This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft File: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json) Hash identifier: JKGpkVhebMhm7pCtlJKUvxRT22Sk2ygEknyhROY/XoU= Subject key identifier: 6D:72:E3:84:49:66:7A:22:D0:7A:9D:8B:D6:90:1C:8C:A0:F6:AF:C6 Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 Certificate issuer: /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Certificate serial: 019BF91B2D0A43A6BDF7F80C0940CFCDFE0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft Manifest number: 036D Signing time: Mon 26 Jan 2026 07:01:06 +0000 Manifest this update: Mon 26 Jan 2026 07:01:06 +0000 Manifest next update: Tue 27 Jan 2026 07:01:06 +0000 Files and hashes: 1: NS4bJSf8JtisPPo4E4AUvgYiJkI.roa (hash: kNAqy7sfsX/DzrejY1IHLtdhRNkU/dXjQEKN71zDd5M=) 2: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: XTRHAyEEVAz9qa9Nm3qtvwVjd1y43O2yIag56sXVuTw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:1b:2d:0a:43:a6:bd:f7:f8:0c:09:40:cf:cd:fe:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Validity Not Before: Jan 26 07:01:06 2026 GMT Not After : Jan 27 07:01:06 2026 GMT Subject: CN=6d72e38449667a22d07a9d8bd6901c8ca0f6afc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:32:37:b6:86:18:3f:54:db:b4:9d:7c:11:55: 46:64:c2:70:a3:08:ca:35:97:da:0b:e9:72:13:00: 2e:46:d3:29:58:86:92:2a:22:22:40:3f:0a:42:ed: 22:88:e3:a5:d1:cc:6a:a0:86:93:9a:c0:38:e8:76: 81:b6:38:0c:f8:a8:e8:77:40:7b:ee:73:88:20:6b: 6e:41:78:c9:34:33:f5:f9:5b:ac:e5:aa:9a:52:e0: c4:ff:7a:40:7e:da:a7:17:ec:fe:69:6c:05:a5:be: 2d:60:af:89:f3:3a:7d:44:31:87:7b:8f:bc:d7:a2: 91:6f:70:c3:4f:0a:1a:27:8f:50:c6:70:6d:80:c2: fb:6b:2d:40:a1:4b:51:a6:60:7a:69:24:54:fc:1f: 51:dc:fe:d4:ea:0a:f0:13:22:d4:fd:1f:2b:3e:bf: be:4d:67:14:bd:97:4b:4f:84:84:30:e5:40:de:fc: 10:57:5e:ce:38:fa:ee:37:85:8a:0c:8b:cd:4f:00: c5:59:22:60:f0:89:92:94:3c:4d:4d:3f:56:30:a1: 06:bc:30:60:c1:fc:91:05:8f:4d:e5:47:bf:c5:19: da:8e:29:9e:4b:14:b8:53:47:97:62:8f:96:4c:4f: 42:b8:2a:c6:96:3a:11:ef:e3:39:c3:86:7b:90:13: 0c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:72:E3:84:49:66:7A:22:D0:7A:9D:8B:D6:90:1C:8C:A0:F6:AF:C6 X509v3 Authority Key Identifier: keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:20:18:66:a1:a1:e1:06:b7:ba:4e:3c:16:de:f0:c0:b8:8e: 7a:ac:74:c1:db:6b:ed:0e:2b:e1:43:6a:d3:a1:2f:56:2a:d2: 5c:26:02:ca:ad:35:67:e1:ea:6b:49:21:56:c1:4a:22:a7:5e: de:1d:6a:ed:a2:9b:23:95:33:fd:36:2a:9d:65:3f:0a:1f:f5: c4:8a:9f:18:33:b5:23:a6:d2:94:2b:2e:06:46:e8:d5:39:3f: 84:41:27:26:96:c9:56:48:1d:1c:2a:5b:8e:75:af:6f:36:bb: 9e:a1:78:d1:b8:99:e2:72:eb:2f:76:fc:35:11:db:9e:10:2a: fe:50:55:81:36:02:ad:93:70:c9:27:86:ba:b7:67:1c:04:8e: f9:c3:bf:be:6a:37:e4:50:1b:aa:5d:9f:c1:1b:40:97:d1:ae: 08:52:dc:85:37:87:d0:40:4b:1c:97:8f:ee:74:be:a9:c2:cf: 1f:22:9b:36:f5:2d:7f:99:25:f0:32:3b:09:95:a5:c0:fe:5c: c1:ae:66:49:76:ed:e5:63:22:4c:37:75:cf:67:3c:e6:79:92: 81:0e:21:04:97:f3:6c:65:3d:1a:63:7c:51:6c:64:a0:26:a5: ff:71:28:52:cd:24:23:14:28:f5:93:97:51:0d:0c:6d:5f:2a: 74:97:1e:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5Gy0KQ6a99/gMCUDPzf4KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw ZmM2YTEwHhcNMjYwMTI2MDcwMTA2WhcNMjYwMTI3MDcwMTA2WjAzMTEwLwYDVQQD Eyg2ZDcyZTM4NDQ5NjY3YTIyZDA3YTlkOGJkNjkwMWM4Y2EwZjZhZmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijI3toYYP1TbtJ18EVVGZMJwowjK NZfaC+lyEwAuRtMpWIaSKiIiQD8KQu0iiOOl0cxqoIaTmsA46HaBtjgM+Kjod0B7 7nOIIGtuQXjJNDP1+Vus5aqaUuDE/3pAftqnF+z+aWwFpb4tYK+J8zp9RDGHe4+8 16KRb3DDTwoaJ49QxnBtgML7ay1AoUtRpmB6aSRU/B9R3P7U6grwEyLU/R8rPr++ TWcUvZdLT4SEMOVA3vwQV17OOPruN4WKDIvNTwDFWSJg8ImSlDxNTT9WMKEGvDBg wfyRBY9N5Ue/xRnajimeSxS4U0eXYo+WTE9CuCrGljoR7+M5w4Z7kBMMawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG1y44RJZnoi0Hqdi9aQHIyg9q/GMB8GA1UdIwQY MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSAYZqGh 4Qa3uk48Ft7wwLiOeqx0wdtr7Q4r4UNq06EvVirSXCYCyq01Z+Hqa0khVsFKIqde 3h1q7aKbI5Uz/TYqnWU/Ch/1xIqfGDO1I6bSlCsuBkbo1Tk/hEEnJpbJVkgdHCpb jnWvbza7nqF40biZ4nLrL3b8NRHbnhAq/lBVgTYCrZNwySeGurdnHASO+cO/vmo3 5FAbql2fwRtAl9GuCFLchTeH0EBLHJeP7nS+qcLPHyKbNvUtf5kl8DI7CZWlwP5c wa5mSXbt5WMiTDd1z2c85nmSgQ4hBJfzbGU9GmN8UWxkoCal/3EoUs0kIxQo9ZOX UQ0MbV8qdJceQg== -----END CERTIFICATE-----Generated at Mon Jan 26 14:03:52 2026 by rpki-client