA1UdIwQY MBaAFF2jj3w+ytKexQZEtwBouSob5HB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4Yjkt OTQwOGYxYmMwZDEyLzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9iYmE4ZTctYjlkMi00ZDliLTg4YjktOTQwOGYxYmMwZDEy LzEvWGFPUGZEN0swcDdGQmtTM0FHaTVLaHZrY0hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEdPjSbU /ntkLNI17rqCIBBnNkEFvneLKsxrfQuB6gIUHyvgdIkn5JcWDQ3bunG1a6NgPMpu XUS9uBEXmE/sa/J5PltS/NmykJGg9R8wmhcKp7RaBEJmOP/ncvW0okjDs8GdG5m0 SMFBGA6Nyd9PgoWpXZ6oAgV0nZT11ZPNmWqXWYiK1PzVIobCnZGI/OxHsQ4Sg8ic Pf8dQGSWEW9KhA4nlKQ+qpbtjlCtZ9WKSoFibSnDDAsdpDUaxmYB2X7wyy/STh35 HYmgCaA0YrZr14V2q/oFL/GcRpK70sVQ6s1ksso5ijknvi+jwJL9VMmqBMQN3M0P yHxxD4EiOz/pCA== -----END CERTIFICATE-----Generated at Sun Jan 25 17:50:57 2026 by rpki-client