This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json) Hash identifier: R44PpaHwqVZjiA5epBAh1ROCNLmCCw1ORdU/HNGhniU= Subject key identifier: 24:48:89:2B:CF:F3:33:F4:1F:78:1C:DB:7A:BC:6C:26:72:58:CB:65 Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0 Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0 Certificate serial: 019BFA2E8E220F710DF964ACF5AE3663A0C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft Manifest number: 0D6D Signing time: Mon 26 Jan 2026 12:01:53 +0000 Manifest this update: Mon 26 Jan 2026 12:01:53 +0000 Manifest next update: Tue 27 Jan 2026 12:01:53 +0000 Files and hashes: 1: Z8sIth2fuLtbZU5YZYofujl3N3Q.roa (hash: OuZ+DZI7vPFF2f+5cYLFAwbQ08o0C2E+Uzidod1oA7I=) 2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: elvhLCng8K/OiMz8zLowJCLbXETGE4zuo92N2YP3zCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:2e:8e:22:0f:71:0d:f9:64:ac:f5:ae:36:63:a0:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0 Validity Not Before: Jan 26 12:01:53 2026 GMT Not After : Jan 27 12:01:53 2026 GMT Subject: CN=2448892bcff333f41f781cdb7abc6c267258cb65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:92:5f:9e:53:d4:1e:ce:f7:cb:d8:f0:81:f5: 09:59:b0:dc:de:1e:61:13:5e:c5:66:95:df:aa:5b: a0:77:14:c9:68:4d:b6:94:20:af:9c:4e:83:ba:9c: 46:f6:f0:04:ad:6f:aa:0b:6f:f3:81:7f:38:79:ba: 88:c5:65:62:77:b4:25:99:9e:7b:90:c1:52:76:5b: b4:a8:f7:ed:5d:c2:20:b8:c5:7a:f7:fc:52:03:d4: c3:85:76:39:75:df:b2:be:79:0f:eb:2d:9f:6e:f2: 79:49:a9:33:5c:ed:dd:49:a8:9e:2a:97:55:a2:60: c2:54:92:02:b0:af:bb:67:ad:28:fb:21:d8:19:bc: e9:83:10:44:ba:dd:f3:6b:e6:7c:b5:77:a1:8b:d6: f8:3c:cb:30:3b:14:69:2f:20:6a:9b:15:0c:94:da: 4a:fa:2e:99:34:67:15:3b:40:dc:3e:87:2e:05:9d: 36:2e:63:07:b7:63:f9:0c:36:c3:cc:05:26:ae:74: 68:b5:1f:ba:2e:ad:7f:b9:b6:74:17:ea:7f:2e:8e: 3a:dd:12:4a:0d:43:98:b2:54:7b:5f:f2:da:64:c9: 73:03:18:6c:43:b0:8a:41:fe:0e:90:c7:f3:c7:20: 9c:d9:be:fa:6f:34:e9:eb:7c:06:6b:5f:fd:62:27: 81:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:48:89:2B:CF:F3:33:F4:1F:78:1C:DB:7A:BC:6C:26:72:58:CB:65 X509v3 Authority Key Identifier: keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:01:66:53:dd:e2:c5:c1:87:79:7b:74:89:13:7a:ec:7e:de: b6:c8:94:86:79:52:e7:95:ec:fd:60:7a:da:1f:6c:88:38:99: b1:d9:c4:0b:9e:06:e2:37:95:30:22:36:20:ba:fb:46:1c:d4: 3a:21:bb:76:b1:d3:17:05:00:85:fb:19:a0:14:68:37:5c:50: 80:3e:65:06:fc:09:9f:71:70:ca:f4:53:9e:3a:49:8b:77:06: af:f2:3c:6e:0d:b0:de:b2:3a:7a:e6:26:6d:74:7f:1d:f4:6a: ac:9d:71:ef:dd:6d:60:c0:24:2c:41:4e:01:bd:65:76:db:99: 82:65:a8:d1:00:a2:ed:a4:89:10:3f:5a:1a:d2:7c:4a:9f:bd: 53:ca:c4:f7:1f:66:d3:57:19:91:07:c6:f7:24:d8:fc:05:64: 27:67:5b:fd:c5:ee:cb:7b:25:7e:da:b9:ed:ec:82:88:ec:8a: a7:1f:9b:80:db:68:16:ca:ea:d8:01:0d:3e:d4:73:32:99:6d: 71:3d:5a:e9:94:33:b4:5e:59:16:9e:63:34:b1:01:42:53:4c: 35:50:2a:91:ef:f9:eb:da:09:c0:7f:f6:2a:56:0a:0c:5e:31: f7:06:8b:dc:68:bd:0b:43:18:ec:fa:6e:89:6c:94:47:a8:62: 43:39:27:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6Lo4iD3EN+WSs9a42Y6DAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk NDNjZDAwHhcNMjYwMTI2MTIwMTUzWhcNMjYwMTI3MTIwMTUzWjAzMTEwLwYDVQQD EygyNDQ4ODkyYmNmZjMzM2Y0MWY3ODFjZGI3YWJjNmMyNjcyNThjYjY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZJfnlPUHs73y9jwgfUJWbDc3h5h E17FZpXfqlugdxTJaE22lCCvnE6DupxG9vAErW+qC2/zgX84ebqIxWVid7QlmZ57 kMFSdlu0qPftXcIguMV69/xSA9TDhXY5dd+yvnkP6y2fbvJ5SakzXO3dSaieKpdV omDCVJICsK+7Z60o+yHYGbzpgxBEut3za+Z8tXehi9b4PMswOxRpLyBqmxUMlNpK +i6ZNGcVO0DcPocuBZ02LmMHt2P5DDbDzAUmrnRotR+6Lq1/ubZ0F+p/Lo463RJK DUOYslR7X/LaZMlzAxhsQ7CKQf4OkMfzxyCc2b76bzTp63wGa1/9YieBmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCRIiSvP8zP0H3gc23q8bCZyWMtlMB8GA1UdIwQY MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgFmU93i xcGHeXt0iRN67H7etsiUhnlS55Xs/WB62h9siDiZsdnEC54G4jeVMCI2ILr7RhzU OiG7drHTFwUAhfsZoBRoN1xQgD5lBvwJn3FwyvRTnjpJi3cGr/I8bg2w3rI6euYm bXR/HfRqrJ1x791tYMAkLEFOAb1ldtuZgmWo0QCi7aSJED9aGtJ8Sp+9U8rE9x9m 01cZkQfG9yTY/AVkJ2db/cXuy3slftq57eyCiOyKpx+bgNtoFsrq2AENPtRzMplt cT1a6ZQztF5ZFp5jNLEBQlNMNVAqke/569oJwH/2KlYKDF4x9waL3Gi9C0MY7Ppu iWyUR6hiQzknyQ== -----END CERTIFICATE-----Generated at Mon Jan 26 19:39:13 2026 by rpki-client