This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft File: 0KNDo37K0r-yw1vZsm1_SLy1dTc.mft (raw, json) Hash identifier: /zgJzZEGwfLEPPzFstLFZypZ0+FeoG/e4fvU0Hg4ciA= Subject key identifier: 47:68:44:B9:FC:5B:77:9F:FD:73:75:8A:72:3B:6C:06:F0:27:34:C7 Authority key identifier: D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37 Certificate issuer: /CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537 Certificate serial: 019BF72CDBB718036F770F3276BFA87E8737 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft Manifest number: 177A Signing time: Sun 25 Jan 2026 22:01:10 +0000 Manifest this update: Sun 25 Jan 2026 22:01:10 +0000 Manifest next update: Mon 26 Jan 2026 22:01:10 +0000 Files and hashes: 1: 0KNDo37K0r-yw1vZsm1_SLy1dTc.crl (hash: zHeX+tDMSMYLynne2sAmgCGAnEBSYdvBCaHSMPiXlIY=) 2: MqEYcGP28yZryUtdD_3wTNGTAVc.roa (hash: p6r4IvQhkyRHVWZ8dRkzEjBjRhq65iPcj75XjeJcHaM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2c:db:b7:18:03:6f:77:0f:32:76:bf:a8:7e:87:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537 Validity Not Before: Jan 25 22:01:10 2026 GMT Not After : Jan 26 22:01:10 2026 GMT Subject: CN=476844b9fc5b779ffd73758a723b6c06f02734c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:62:76:90:f4:b2:87:71:3d:34:39:6c:3c:87: c0:18:e8:e3:55:64:b0:ae:db:a3:07:f4:a2:44:66: ef:fd:be:7b:f2:8d:b7:4b:ba:20:1d:ff:29:b1:f6: 3b:71:bb:4c:09:30:f6:16:45:78:ea:6d:7b:fc:1c: 17:0a:9e:ba:05:ba:03:cb:cb:73:f0:96:f7:9d:ac: ba:b7:20:1e:96:6b:3c:75:e8:5a:70:92:db:9a:5b: 6a:1a:c7:6a:28:c8:56:25:61:81:00:c3:3f:5f:87: 81:62:7a:6d:f1:64:ec:32:20:73:18:b7:58:d4:99: 11:40:fd:28:53:b1:ef:da:f7:16:65:59:70:77:ae: 11:11:17:56:30:e5:03:5e:1a:1f:14:dd:c3:81:d7: 0d:42:22:0d:7c:0a:b0:70:0c:31:ea:3f:fd:94:82: 57:80:0f:d4:71:a1:2c:b0:a7:b6:57:65:95:25:0f: 1c:70:04:ae:08:98:6e:d7:5a:68:5d:fa:ae:e9:43: 04:a9:2d:34:c2:2d:8e:76:aa:61:57:54:db:6f:6d: 38:22:b6:8a:73:c7:06:6c:53:1d:bd:56:80:1a:ff: 03:ee:e5:62:53:75:f5:7f:3f:4b:eb:94:bf:70:3d: 73:69:b6:87:a7:6e:51:c7:cb:7f:38:d5:0e:77:d2: cf:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:68:44:B9:FC:5B:77:9F:FD:73:75:8A:72:3B:6C:06:F0:27:34:C7 X509v3 Authority Key Identifier: keyid:D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:27:57:0f:7b:55:5c:dd:d7:56:b3:21:18:2a:9a:99:b5:19: fb:ee:ae:10:e5:3e:4a:e8:e0:f0:22:cb:b8:64:20:61:a6:b3: e2:c8:3f:5c:ca:71:40:01:88:e8:20:93:a8:22:1f:72:f7:92: dd:6c:ad:1d:4a:65:5a:8a:b0:57:16:85:eb:f8:54:9c:09:5e: fd:53:7f:e7:e7:d9:20:74:64:8b:c2:de:d2:24:07:17:33:ba: 84:db:d2:16:d5:16:34:0f:48:a7:be:04:e8:f5:f1:01:a2:8e: 3b:ee:32:bc:58:fc:41:f1:fa:f7:39:d8:8f:3c:c7:ac:f3:23: 64:b8:94:1c:27:c6:fe:0b:ce:9e:1a:1d:ff:35:4b:a8:fb:91: 1d:98:c1:21:9c:b0:af:0f:15:e9:28:89:d0:33:94:8f:4b:67: 84:bb:45:e0:8d:bb:be:fd:49:63:c1:7a:68:bd:10:ca:dc:c1: 65:73:4f:d7:49:60:65:6e:c8:66:f5:50:90:df:db:9d:e2:1e: d6:14:15:73:cf:97:61:cc:66:c9:48:d2:97:f5:f5:e9:eb:95: e4:e7:a6:9c:77:22:e7:3c:9d:01:1c:5c:00:7c:44:e0:9c:76: ed:d3:55:f3:a0:17:83:3a:85:30:49:25:38:13:08:01:f1:d9: 3f:c5:5d:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LNu3GANvdw8ydr+ofoc3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwYTM0M2EzN2VjYWQyYmZiMmMzNWJkOWIyNmQ3ZjQ4YmNi NTc1MzcwHhcNMjYwMTI1MjIwMTEwWhcNMjYwMTI2MjIwMTEwWjAzMTEwLwYDVQQD Eyg0NzY4NDRiOWZjNWI3NzlmZmQ3Mzc1OGE3MjNiNmMwNmYwMjczNGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WJ2kPSyh3E9NDlsPIfAGOjjVWSw rtujB/SiRGbv/b578o23S7ogHf8psfY7cbtMCTD2FkV46m17/BwXCp66BboDy8tz 8Jb3nay6tyAelms8dehacJLbmltqGsdqKMhWJWGBAMM/X4eBYnpt8WTsMiBzGLdY 1JkRQP0oU7Hv2vcWZVlwd64RERdWMOUDXhofFN3DgdcNQiINfAqwcAwx6j/9lIJX gA/UcaEssKe2V2WVJQ8ccASuCJhu11poXfqu6UMEqS00wi2OdqphV1Tbb204IraK c8cGbFMdvVaAGv8D7uViU3X1fz9L65S/cD1zabaHp25Rx8t/ONUOd9LPVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEdoRLn8W3ef/XN1inI7bAbwJzTHMB8GA1UdIwQY MBaAFNCjQ6N+ytK/ssNb2bJtf0i8tXU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYt YzdiMzZiOGEyNjg1LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYtYzdiMzZiOGEyNjg1 LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlCdXD3tV XN3XVrMhGCqambUZ++6uEOU+Sujg8CLLuGQgYaaz4sg/XMpxQAGI6CCTqCIfcveS 3WytHUplWoqwVxaF6/hUnAle/VN/5+fZIHRki8Le0iQHFzO6hNvSFtUWNA9Ip74E 6PXxAaKOO+4yvFj8QfH69znYjzzHrPMjZLiUHCfG/gvOnhod/zVLqPuRHZjBIZyw rw8V6SiJ0DOUj0tnhLtF4I27vv1JY8F6aL0QytzBZXNP10lgZW7IZvVQkN/bneIe 1hQVc8+XYcxmyUjSl/X16euV5OemnHci5zydARxcAHxE4Jx27dNV86AXgzqFMEkl OBMIAfHZP8VdEA== -----END CERTIFICATE-----Generated at Mon Jan 26 01:48:24 2026 by rpki-client