This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft File: IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft (raw, json) Hash identifier: YWAX1FFBdC7fu2C5QJzUv+JwyrSdyMHKVzyq+lwVlmI= Subject key identifier: EF:4E:4E:5E:E8:71:BD:19:F8:47:93:F0:A2:0B:77:61:D6:D1:8B:D8 Authority key identifier: 21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9 Certificate issuer: /CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9 Certificate serial: 019BF687EC0323CEB1D9AAAAF954ED39511D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft Manifest number: 07D9 Signing time: Sun 25 Jan 2026 19:01:01 +0000 Manifest this update: Sun 25 Jan 2026 19:01:01 +0000 Manifest next update: Mon 26 Jan 2026 19:01:01 +0000 Files and hashes: 1: IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl (hash: Vp/mmBQfPFEiziyBYgmB+Z1/CBkICLNhxeJQD1Z5Tao=) 2: hwKJwCCAFCL_7LuTGUs9t1cSL7E.roa (hash: 8W8T46xmoGGEFuN0xJIwYy5B+d+w5bYaaExN07s/4nM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:87:ec:03:23:ce:b1:d9:aa:aa:f9:54:ed:39:51:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9 Validity Not Before: Jan 25 19:01:01 2026 GMT Not After : Jan 26 19:01:01 2026 GMT Subject: CN=ef4e4e5ee871bd19f84793f0a20b7761d6d18bd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5e:e4:b1:bb:df:f9:87:ae:a2:0c:b6:06:00: 5e:f3:f1:4f:de:09:27:d4:6f:28:40:79:f9:bb:35: 13:d8:f5:eb:77:13:3d:00:33:6d:ae:ff:62:6b:75: fa:0c:05:0a:a7:4e:54:ea:d2:f1:b4:0d:97:07:57: 6f:7b:c0:52:49:c8:c6:d3:fb:38:08:e0:cb:ad:d3: 91:88:d3:ec:42:1f:7e:dd:f6:85:da:6f:14:9c:92: 56:21:d5:74:f9:33:38:88:5f:12:3b:0b:84:03:e3: 2a:a3:a2:93:61:4b:15:d5:3f:3d:e7:8a:89:c0:65: 31:4e:84:47:07:da:70:9a:2c:56:5b:d0:f5:4f:b7: 7f:b4:d5:42:f2:28:82:7d:64:d4:fa:e8:2b:98:d4: dd:63:6c:f4:76:f1:ed:8e:87:07:07:d6:0d:4c:a9: c4:aa:e2:88:18:fa:2f:90:78:3d:1c:b4:d1:78:f9: a7:db:19:0d:8e:7c:fb:39:1a:99:7e:0f:32:4b:f9: 8b:c7:2a:b2:b7:38:bd:bf:0a:82:d5:d0:ba:bf:bd: 79:ae:9e:5a:b0:79:52:3b:35:a0:85:f1:13:84:13: 38:9c:b4:22:54:0a:76:a8:3a:ec:5e:2d:1f:bd:58: e8:12:2e:ac:79:0f:62:bb:3b:b7:7e:d8:d1:a0:15: d0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:4E:4E:5E:E8:71:BD:19:F8:47:93:F0:A2:0B:77:61:D6:D1:8B:D8 X509v3 Authority Key Identifier: keyid:21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:7e:eb:18:ac:c1:84:bd:fc:5b:bc:94:e9:7c:b9:6f:ae:4d: 7b:cc:78:f1:78:37:8c:9d:d2:98:25:1e:3a:77:6f:d0:c7:7b: 75:24:f1:6d:74:9a:a6:ea:5e:83:07:13:5b:61:d8:8b:0a:a3: 25:a4:ee:26:cc:fd:66:b3:41:6c:97:ee:23:b3:62:45:3e:41: 82:83:39:76:85:86:32:67:6c:38:c0:4d:6d:fa:62:78:c9:b2: 81:79:f1:3f:2d:70:8c:ce:a7:e0:55:d9:00:27:18:d5:72:ac: b6:73:61:d4:42:ba:ff:ea:22:58:bb:6e:c1:54:28:31:c7:6f: 67:3e:97:83:ae:5c:51:89:c1:da:8a:31:49:eb:41:25:2d:4b: 23:fa:ce:7d:45:aa:7e:07:b0:3a:29:e4:ce:da:59:49:7d:c1: 6f:cd:dd:71:8e:67:b5:b3:f3:c1:5d:37:70:4a:db:a8:7b:05: de:2a:c2:dd:17:ed:ce:91:1b:17:4f:b9:09:c8:3f:76:58:f3: a3:e9:7e:2e:cd:05:bf:a5:a4:4f:52:06:22:95:61:e6:7b:db: 86:c9:c3:03:2d:40:1c:a8:b7:a8:d6:f6:09:ea:7b:be:6d:fe: 9f:d8:07:d4:f2:04:55:8f:7b:4e:34:b9:a6:0d:10:34:04:93: 0d:b7:ad:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2h+wDI86x2aqq+VTtOVEdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMGQxYzBkYjVhYTE4ODBkNzc0N2UyMmYxZGJmNDcxNmQz MTAxYTkwHhcNMjYwMTI1MTkwMTAxWhcNMjYwMTI2MTkwMTAxWjAzMTEwLwYDVQQD EyhlZjRlNGU1ZWU4NzFiZDE5Zjg0NzkzZjBhMjBiNzc2MWQ2ZDE4YmQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv17ksbvf+Yeuogy2BgBe8/FP3gkn 1G8oQHn5uzUT2PXrdxM9ADNtrv9ia3X6DAUKp05U6tLxtA2XB1dve8BSScjG0/s4 CODLrdORiNPsQh9+3faF2m8UnJJWIdV0+TM4iF8SOwuEA+Mqo6KTYUsV1T8954qJ wGUxToRHB9pwmixWW9D1T7d/tNVC8iiCfWTU+ugrmNTdY2z0dvHtjocHB9YNTKnE quKIGPovkHg9HLTRePmn2xkNjnz7ORqZfg8yS/mLxyqytzi9vwqC1dC6v715rp5a sHlSOzWghfEThBM4nLQiVAp2qDrsXi0fvVjoEi6seQ9iuzu3ftjRoBXQBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO9OTl7ocb0Z+EeT8KILd2HW0YvYMB8GA1UdIwQY MBaAFCENHA21qhiA13R+IvHb9HFtMQGpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUt ZDcxMTMwYzZjMGY5LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUtZDcxMTMwYzZjMGY5 LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO37rGKzB hL38W7yU6Xy5b65Ne8x48Xg3jJ3SmCUeOndv0Md7dSTxbXSapupegwcTW2HYiwqj JaTuJsz9ZrNBbJfuI7NiRT5BgoM5doWGMmdsOMBNbfpieMmygXnxPy1wjM6n4FXZ ACcY1XKstnNh1EK6/+oiWLtuwVQoMcdvZz6Xg65cUYnB2ooxSetBJS1LI/rOfUWq fgewOinkztpZSX3Bb83dcY5ntbPzwV03cErbqHsF3irC3RftzpEbF0+5Ccg/dljz o+l+Ls0Fv6WkT1IGIpVh5nvbhsnDAy1AHKi3qNb2Cep7vm3+n9gH1PIEVY97TjS5 pg0QNASTDbetXQ== -----END CERTIFICATE-----Generated at Mon Jan 26 04:24:36 2026 by rpki-client