This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft File: bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft (raw, json) Hash identifier: ebAIUhPQeUOfCrCRLjLTnfxxvX15jb13AqrNSNESDgw= Subject key identifier: 8A:A8:63:EB:E5:3B:46:FE:08:D1:FB:A7:0E:B5:19:9E:93:26:37:4A Authority key identifier: 6C:C3:85:3D:A7:0C:DE:A0:DB:A4:64:14:B6:B0:E6:D1:F1:71:6E:74 Certificate issuer: /CN=6cc3853da70cdea0dba46414b6b0e6d1f1716e74 Certificate serial: 019BF2E2CCBECF3E4C13278F1FD887D8385D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft Manifest number: 04A2 Signing time: Sun 25 Jan 2026 02:01:48 +0000 Manifest this update: Sun 25 Jan 2026 02:01:48 +0000 Manifest next update: Mon 26 Jan 2026 02:01:48 +0000 Files and hashes: 1: YDy6wLds96Yf3zX0RUfnfXQDw5Q.roa (hash: 86RzS+pw/jn2zDtIOdA8fDYlhM/9zcSkfL4mjAAa2B4=) 2: bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl (hash: +llUMlnyzAP6o/R1cV4s9Iew/NVHGEmYcs6AEvvAuRU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 02:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f2:e2:cc:be:cf:3e:4c:13:27:8f:1f:d8:87:d8:38:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cc3853da70cdea0dba46414b6b0e6d1f1716e74 Validity Not Before: Jan 25 02:01:48 2026 GMT Not After : Jan 26 02:01:48 2026 GMT Subject: CN=8aa863ebe53b46fe08d1fba70eb5199e9326374a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ac:2b:40:26:53:d1:04:19:72:1f:8b:b9:f2: 6c:56:8c:f0:4f:e8:d5:9d:ef:f0:47:00:f9:c0:e7: e4:d4:43:05:fe:d1:93:a1:e7:50:5c:83:87:8f:d0: f3:c4:a7:aa:5d:f9:39:48:a0:65:59:38:94:d7:4e: a0:bf:64:c5:ba:87:a1:58:e2:80:1a:dd:dc:d9:7c: 98:6f:b3:ef:d9:4d:20:09:37:6e:b2:c3:ea:9b:c3: e4:bf:cf:ce:3d:95:23:0a:cb:30:fe:6f:5a:27:c1: e2:ce:95:03:6c:52:fb:59:77:de:2d:0c:16:a2:48: 9a:b6:08:64:7f:3e:e7:19:18:bb:a3:8f:ec:7c:d0: f0:b5:b6:e3:64:bd:8e:a0:e7:4d:87:9c:e0:5d:fb: 3f:e2:3f:7f:55:ee:6c:b5:37:c4:fa:0a:52:4e:cf: bf:47:93:ad:10:4e:eb:bc:54:39:8f:69:16:5f:61: 0b:30:b3:34:d5:53:7c:6a:9d:49:30:a4:17:8b:6a: f2:88:97:77:ed:04:24:a2:bb:ca:10:a8:de:13:a5: ff:c4:76:bb:71:5e:25:d6:fc:97:1a:22:47:13:47: d9:aa:19:30:3f:28:ce:bb:25:b6:c7:83:04:d2:d8: 2c:25:3a:f0:8d:09:58:d6:ef:4e:a6:1c:85:5d:a2: c6:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:A8:63:EB:E5:3B:46:FE:08:D1:FB:A7:0E:B5:19:9E:93:26:37:4A X509v3 Authority Key Identifier: