This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.mft File: wh4y0EfF0bniZ3DDhAMEz2lx3hw.mft (raw, json) Hash identifier: YV6JKBbs1OMEONgzd7vT3asAeWqYLcduo7b80rREa8w= Subject key identifier: 86:9C:49:E4:87:0A:FF:9C:FA:01:E2:AF:DB:2F:25:DF:34:A2:52:24 Authority key identifier: C2:1E:32:D0:47:C5:D1:B9:E2:67:70:C3:84:03:04:CF:69:71:DE:1C Certificate issuer: /CN=c21e32d047c5d1b9e26770c3840304cf6971de1c Certificate serial: 019BF3BDEA0856C627A1EEF0167B5F1CDBEE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wh4y0EfF0bniZ3DDhAMEz2lx3hw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.mft Manifest number: 0B0A Signing time: Sun 25 Jan 2026 06:01:08 +0000 Manifest this update: Sun 25 Jan 2026 06:01:08 +0000 Manifest next update: Mon 26 Jan 2026 06:01:08 +0000 Files and hashes: 1: Y8cmMZQvMnJkziqHhszvZV_UjeQ.roa (hash: cYgGX/s9jr31rZGmmaEtyXpNrfjq8EGIHIKPU1pqwxk=) 2: wh4y0EfF0bniZ3DDhAMEz2lx3hw.crl (hash: 7XkAjK6Ae+fkFZBpuRnpMJUVSDhKF53N3FGqbtSEicE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.mft rsync://rpki.ripe.net/repository/DEFAULT/wh4y0EfF0bniZ3DDhAMEz2lx3hw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f3:bd:ea:08:56:c6:27:a1:ee:f0:16:7b:5f:1c:db:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c21e32d047c5d1b9e26770c3840304cf6971de1c Validity Not Before: Jan 25 06:01:08 2026 GMT Not After : Jan 26 06:01:08 2026 GMT Subject: CN=869c49e4870aff9cfa01e2afdb2f25df34a25224 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1f:4d:16:dd:c2:2e:06:81:71:b0:ac:82:ad: 22:6f:3a:b7:6b:3a:bc:12:12:40:6a:5d:9f:88:93: 6f:7c:ad:be:bd:60:ee:a7:9f:27:da:ac:38:20:25: 35:84:24:4a:57:da:87:11:49:81:05:94:31:db:6f: de:88:ca:6f:ba:8f:d5:0f:44:a8:a8:d6:a8:5a:08: b6:f8:65:32:69:61:2f:77:71:24:24:13:eb:63:fe: 3c:23:b7:ce:9e:e2:a2:52:0f:40:6a:bf:4a:4c:1a: 19:e7:40:9a:98:9b:2e:fa:a0:c1:99:e2:58:7e:55: 19:9d:47:d3:c2:62:21:a7:0c:10:7d:ba:6a:63:b0: 03:26:40:b7:59:d6:1c:55:97:69:d6:21:a0:31:89: 02:92:73:35:54:a9:4e:16:a5:1a:12:2a:55:6a:a1: e0:ac:4c:24:22:d1:34:62:c5:4c:7a:81:f0:ab:ac: a4:91:ea:46:73:6e:37:17:b5:b6:bf:50:11:74:51: 1f:2c:95:4e:5c:b3:be:93:83:8a:cf:8f:24:df:5f: 93:1c:f5:c0:1a:33:ee:6c:a1:c9:59:9e:02:c8:e6: 1b:aa:ac:4b:4f:51:87:09:09:50:7a:f5:36:73:55: b4:87:f1:e5:95:25:ea:70:e0:2f:cd:7d:0d:e2:c7: ed:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:9C:49:E4:87:0A:FF:9C:FA:01:E2:AF:DB:2F:25:DF:34:A2:52:24 X509v3 Authority Key Identifier: