This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft File: iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft (raw, json) Hash identifier: lqUG3Tw2bdIYFf8vssvkzUezFX72rFzvXalAVo0wUzE= Subject key identifier: A0:21:48:6D:41:9E:26:D7:8E:EB:CF:50:E5:AE:3D:11:ED:AD:61:BB Authority key identifier: 88:5C:09:52:2F:63:5F:CA:FA:29:BC:EB:AC:72:C8:94:E4:FF:EE:D2 Certificate issuer: /CN=885c09522f635fcafa29bcebac72c894e4ffeed2 Certificate serial: 019BF83FFEF8CAC9B8E3B867A3683CDFB8F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft Manifest number: 029D Signing time: Mon 26 Jan 2026 03:01:42 +0000 Manifest this update: Mon 26 Jan 2026 03:01:42 +0000 Manifest next update: Tue 27 Jan 2026 03:01:42 +0000 Files and hashes: 1: 3IMviFqKeTkgcM4hJ3DCovEJPT4.roa (hash: PJ8bbhBGDwD8QZsH/L9/+WbI+Jn53tual+W0DILWDvw=) 2: iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl (hash: O7xiSGoxN0IRg/SSoOh+sef2xETM6V3W6F/+88nQg7Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:3f:fe:f8:ca:c9:b8:e3:b8:67:a3:68:3c:df:b8:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885c09522f635fcafa29bcebac72c894e4ffeed2 Validity Not Before: Jan 26 03:01:42 2026 GMT Not After : Jan 27 03:01:42 2026 GMT Subject: CN=a021486d419e26d78eebcf50e5ae3d11edad61bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:55:9a:79:39:0b:bc:fb:2a:3d:78:60:52:5d: 67:f3:dc:57:69:b9:6e:c0:5f:40:01:10:a3:11:2b: 8b:4d:c6:87:30:10:63:ed:7f:c3:8e:db:ac:a4:65: 89:51:ad:10:b3:49:46:73:73:48:8e:9b:51:9a:be: c5:1e:c2:56:19:c9:d8:62:5d:8b:34:f5:8e:7e:d6: a3:42:08:78:c1:ea:f8:6f:72:22:8f:75:6c:40:f1: 0a:04:8b:36:df:5a:be:72:c4:8c:d0:da:9d:ad:09: ca:50:3e:c1:17:d2:42:35:d9:39:5d:c9:09:1c:3f: c2:c5:f8:7c:2d:b8:9f:22:fa:e2:c9:e6:b9:bb:b1: 51:18:ba:42:f2:e7:1f:c4:f5:dd:3a:80:ac:39:6e: 4b:68:49:1d:01:9e:28:76:52:e2:9f:40:89:54:84: 8f:58:cf:44:66:b4:88:e8:19:dd:13:43:e1:96:3a: e2:9e:72:1c:27:83:60:54:16:79:02:9f:cc:16:e4: 00:5c:4c:f5:b0:66:ec:1e:52:c4:df:e2:b7:4a:e5: ba:85:60:e1:8e:7d:d2:bb:69:83:21:1e:3d:72:13: 6c:93:ad:4e:ba:4b:69:8d:bf:c4:0d:19:31:27:d5: 9f:ea:2d:fa:fc:87:c7:53:8c:f4:93:17:7a:9d:c2: 04:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:21:48:6D:41:9E:26:D7:8E:EB:CF:50:E5:AE:3D:11:ED:AD:61:BB X509v3 Authority Key Identifier: keyid:88:5C:09:52:2F:63:5F:CA:FA:29:BC:EB:AC:72:C8:94:E4:FF:EE:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c9:e3:b2:1b:58:25:5c:c9:35:d7:43:44:fb:d9:e7:2d:66:51: 90:55:f0:72:69:cc:8f:2c:3f:1a:fe:38:c3:97:69:73:b1:f9: 4b:64:53:90:91:fa:51:ab:ce:96:b7:b6:2c:e4:11:35:5e:31: a2:a6:d2:c4:27:19:34:31:b6:08:79:56:e0:13:69:62:28:b6: 8b:54:bb:08:94:ad:f8:79:b3:09:a1:d1:a5:c4:ca:50:fe:df: fd:74:a5:78:94:ad:c4:40:8b:15:80:60:b0:12:d4:7e:c1:98: 6a:d5:1d:5a:18:02:da:be:5c:bd:c5:2d:32:be:70:6e:14:29: 45:97:77:f6:a7:93:4a:22:93:c6:45:e8:03:64:f9:cd:5c:a1: c0:54:6d:7b:85:17:61:ce:2d:2c:ef:a8:58:63:20:2e:4f:23: 2f:5c:70:b8:e1:4a:f3:32:d5:4f:39:69:ad:ec:aa:b2:df:cb: 15:0f:18:1d:1f:51:31:55:99:70:2f:5b:c3:f9:64:52:22:08: 7f:64:b7:8f:95:77:fb:b0:ed:bf:4e:74:0e:23:22:a0:c9:42: ab:af:79:9b:fc:c9:a7:c4:e4:4c:f3:75:f4:ac:79:5d:c9:03: 2f:04:23:87:23:03:22:ce:94:49:44:f4:f0:75:cb:4b:0f:b6: b2:b5:51:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4P/74ysm447hno2g837j1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWMwOTUyMmY2MzVmY2FmYTI5YmNlYmFjNzJjODk0ZTRm ZmVlZDIwHhcNMjYwMTI2MDMwMTQyWhcNMjYwMTI3MDMwMTQyWjAzMTEwLwYDVQQD EyhhMDIxNDg2ZDQxOWUyNmQ3OGVlYmNmNTBlNWFlM2QxMWVkYWQ2MWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolWaeTkLvPsqPXhgUl1n89xXablu wF9AARCjESuLTcaHMBBj7X/DjtuspGWJUa0Qs0lGc3NIjptRmr7FHsJWGcnYYl2L NPWOftajQgh4wer4b3Iij3VsQPEKBIs231q+csSM0NqdrQnKUD7BF9JCNdk5XckJ HD/Cxfh8LbifIvriyea5u7FRGLpC8ucfxPXdOoCsOW5LaEkdAZ4odlLin0CJVISP WM9EZrSI6BndE0PhljrinnIcJ4NgVBZ5Ap/MFuQAXEz1sGbsHlLE3+K3SuW6hWDh jn3Su2mDIR49chNsk61Ouktpjb/EDRkxJ9Wf6i36/IfHU4z0kxd6ncIEFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKAhSG1BnibXjuvPUOWuPRHtrWG7MB8GA1UdIwQY MBaAFIhcCVIvY1/K+im866xyyJTk/+7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMDJjMDgtZjMxYi00OGM1LWFkNDct ZjgzYjhkMDQwODdjLzEvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9hMDJjMDgtZjMxYi00OGM1LWFkNDctZjgzYjhkMDQwODdj LzEvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyeOyG1gl XMk110NE+9nnLWZRkFXwcmnMjyw/Gv44w5dpc7H5S2RTkJH6UavOlre2LOQRNV4x oqbSxCcZNDG2CHlW4BNpYii2i1S7CJSt+HmzCaHRpcTKUP7f/XSleJStxECLFYBg sBLUfsGYatUdWhgC2r5cvcUtMr5wbhQpRZd39qeTSiKTxkXoA2T5zVyhwFRte4UX Yc4tLO+oWGMgLk8jL1xwuOFK8zLVTzlpreyqst/LFQ8YHR9RMVWZcC9bw/lkUiII f2S3j5V3+7Dtv050DiMioMlCq695m/zJp8TkTPN19Kx5XckDLwQjhyMDIs6USUT0 8HXLSw+2srVR1Q== -----END CERTIFICATE-----Generated at Mon Jan 26 09:02:39 2026 by rpki-client