keyid:6C:C3:85:3D:A7:0C:DE:A0:DB:A4:64:14:B6:B0:E6:D1:F1:71:6E:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:be:72:66:d0:b8:8d:1c:86:79:41:da:57:79:5a:d4:bd:03: b9:df:b7:e7:a8:0d:57:ad:da:6b:72:d2:55:fe:e7:b9:03:4b: d1:34:e4:70:e6:68:0a:25:b2:13:32:e8:2b:8b:f4:6c:44:9e: 5f:12:d5:e2:4e:e4:34:d0:3f:ed:e9:05:1e:96:c8:bd:93:70: 42:cc:43:1d:94:94:57:07:16:10:21:5d:92:83:08:6e:80:eb: 12:49:83:29:99:31:d9:8f:c3:4e:7d:5c:7a:eb:8b:85:62:3d: 15:ac:2b:ca:a2:8a:8f:0b:07:81:b3:9d:e7:ba:77:11:2f:4a: 62:42:bc:6b:de:8e:b9:c5:9f:3f:8f:fc:20:65:e2:79:a0:cd: 0c:44:ac:f2:08:dd:ab:ee:78:a8:8a:a1:40:20:ef:19:2d:3a: 62:9c:ef:a0:45:e5:c5:9a:4d:8e:9c:be:20:79:38:62:b7:fa: ec:ce:bb:5b:34:e8:dc:73:45:56:09:1c:12:82:66:03:1d:25: 1e:f9:66:36:be:17:1b:de:bc:82:7d:ff:ff:36:f8:5d:93:bd: a3:06:92:00:5e:0b:40:95:f8:3e:65:f6:9c:fb:2f:c0:5c:1a: 00:01:de:28:fd:b5:ae:07:b3:d1:b8:49:1f:92:3f:92:b4:79: 67:ad:f7:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvy4sy+zz5MEyePH9iH2DhdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYzM4NTNkYTcwY2RlYTBkYmE0NjQxNGI2YjBlNmQxZjE3 MTZlNzQwHhcNMjYwMTI1MDIwMTQ4WhcNMjYwMTI2MDIwMTQ4WjAzMTEwLwYDVQQD Eyg4YWE4NjNlYmU1M2I0NmZlMDhkMWZiYTcwZWI1MTk5ZTkzMjYzNzRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApawrQCZT0QQZch+LufJsVozwT+jV ne/wRwD5wOfk1EMF/tGToedQXIOHj9DzxKeqXfk5SKBlWTiU106gv2TFuoehWOKA Gt3c2XyYb7Pv2U0gCTdussPqm8Pkv8/OPZUjCssw/m9aJ8HizpUDbFL7WXfeLQwW okiatghkfz7nGRi7o4/sfNDwtbbjZL2OoOdNh5zgXfs/4j9/Ve5stTfE+gpSTs+/ R5OtEE7rvFQ5j2kWX2ELMLM01VN8ap1JMKQXi2ryiJd37QQkorvKEKjeE6X/xHa7 cV4l1vyXGiJHE0fZqhkwPyjOuyW2x4ME0tgsJTrwjQlY1u9OphyFXaLGgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIqoY+vlO0b+CNH7pw61GZ6TJjdKMB8GA1UdIwQY MBaAFGzDhT2nDN6g26RkFLaw5tHxcW50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kMTI4ZGUtZDYxZC00ZjAzLTkxMzQt MDQ2YTY4YWI0YzhkLzEvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC9kMTI4ZGUtZDYxZC00ZjAzLTkxMzQtMDQ2YTY4YWI0Yzhk LzEvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOb5yZtC4 jRyGeUHaV3la1L0Dud+356gNV63aa3LSVf7nuQNL0TTkcOZoCiWyEzLoK4v0bESe XxLV4k7kNNA/7ekFHpbIvZNwQsxDHZSUVwcWECFdkoMIboDrEkmDKZkx2Y/DTn1c euuLhWI9FawryqKKjwsHgbOd57p3ES9KYkK8a96OucWfP4/8IGXieaDNDESs8gjd q+54qIqhQCDvGS06YpzvoEXlxZpNjpy+IHk4Yrf67M67WzTo3HNFVgkcEoJmAx0l HvlmNr4XG968gn3//zb4XZO9owaSAF4LQJX4PmX2nPsvwFwaAAHeKP21rgez0bhJ H5I/krR5Z633KQ== -----END CERTIFICATE-----Generated at Sun Jan 25 11:46:45 2026 by rpki-client