This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.mft File: QA8uoVe7tTqwJgEazlzRNg7y930.mft (raw, json) Hash identifier: yezbVgwU8vZgQcyt95NNhxoURKaAzCIJmFOTGauWcp8= Subject key identifier: F3:14:F0:6A:38:8B:7F:4B:88:B3:8C:A0:4E:AE:E3:BA:54:14:13:FD Authority key identifier: 40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D Certificate issuer: /CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d Certificate serial: 019BF5E3234599796FCF1899924A83EC3950 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.mft Manifest number: 173D Signing time: Sun 25 Jan 2026 16:01:02 +0000 Manifest this update: Sun 25 Jan 2026 16:01:02 +0000 Manifest next update: Mon 26 Jan 2026 16:01:02 +0000 Files and hashes: 1: 4oXgZ-1Ye2fC1cFU0rvhklNnNQI.roa (hash: b9MP0rdkmPkjLsxKnX60/w1PVwahqRg3qlsqfmJHgCk=) 2: QA8uoVe7tTqwJgEazlzRNg7y930.crl (hash: GTC6IcbOkDVRqNhrEaY/vb48pjnxUvip+V9csXxwjws=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.mft rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:e3:23:45:99:79:6f:cf:18:99:92:4a:83:ec:39:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d Validity Not Before: Jan 25 16:01:02 2026 GMT Not After : Jan 26 16:01:02 2026 GMT Subject: CN=f314f06a388b7f4b88b38ca04eaee3ba541413fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f7:51:f1:5c:19:76:f3:4e:74:d7:fb:4c:53: a3:06:f3:7a:02:2e:f7:ea:1f:4b:71:15:a1:73:7b: 8a:cb:63:34:cc:43:2f:6a:e7:90:2a:40:bf:1f:59: b9:fb:d0:0d:2a:7d:4e:4b:68:f6:80:34:f4:02:75: da:8b:c2:e1:8a:14:2f:e4:f6:3c:f8:c1:24:c3:6c: 88:9a:ff:eb:82:b2:a6:6a:75:4a:ac:e5:c1:01:5d: 5b:84:38:c5:aa:fd:ad:6a:90:93:65:9c:1e:e5:f3: f2:74:2c:17:a1:e8:d2:c0:d8:71:9c:f0:eb:f3:e5: 55:f1:24:9d:8f:f4:9a:4b:65:18:21:75:07:63:32: d4:77:4c:7f:12:1d:35:0b:f3:2a:f3:48:b4:5e:da: 21:f0:48:c9:5a:0d:b6:48:bb:ec:cf:d8:97:9f:4e: c0:c9:57:eb:42:91:18:85:82:80:ce:ae:48:ef:13: a1:13:45:db:38:b7:98:69:49:f1:9d:58:7f:d6:df: fa:32:1e:a1:23:1d:5d:b9:33:de:98:74:6f:97:20: 44:36:d4:b1:e5:4e:53:c9:e3:c9:c9:37:33:90:66: a9:a7:13:6f:00:81:07:3e:02:c7:57:39:28:9b:4a: dd:18:37:a8:f4:45:0a:e1:9c:c5:3b:e0:61:49:ea: 5d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:14:F0:6A:38:8B:7F:4B:88:B3:8C:A0:4E:AE:E3:BA:54:14:13:FD X509v3 Authority Key Identifier: keyid:40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:75:12:fa:e3:98:7f:38:8f:e8:f7:8e:b0:c9:d9:04:26:64: 37:92:48:0c:af:ca:1f:0d:bd:e6:8b:02:56:76:6c:40:a8:cd: 23:c2:64:36:52:a6:27:57:5a:ca:fa:bd:48:20:99:dc:68:d9: 94:1c:43:35:53:62:2f:83:61:fc:3c:7a:48:2f:77:fd:79:32: 90:3a:a9:64:39:26:b6:dd:50:51:89:f5:e6:65:fd:2c:53:2b: 76:ae:4c:40:1f:be:9d:d6:9b:a6:20:c4:7f:3d:fe:f8:2d:1d: 89:b2:e2:97:24:11:b8:83:09:2a:1b:be:89:63:3e:7e:32:4e: 2b:a7:b7:32:d8:84:4c:1b:ed:0d:f8:26:13:34:1c:a4:76:af: 1e:96:91:0b:df:c6:f9:96:5f:1d:05:e5:0c:e5:0e:08:f8:ca: 3d:a5:b0:ce:7c:b7:1a:6c:cc:bc:60:2b:c4:57:ce:76:46:a9: 25:8b:23:74:13:49:76:f3:81:a6:ea:80:c2:9c:32:d7:fc:cb: a3:cb:27:ea:ff:c6:b8:30:ea:e5:48:4c:1e:cd:b0:d6:68:e3: ff:80:13:1c:79:85:09:ab:d3:ef:9a:37:6e:98:d2:11:11:bc: d3:ce:1a:a6:d5:4f:82:82:79:ba:df:d7:e7:0f:72:0c:bd:41: 20:3e:98:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv14yNFmXlvzxiZkkqD7DlQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMGYyZWExNTdiYmI1M2FiMDI2MDExYWNlNWNkMTM2MGVm MmY3N2QwHhcNMjYwMTI1MTYwMTAyWhcNMjYwMTI2MTYwMTAyWjAzMTEwLwYDVQQD EyhmMzE0ZjA2YTM4OGI3ZjRiODhiMzhjYTA0ZWFlZTNiYTU0MTQxM2ZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfdR8VwZdvNOdNf7TFOjBvN6Ai73 6h9LcRWhc3uKy2M0zEMvaueQKkC/H1m5+9ANKn1OS2j2gDT0AnXai8LhihQv5PY8 +MEkw2yImv/rgrKmanVKrOXBAV1bhDjFqv2tapCTZZwe5fPydCwXoejSwNhxnPDr 8+VV8SSdj/SaS2UYIXUHYzLUd0x/Eh01C/Mq80i0Xtoh8EjJWg22SLvsz9iXn07A yVfrQpEYhYKAzq5I7xOhE0XbOLeYaUnxnVh/1t/6Mh6hIx1duTPemHRvlyBENtSx 5U5TyePJyTczkGappxNvAIEHPgLHVzkom0rdGDeo9EUK4ZzFO+BhSepduwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPMU8Go4i39LiLOMoE6u47pUFBP9MB8GA1UdIwQY MBaAFEAPLqFXu7U6sCYBGs5c0TYO8vd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQt ZDc5NzFmMWU1OTlkLzEvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQtZDc5NzFmMWU1OTlk LzEvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3US+uOY fziP6PeOsMnZBCZkN5JIDK/KHw295osCVnZsQKjNI8JkNlKmJ1dayvq9SCCZ3GjZ lBxDNVNiL4Nh/Dx6SC93/XkykDqpZDkmtt1QUYn15mX9LFMrdq5MQB++ndabpiDE fz3++C0dibLilyQRuIMJKhu+iWM+fjJOK6e3MtiETBvtDfgmEzQcpHavHpaRC9/G +ZZfHQXlDOUOCPjKPaWwzny3GmzMvGArxFfOdkapJYsjdBNJdvOBpuqAwpwy1/zL o8sn6v/GuDDq5UhMHs2w1mjj/4ATHHmFCavT75o3bpjSERG8084aptVPgoJ5ut/X 5w9yDL1BID6YsQ== -----END CERTIFICATE-----Generated at Mon Jan 26 00:21:24 2026 by rpki-client