This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json) Hash identifier: eu+L0ufCvKDz9cHSj/sx6w9XmL9n4KAt40ZwJj6fIJ0= Subject key identifier: C3:B7:6C:9D:17:E5:FA:4F:C5:B7:E3:CD:C5:9B:86:32:2F:EF:01:49 Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67 Certificate serial: 019BF53EFCADEF8EF0C03519879D0F220F55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft Manifest number: 0EC8 Signing time: Sun 25 Jan 2026 13:01:44 +0000 Manifest this update: Sun 25 Jan 2026 13:01:44 +0000 Manifest next update: Mon 26 Jan 2026 13:01:44 +0000 Files and hashes: 1: 3kSbU0e5h99O_Tm79lGnT_Tp5Hc.roa (hash: RwQ/Qy1kKylc45gWPZOazTOGnIJ82QduJgu3sQQqwXY=) 2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: P5adJ1Z5l3i4ejMwpQJRSDkNZ1ADjHDHbHKF8RbOiZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3e:fc:ad:ef:8e:f0:c0:35:19:87:9d:0f:22:0f:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67 Validity Not Before: Jan 25 13:01:44 2026 GMT Not After : Jan 26 13:01:44 2026 GMT Subject: CN=c3b76c9d17e5fa4fc5b7e3cdc59b86322fef0149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:23:ae:27:c2:c7:97:e7:e0:f9:02:47:76:32: ba:e3:4d:f0:71:35:54:54:83:30:3b:c5:28:d4:bc: df:1a:dd:22:ab:ad:e6:a5:0a:43:ed:bb:dd:0e:4d: cc:f6:52:83:11:62:ac:4d:fe:8b:2e:bd:4e:27:a1: db:38:85:7b:78:87:99:f0:07:7b:84:37:83:b0:f1: 88:8a:59:f4:8d:34:c1:69:1c:d7:8e:e5:26:ea:ef: 01:23:e5:81:65:03:06:a8:ac:5c:b2:6a:a7:28:0b: 9e:03:35:e9:7a:68:0c:35:47:af:26:f3:93:2c:e8: ad:1c:9b:f7:c5:b8:df:89:c1:78:ac:77:07:4d:62: 43:5c:0c:1c:46:11:8e:a7:98:ed:19:86:d6:ad:2d: 44:a3:37:5c:e9:eb:cc:36:96:65:ee:d6:dd:09:22: 6f:88:33:04:4a:0f:a2:d2:94:9a:eb:12:51:bd:5b: c0:00:d5:5e:99:8c:7c:50:58:7d:88:f0:4b:95:b4: 7e:0a:c7:d5:c4:dd:a7:5b:ca:f2:da:0b:f3:9c:49: 78:31:9d:b3:19:7e:2c:9c:c1:e4:96:89:ab:ce:16: 99:92:73:70:a9:66:09:db:dc:76:13:cb:25:8e:da: a6:fb:5f:d7:17:0e:c6:ce:bc:f9:bd:4f:00:68:2f: 10:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:B7:6C:9D:17:E5:FA:4F:C5:B7:E3:CD:C5:9B:86:32:2F:EF:01:49 X509v3 Authority Key Identifier: keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:2e:ec:d9:a5:10:88:b1:48:84:0b:e9:d0:1a:cf:57:7d:7b: e3:7e:7a:14:95:83:87:9b:c1:af:42:57:dc:25:ce:ba:59:e8: 2e:2d:9d:c8:50:e7:f9:00:04:4b:b0:29:9d:37:d4:76:55:88: f5:31:df:15:7c:2a:fc:d7:6f:39:63:51:f6:38:6f:98:32:89: 01:f6:50:65:57:3f:e2:49:a1:cf:2a:a9:54:89:8d:aa:10:76: 99:20:93:f5:95:fd:ea:2f:34:fd:4a:8e:ee:58:52:a5:86:be: e3:04:75:24:70:c0:cf:d0:69:df:a2:36:f2:27:5c:88:a2:9e: 35:f9:0a:23:9a:a8:2e:a0:c7:d1:11:ac:c9:27:a3:f1:63:8a: 60:d9:d7:4a:d6:cd:86:01:90:7e:60:35:3b:3c:96:23:c0:54: 17:94:35:c5:46:f6:13:08:34:2d:fa:72:0b:39:3d:96:11:d3: f8:7a:f9:83:c7:b2:e4:e9:b7:82:1d:a6:b9:a5:14:16:62:01: c2:0f:6c:28:56:6c:17:70:f3:5c:dc:5f:9c:9c:1f:39:b0:8b: 4c:97:00:e0:97:80:d6:6f:ed:be:ae:ab:e4:ee:ce:f0:60:3e: df:6e:94:89:3f:ad:28:2a:2d:6c:d2:f6:c5:9f:71:b1:73:aa: 15:36:b0:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1Pvyt747wwDUZh50PIg9VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2 OTJlNjcwHhcNMjYwMTI1MTMwMTQ0WhcNMjYwMTI2MTMwMTQ0WjAzMTEwLwYDVQQD EyhjM2I3NmM5ZDE3ZTVmYTRmYzViN2UzY2RjNTliODYzMjJmZWYwMTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yOuJ8LHl+fg+QJHdjK6403wcTVU VIMwO8Uo1LzfGt0iq63mpQpD7bvdDk3M9lKDEWKsTf6LLr1OJ6HbOIV7eIeZ8Ad7 hDeDsPGIiln0jTTBaRzXjuUm6u8BI+WBZQMGqKxcsmqnKAueAzXpemgMNUevJvOT LOitHJv3xbjficF4rHcHTWJDXAwcRhGOp5jtGYbWrS1Eozdc6evMNpZl7tbdCSJv iDMESg+i0pSa6xJRvVvAANVemYx8UFh9iPBLlbR+CsfVxN2nW8ry2gvznEl4MZ2z GX4snMHklomrzhaZknNwqWYJ29x2E8sljtqm+1/XFw7Gzrz5vU8AaC8QMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMO3bJ0X5fpPxbfjzcWbhjIv7wFJMB8GA1UdIwQY MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAni7s2aUQ iLFIhAvp0BrPV3174356FJWDh5vBr0JX3CXOulnoLi2dyFDn+QAES7ApnTfUdlWI 9THfFXwq/NdvOWNR9jhvmDKJAfZQZVc/4kmhzyqpVImNqhB2mSCT9ZX96i80/UqO 7lhSpYa+4wR1JHDAz9Bp36I28idciKKeNfkKI5qoLqDH0RGsySej8WOKYNnXStbN hgGQfmA1OzyWI8BUF5Q1xUb2Ewg0LfpyCzk9lhHT+Hr5g8ey5Om3gh2muaUUFmIB wg9sKFZsF3DzXNxfnJwfObCLTJcA4JeA1m/tvq6r5O7O8GA+326UiT+tKCotbNL2 xZ9xsXOqFTaw6w== -----END CERTIFICATE-----Generated at Sun Jan 25 22:01:29 2026 by rpki-client