This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft File: zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft (raw, json) Hash identifier: 1UfUEH6TieM8ViwFosKU1Wq1eyX7269WW6xa0Pznagw= Subject key identifier: B5:BC:73:62:8D:A8:22:9D:CE:1D:EC:94:82:83:C9:9D:99:C5:F9:18 Authority key identifier: CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61 Certificate issuer: /CN=cd86b8ce222482a14f9b13468ce57e9992684961 Certificate serial: 019BF5E36659CD91DF2F770261FE38638F69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft Manifest number: 07BD Signing time: Sun 25 Jan 2026 16:01:19 +0000 Manifest this update: Sun 25 Jan 2026 16:01:19 +0000 Manifest next update: Mon 26 Jan 2026 16:01:19 +0000 Files and hashes: 1: tOm2mcjBn8Ym8qVAgXlaktzQgQQ.roa (hash: QA1CzDp5HJkMD+7uuzpOHwQafKh/ybfi3Yylc1GPX2k=) 2: zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl (hash: 0uMyof2cRUBXr/YNFuIBh+KyE5MIYoZm6tRO/px1oTQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:e3:66:59:cd:91:df:2f:77:02:61:fe:38:63:8f:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd86b8ce222482a14f9b13468ce57e9992684961 Validity Not Before: Jan 25 16:01:19 2026 GMT Not After : Jan 26 16:01:19 2026 GMT Subject: CN=b5bc73628da8229dce1dec948283c99d99c5f918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:b3:c6:8c:18:5e:03:10:3f:4e:9d:66:1c:3a: 89:8a:ab:bc:c6:79:58:d0:e1:8c:f3:d0:fc:36:33: a0:bc:dc:7b:f7:d1:8e:74:2f:30:46:ac:e5:95:14: 11:71:47:72:0e:d2:99:f5:b7:3d:33:9a:15:b0:fe: 7b:5a:d2:b5:a7:fd:6f:f8:ae:c3:d9:57:c6:76:e2: 5a:d4:01:ce:11:1c:4b:84:ad:74:1f:77:31:c3:ae: 5d:dd:9d:3b:5c:66:a9:ae:e3:0f:27:79:3d:d3:01: 44:67:ec:64:b7:4f:7d:4c:fe:38:e2:15:e7:bb:30: 64:cc:25:00:1f:43:d8:49:6f:6b:e6:9a:30:25:af: 62:20:e5:12:da:3b:31:2e:9b:da:79:11:c7:12:cc: 01:2f:7b:15:35:d0:db:ad:40:ff:27:b7:3e:31:8c: 6b:26:f6:ca:0b:f8:ca:0d:7f:f1:67:0b:85:32:a6: 8d:0e:7d:e4:0c:f3:2f:18:35:77:34:c3:fd:8d:7d: 8f:2b:30:19:b3:3a:31:30:46:7a:25:b6:3a:8c:71: 57:27:b3:83:73:8d:79:b4:ed:9b:d7:a7:7b:be:ed: 15:80:62:a2:6d:a1:a4:84:f2:cb:17:5f:8f:fd:d6: 61:da:75:a6:85:f4:57:20:a5:85:b3:67:b9:f7:70: 8c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:BC:73:62:8D:A8:22:9D:CE:1D:EC:94:82:83:C9:9D:99:C5:F9:18 X509v3 Authority Key Identifier: keyid:CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:96:d2:e4:dc:b0:54:99:6d:6a:08:4a:9f:d6:f3:95:03:6f: 9f:07:8e:16:0d:01:9d:d4:3d:d7:2c:d6:b7:a9:71:b2:48:cf: 4b:77:b8:ca:97:c2:bc:dc:11:1e:d4:5f:4c:b7:c3:48:c7:01: 0b:15:dd:0c:26:11:c6:d3:e8:07:74:aa:58:5d:f0:31:5e:b1: 15:0c:46:ad:b3:7e:1d:33:be:9f:72:74:87:9e:74:f0:3f:c5: 32:ce:2b:ab:25:b0:70:cf:af:5a:98:ba:54:37:4f:c3:3f:74: 5c:4d:51:95:5b:57:ea:d2:9f:6c:3f:20:28:94:eb:94:e1:32: c6:ec:f2:01:00:e9:cf:36:fb:4c:73:47:e1:e3:7a:03:7c:09: 9b:a3:e2:93:1e:a6:f2:34:94:92:dc:9d:27:32:85:5c:d9:d5: 19:ee:d9:ea:77:5a:1c:3f:cf:bc:0c:0e:bd:50:a4:bb:da:d5: c6:d4:59:12:61:a1:bc:d6:50:20:e9:94:56:96:22:19:18:48: 25:c6:e1:e3:34:80:ca:80:ed:e9:db:d0:a0:14:7c:45:87:02: 15:b6:ac:04:3b:65:65:7b:e0:47:b3:d6:2f:f1:6f:03:b3:75: 95:56:27:3a:b9:6e:59:98:4d:59:0d:38:d0:e0:51:d5:02:ad: 22:d1:ea:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv142ZZzZHfL3cCYf44Y49pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkODZiOGNlMjIyNDgyYTE0ZjliMTM0NjhjZTU3ZTk5OTI2 ODQ5NjEwHhcNMjYwMTI1MTYwMTE5WhcNMjYwMTI2MTYwMTE5WjAzMTEwLwYDVQQD EyhiNWJjNzM2MjhkYTgyMjlkY2UxZGVjOTQ4MjgzYzk5ZDk5YzVmOTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLPGjBheAxA/Tp1mHDqJiqu8xnlY 0OGM89D8NjOgvNx799GOdC8wRqzllRQRcUdyDtKZ9bc9M5oVsP57WtK1p/1v+K7D 2VfGduJa1AHOERxLhK10H3cxw65d3Z07XGapruMPJ3k90wFEZ+xkt099TP444hXn uzBkzCUAH0PYSW9r5powJa9iIOUS2jsxLpvaeRHHEswBL3sVNdDbrUD/J7c+MYxr JvbKC/jKDX/xZwuFMqaNDn3kDPMvGDV3NMP9jX2PKzAZszoxMEZ6JbY6jHFXJ7OD c415tO2b16d7vu0VgGKibaGkhPLLF1+P/dZh2nWmhfRXIKWFs2e593CM2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLW8c2KNqCKdzh3slIKDyZ2ZxfkYMB8GA1UdIwQY MBaAFM2GuM4iJIKhT5sTRozlfpmSaElhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0Yzct ZGMyZDU1NzUwM2VlLzEvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0YzctZGMyZDU1NzUwM2Vl LzEvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpbS5Nyw VJltaghKn9bzlQNvnweOFg0BndQ91yzWt6lxskjPS3e4ypfCvNwRHtRfTLfDSMcB CxXdDCYRxtPoB3SqWF3wMV6xFQxGrbN+HTO+n3J0h5508D/FMs4rqyWwcM+vWpi6 VDdPwz90XE1RlVtX6tKfbD8gKJTrlOEyxuzyAQDpzzb7THNH4eN6A3wJm6Pikx6m 8jSUktydJzKFXNnVGe7Z6ndaHD/PvAwOvVCku9rVxtRZEmGhvNZQIOmUVpYiGRhI Jcbh4zSAyoDt6dvQoBR8RYcCFbasBDtlZXvgR7PWL/FvA7N1lVYnOrluWZhNWQ04 0OBR1QKtItHq1g== -----END CERTIFICATE-----Generated at Mon Jan 26 02:30:46 2026 by rpki-client