This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft File: aEZbnPs2jGnssOP-o7VCupxzAfQ.mft (raw, json) Hash identifier: wR5Dy0Qvv/zyCPBA8hWfU2thMuxSlnOhphMBDYqydcA= Subject key identifier: 72:E9:66:B2:9C:FA:81:32:B9:36:6C:03:C0:9A:5C:D3:5F:33:22:F5 Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Certificate serial: 019BF72D1AED042F01D807FD9B1FFDCDA964 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft Manifest number: 1502 Signing time: Sun 25 Jan 2026 22:01:26 +0000 Manifest this update: Sun 25 Jan 2026 22:01:26 +0000 Manifest next update: Mon 26 Jan 2026 22:01:26 +0000 Files and hashes: 1: aEZbnPs2jGnssOP-o7VCupxzAfQ.crl (hash: itWIGZTZNfEqMB3VHIy6vBx1AfvZveK2e+rfkxzz2b4=) 2: c0z-_U_7s_3lnaiWBwRIuVlkh7c.roa (hash: EAYr21bopytQdXh3mLIBfLUMzK/qGgq6jONJ7Pmqm+s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:1a:ed:04:2f:01:d8:07:fd:9b:1f:fd:cd:a9:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Validity Not Before: Jan 25 22:01:26 2026 GMT Not After : Jan 26 22:01:26 2026 GMT Subject: CN=72e966b29cfa8132b9366c03c09a5cd35f3322f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:96:6c:fa:2b:0c:6e:35:43:99:0d:ef:cd:ab: ed:7b:0e:69:9f:cb:b4:ee:22:d9:d6:38:a6:50:a1: ff:27:11:7b:31:40:44:28:e3:33:a6:58:39:7b:1b: fd:6d:91:4b:e5:80:fe:f5:e4:bd:af:6e:81:38:11: 0d:11:de:c3:49:07:16:b4:f7:a9:cb:36:66:52:07: 96:fd:72:80:5d:93:de:d1:43:65:84:87:23:a7:03: ba:b3:81:af:e2:bd:a4:ad:a8:45:54:87:b7:e3:62: cc:16:7e:6e:52:c5:30:96:42:34:7c:42:b9:35:8c: 9f:3b:f7:f2:b4:9f:01:7a:63:34:55:d5:22:91:65: 0f:3c:00:4f:2a:a7:08:90:72:a3:db:d8:32:55:6a: ba:cf:5c:6e:34:8e:2d:63:85:bb:52:30:ac:b2:22: c5:4b:54:65:16:99:89:cd:cc:a4:fb:79:c4:ec:ed: d4:ef:02:13:3f:5d:97:1e:99:f8:11:42:ed:58:80: 01:93:4c:5f:67:d4:e8:29:a4:02:4b:91:ae:59:55: 72:8d:0a:42:12:a1:f9:4e:fd:e0:fe:98:5f:66:fd: af:f4:84:e8:05:cc:53:37:e2:9b:4d:e2:c0:6f:18: 15:c5:94:9b:13:ab:f4:4a:fc:0d:2e:c6:73:b2:09: 15:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:E9:66:B2:9C:FA:81:32:B9:36:6C:03:C0:9A:5C:D3:5F:33:22:F5 X509v3 Authority Key Identifier: keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:31:47:43:0a:22:65:1b:cf:03:af:1e:a2:61:35:63:96:ee: 81:5d:5b:b8:d0:69:1f:31:f0:d5:48:50:40:63:ad:26:07:ca: 21:66:dc:26:fb:72:cc:0b:8c:03:1f:e1:b4:59:b2:62:49:ab: 95:79:90:85:6c:29:9c:bf:5e:c2:20:ff:84:5a:49:1d:65:4c: d1:fc:4d:a3:43:3a:24:db:95:f0:f4:24:92:65:b7:7c:24:32: 45:e4:35:cf:1d:b4:5e:da:0e:b0:b9:4e:e8:0c:b5:be:94:ec: ab:85:fd:63:d4:77:dc:40:99:00:57:43:c9:8a:0d:98:27:d3: 21:97:4c:75:3d:a2:7d:e7:fd:3c:9b:9d:62:49:b6:99:66:df: bc:a6:1c:4d:18:e2:73:45:6f:cd:e4:1e:e9:77:04:94:d8:d3: 7c:53:5c:33:56:4a:ec:5b:82:0c:f3:28:0d:90:54:dc:bd:ce: 09:eb:38:c9:1f:66:71:42:06:83:4f:ec:75:86:8b:24:d5:e8: 76:bd:f7:44:09:93:cd:8a:9b:f9:26:a7:78:b0:62:fa:70:42: 87:c3:1a:65:76:cb:b0:a1:03:e8:4c:77:05:e2:6b:3a:2c:ae: ad:93:bd:e1:79:83:15:95:f9:b0:d9:aa:1e:78:2d:49:7e:e4: 32:3c:4e:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LRrtBC8B2Af9mx/9zalkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3 MzAxZjQwHhcNMjYwMTI1MjIwMTI2WhcNMjYwMTI2MjIwMTI2WjAzMTEwLwYDVQQD Eyg3MmU5NjZiMjljZmE4MTMyYjkzNjZjMDNjMDlhNWNkMzVmMzMyMmY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJZs+isMbjVDmQ3vzavtew5pn8u0 7iLZ1jimUKH/JxF7MUBEKOMzplg5exv9bZFL5YD+9eS9r26BOBENEd7DSQcWtPep yzZmUgeW/XKAXZPe0UNlhIcjpwO6s4Gv4r2krahFVIe342LMFn5uUsUwlkI0fEK5 NYyfO/fytJ8BemM0VdUikWUPPABPKqcIkHKj29gyVWq6z1xuNI4tY4W7UjCssiLF S1RlFpmJzcyk+3nE7O3U7wITP12XHpn4EULtWIABk0xfZ9ToKaQCS5GuWVVyjQpC EqH5Tv3g/phfZv2v9IToBcxTN+KbTeLAbxgVxZSbE6v0SvwNLsZzsgkVPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHLpZrKc+oEyuTZsA8CaXNNfMyL1MB8GA1UdIwQY MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt MWFlYTViZTE1MGZhLzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYjFHQwoi ZRvPA68eomE1Y5bugV1buNBpHzHw1UhQQGOtJgfKIWbcJvtyzAuMAx/htFmyYkmr lXmQhWwpnL9ewiD/hFpJHWVM0fxNo0M6JNuV8PQkkmW3fCQyReQ1zx20XtoOsLlO 6Ay1vpTsq4X9Y9R33ECZAFdDyYoNmCfTIZdMdT2ifef9PJudYkm2mWbfvKYcTRji c0VvzeQe6XcElNjTfFNcM1ZK7FuCDPMoDZBU3L3OCes4yR9mcUIGg0/sdYaLJNXo dr33RAmTzYqb+SaneLBi+nBCh8MaZXbLsKED6Ex3BeJrOiyurZO94XmDFZX5sNmq HngtSX7kMjxObw== -----END CERTIFICATE-----Generated at Mon Jan 26 08:41:23 2026 by rpki-client