keyid:C2:1E:32:D0:47:C5:D1:B9:E2:67:70:C3:84:03:04:CF:69:71:DE:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wh4y0EfF0bniZ3DDhAMEz2lx3hw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/300bd4-0356-4c44-83cf-38efcfdc417b/1/wh4y0EfF0bniZ3DDhAMEz2lx3hw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:1c:5c:09:a9:6e:da:f8:32:f0:1e:74:c1:88:36:88:13:ee: 5e:b4:af:b9:fe:97:c6:7c:50:0a:79:37:1c:a6:a6:11:19:84: b7:98:d0:c3:a3:8b:06:c9:65:c4:34:f3:a5:30:62:8a:0e:2c: 62:aa:86:4c:a6:41:3c:df:06:df:8e:11:b0:20:bb:d3:a4:6a: 49:db:e8:a1:1d:f1:f2:4e:13:7b:74:c9:eb:1b:f0:b8:1d:eb: b3:89:ea:42:a5:0f:d5:72:a9:dd:9f:6f:84:22:1c:83:71:29: 09:2d:5c:20:31:2a:26:cc:f9:21:4e:e5:74:33:d7:4e:fb:f9: 2f:4e:5e:9a:88:81:33:96:aa:67:62:76:6d:e1:2e:c7:7a:c2: 37:8e:1f:4d:48:e7:a0:b1:a3:79:a6:4b:c8:ce:57:c1:93:72: 36:48:24:cd:41:72:be:99:d2:45:30:f9:3e:a3:79:e9:d8:9d: be:76:9b:09:28:d0:01:b8:54:7c:00:01:11:75:e4:4d:81:1b: 75:af:b9:d6:e0:ca:f0:4d:39:a4:5b:a7:e8:d8:66:7e:25:b6: fd:09:06:00:4e:7e:e1:ec:19:a5:81:90:4d:cb:02:3a:f2:10: ab:d8:1e:f6:51:53:f6:56:f3:01:c6:6e:9c:f1:b7:66:8e:18: 5c:bd:37:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvzveoIVsYnoe7wFntfHNvuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyMWUzMmQwNDdjNWQxYjllMjY3NzBjMzg0MDMwNGNmNjk3 MWRlMWMwHhcNMjYwMTI1MDYwMTA4WhcNMjYwMTI2MDYwMTA4WjAzMTEwLwYDVQQD Eyg4NjljNDllNDg3MGFmZjljZmEwMWUyYWZkYjJmMjVkZjM0YTI1MjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR9NFt3CLgaBcbCsgq0ibzq3azq8 EhJAal2fiJNvfK2+vWDup58n2qw4ICU1hCRKV9qHEUmBBZQx22/eiMpvuo/VD0So qNaoWgi2+GUyaWEvd3EkJBPrY/48I7fOnuKiUg9Aar9KTBoZ50CamJsu+qDBmeJY flUZnUfTwmIhpwwQfbpqY7ADJkC3WdYcVZdp1iGgMYkCknM1VKlOFqUaEipVaqHg rEwkItE0YsVMeoHwq6ykkepGc243F7W2v1ARdFEfLJVOXLO+k4OKz48k31+THPXA GjPubKHJWZ4CyOYbqqxLT1GHCQlQevU2c1W0h/HllSXqcOAvzX0N4sftgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIacSeSHCv+c+gHir9svJd80olIkMB8GA1UdIwQY MBaAFMIeMtBHxdG54mdww4QDBM9pcd4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd2g0eTBFZkYwYm5pWjNERGhBTUV6Mmx4M2h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMDBiZDQtMDM1Ni00YzQ0LTgzY2Yt MzhlZmNmZGM0MTdiLzEvd2g0eTBFZkYwYm5pWjNERGhBTUV6Mmx4M2h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8zMDBiZDQtMDM1Ni00YzQ0LTgzY2YtMzhlZmNmZGM0MTdi LzEvd2g0eTBFZkYwYm5pWjNERGhBTUV6Mmx4M2h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhxcCalu 2vgy8B50wYg2iBPuXrSvuf6XxnxQCnk3HKamERmEt5jQw6OLBsllxDTzpTBiig4s YqqGTKZBPN8G344RsCC706RqSdvooR3x8k4Te3TJ6xvwuB3rs4nqQqUP1XKp3Z9v hCIcg3EpCS1cIDEqJsz5IU7ldDPXTvv5L05emoiBM5aqZ2J2beEux3rCN44fTUjn oLGjeaZLyM5XwZNyNkgkzUFyvpnSRTD5PqN56didvnabCSjQAbhUfAABEXXkTYEb da+51uDK8E05pFun6NhmfiW2/QkGAE5+4ewZpYGQTcsCOvIQq9ge9lFT9lbzAcZu nPG3Zo4YXL03og== -----END CERTIFICATE-----Generated at Sun Jan 25 17:02:37 2026 by rpki-client