This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft File: hAfwBj7przHYfP5lubwZPrQsiWk.mft (raw, json) Hash identifier: R7IjwFVZm5tTKFs+EE/z0f5e9jn2pcAwaJ9ME2wAkf8= Subject key identifier: B2:A0:70:A5:9A:E9:7E:9F:55:B1:A8:C3:EC:0F:54:6C:0F:B6:B1:91 Authority key identifier: 84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69 Certificate issuer: /CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969 Certificate serial: 019BF619C64EAB114BF314FDDD25C02B1404 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft Manifest number: 084C Signing time: Sun 25 Jan 2026 17:00:42 +0000 Manifest this update: Sun 25 Jan 2026 17:00:42 +0000 Manifest next update: Mon 26 Jan 2026 17:00:42 +0000 Files and hashes: 1: hAfwBj7przHYfP5lubwZPrQsiWk.crl (hash: VtV5GXsfV9T4u8wrBZrmhU8UGK80nKxm/F2P+T828fI=) 2: ilf77_-o9-q6za7MOsqeG7F-F18.roa (hash: QcXY77GP6oWSI7llT54vOOPgAvyMn7s0Et6LlhSw/kk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:19:c6:4e:ab:11:4b:f3:14:fd:dd:25:c0:2b:14:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969 Validity Not Before: Jan 25 17:00:42 2026 GMT Not After : Jan 26 17:00:42 2026 GMT Subject: CN=b2a070a59ae97e9f55b1a8c3ec0f546c0fb6b191 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9b:a3:4c:8a:98:af:39:07:61:25:9e:66:14: cc:d4:3d:1f:67:80:1f:d4:11:80:a6:37:73:d1:b1: 61:06:8f:9a:79:c5:fa:8b:7a:13:18:b5:0d:e7:4d: b3:d4:11:21:aa:5b:96:22:5c:fe:98:81:03:13:78: c3:24:35:fa:fa:27:8e:89:8b:fe:e0:69:3d:bf:e3: d8:ba:68:c7:61:9b:9b:01:27:6b:b0:ea:45:40:29: 59:d7:58:26:d9:3c:b2:59:05:a4:2b:ef:e4:51:fd: d0:fd:0f:2d:3f:20:ee:54:dd:1d:95:33:d9:4c:cb: 6e:5c:66:78:af:00:e2:ce:e3:03:28:53:e1:23:c5: f2:4e:69:6a:d3:51:44:d0:20:94:00:a6:08:3c:36: 92:47:d4:59:f5:b0:bd:f9:ea:b0:9f:bd:b5:87:57: 59:15:c4:bf:bd:c4:01:f4:3b:f4:c0:3e:8c:38:6b: bf:35:7c:d9:72:32:f0:07:1d:55:2e:9e:db:2d:e7: fe:d6:d2:07:3f:c0:6f:59:83:c7:02:86:8f:af:90: bb:8f:9a:eb:1f:92:53:92:3a:54:f0:bd:93:99:62: 5a:69:7f:24:d7:ff:73:bd:c1:17:ba:e6:94:68:69: 30:95:33:c5:b9:29:1e:bf:6a:2a:8a:da:48:53:06: e2:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A0:70:A5:9A:E9:7E:9F:55:B1:A8:C3:EC:0F:54:6C:0F:B6:B1:91 X509v3 Authority Key Identifier: keyid:84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:e6:2b:40:d7:b1:c6:25:57:c8:0e:89:75:0c:16:85:49:15: f5:6d:2a:e5:d0:fe:5c:b7:f0:2f:6b:79:66:e2:46:7b:84:97: b4:cc:fe:0f:ee:67:51:7f:ce:d3:5c:f9:b4:41:b3:9d:1d:96: 50:24:27:a9:53:ac:14:ed:62:fe:ff:cf:1a:a1:7a:37:06:58: d5:6c:ba:11:45:a0:e4:1c:8b:9f:f0:5d:a6:78:b9:52:3c:94: 92:84:9d:8a:9d:5c:2a:af:b1:50:8c:66:d9:53:3f:1e:54:17: c9:6a:74:49:6f:c7:ca:cb:e6:31:52:05:ce:60:f4:30:01:27: d9:0f:6d:56:5d:db:dd:a1:df:1f:25:e2:df:3a:df:67:57:0a: f5:5f:77:e3:ca:4e:82:55:d8:19:4f:2c:ae:c3:e5:1d:d8:a2: b5:f5:6c:6b:92:2b:d2:0c:56:21:82:76:31:71:3d:af:21:ca: b2:03:75:aa:97:f6:cf:f6:6b:2f:af:11:50:1a:d4:77:0e:3b: 45:55:60:af:4d:f5:7e:a8:57:c8:d5:24:d2:88:2c:38:e7:a6: 7f:25:64:11:31:da:d7:0e:5b:58:01:49:a9:3a:68:ea:82:a4: f6:ad:58:97:f1:45:60:30:b0:ce:7a:6c:34:23:a6:a0:ee:d5: 15:0d:6c:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2GcZOqxFL8xT93SXAKxQEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MDdmMDA2M2VlOWFmMzFkODdjZmU2NWI5YmMxOTNlYjQy Yzg5NjkwHhcNMjYwMTI1MTcwMDQyWhcNMjYwMTI2MTcwMDQyWjAzMTEwLwYDVQQD EyhiMmEwNzBhNTlhZTk3ZTlmNTViMWE4YzNlYzBmNTQ2YzBmYjZiMTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJujTIqYrzkHYSWeZhTM1D0fZ4Af 1BGApjdz0bFhBo+aecX6i3oTGLUN502z1BEhqluWIlz+mIEDE3jDJDX6+ieOiYv+ 4Gk9v+PYumjHYZubASdrsOpFQClZ11gm2TyyWQWkK+/kUf3Q/Q8tPyDuVN0dlTPZ TMtuXGZ4rwDizuMDKFPhI8XyTmlq01FE0CCUAKYIPDaSR9RZ9bC9+eqwn721h1dZ FcS/vcQB9Dv0wD6MOGu/NXzZcjLwBx1VLp7bLef+1tIHP8BvWYPHAoaPr5C7j5rr H5JTkjpU8L2TmWJaaX8k1/9zvcEXuuaUaGkwlTPFuSkev2oqitpIUwbiIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKgcKWa6X6fVbGow+wPVGwPtrGRMB8GA1UdIwQY MBaAFIQH8AY+6a8x2Hz+Zbm8GT60LIlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWIt ZTFlZmNmMmVkMGE3LzEvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWItZTFlZmNmMmVkMGE3 LzEvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVOYrQNex xiVXyA6JdQwWhUkV9W0q5dD+XLfwL2t5ZuJGe4SXtMz+D+5nUX/O01z5tEGznR2W UCQnqVOsFO1i/v/PGqF6NwZY1Wy6EUWg5ByLn/Bdpni5UjyUkoSdip1cKq+xUIxm 2VM/HlQXyWp0SW/HysvmMVIFzmD0MAEn2Q9tVl3b3aHfHyXi3zrfZ1cK9V9348pO glXYGU8srsPlHdiitfVsa5Ir0gxWIYJ2MXE9ryHKsgN1qpf2z/ZrL68RUBrUdw47 RVVgr031fqhXyNUk0ogsOOemfyVkETHa1w5bWAFJqTpo6oKk9q1Yl/FFYDCwznps NCOmoO7VFQ1sLg== -----END CERTIFICATE-----Generated at Sun Jan 25 23:34:44 2026 by rpki-client