This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json) Hash identifier: /ZIIdhq3XJC1EJEsFW/h4v1NtEt9jsWpgl+dB1rB7xc= Subject key identifier: D4:A4:26:36:FF:35:B6:33:ED:BD:E8:C4:C1:A6:61:08:74:09:57:39 Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019BFA2DCC0582D8ED0CB95B075CD02867BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft Manifest number: 0CEC Signing time: Mon 26 Jan 2026 12:01:03 +0000 Manifest this update: Mon 26 Jan 2026 12:01:03 +0000 Manifest next update: Tue 27 Jan 2026 12:01:03 +0000 Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: U9dAbKu4tf41U6gFnNOmylJORNLpiSh87lU+OHjZN3g=) 2: yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa (hash: ZWKRKB/jnik25oPS/+Y2ymZERk+OEa7DBYYnhwqGBQc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:2d:cc:05:82:d8:ed:0c:b9:5b:07:5c:d0:28:67:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Jan 26 12:01:03 2026 GMT Not After : Jan 27 12:01:03 2026 GMT Subject: CN=d4a42636ff35b633edbde8c4c1a6610874095739 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b8:84:df:c9:cf:e6:db:03:74:aa:eb:71:e7: 31:29:f0:42:96:1a:89:17:4e:84:8b:46:1d:0d:f4: 35:ba:d0:c8:36:71:c1:65:fb:89:03:8d:09:81:32: 1f:3a:75:fa:a7:e4:b5:e1:f1:89:01:88:8c:29:ab: 0a:38:4e:e3:bb:74:14:e5:8c:07:92:6f:41:df:bd: c9:44:8b:7f:7e:4e:6f:52:58:f6:d1:b8:46:81:22: 72:c3:3a:70:e5:d6:06:7e:2b:d5:a7:cd:23:1d:d4: 3b:9e:aa:95:a6:3a:53:1c:93:d8:3b:6a:f4:3a:66: c7:0d:51:f8:f1:d6:71:ad:39:e3:38:3d:df:9c:3a: d6:b5:2d:9c:fd:a1:ff:6f:43:67:fa:2d:b3:ac:83: e9:88:6a:cf:d3:28:72:5e:f3:f7:3d:a8:49:62:4f: 3f:ba:6e:89:cd:48:3e:f7:bd:4e:c3:97:ba:c7:31: 43:26:11:21:05:d6:ad:30:1d:99:b2:ca:d8:e9:f5: 37:23:91:6e:e5:95:76:03:d7:e6:2c:09:0c:d2:58: 4f:85:ae:fc:eb:19:17:8a:88:cf:39:38:1c:2f:19: c7:5f:52:96:82:e0:bb:cb:c8:c3:7e:62:69:f7:a1: c2:57:9d:dd:71:ba:c4:77:3a:6a:d3:3c:a1:bb:4a: f2:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:A4:26:36:FF:35:B6:33:ED:BD:E8:C4:C1:A6:61:08:74:09:57:39 X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:63:0e:44:01:82:1e:45:f7:25:e6:7a:9d:28:50:09:54:75: e5:eb:51:4f:21:f4:6a:07:30:12:4e:9d:ea:73:7c:e7:1c:96: 4d:7c:13:7f:49:58:ee:08:cc:6b:58:8e:0a:c8:9b:66:08:33: 3c:5f:93:72:67:ee:0b:fd:bf:58:92:34:ef:d5:d3:d9:95:37: 77:5a:52:1f:cf:50:0a:b6:75:a7:2d:48:60:42:79:ba:4e:4b: a6:9d:7a:ea:ab:47:6b:97:ea:b0:26:b2:81:5d:52:fd:f0:34: 04:df:7a:33:a9:c0:3f:ed:79:30:8d:ef:17:c4:bc:58:bf:60: e8:4e:3f:e0:ea:89:45:ca:cc:64:7e:7d:45:06:2e:f7:9f:03: 41:7a:ca:f0:11:b3:35:00:f1:98:ad:04:00:6c:5e:17:a3:6b: 23:31:0a:b5:1a:57:1b:dc:02:dd:22:94:0a:6b:0f:98:49:50: ac:47:0d:a0:0a:87:7f:e0:d2:3d:98:fc:d4:57:16:a9:0a:97: e8:76:37:cf:7f:e7:7f:cd:4e:5e:ac:8b:af:de:12:97:05:86: 88:39:2a:81:c5:45:66:ce:17:86:26:a1:ee:57:d8:4b:8e:0d: e9:ab:f1:ea:03:2a:e1:6c:60:a6:20:ad:ae:36:c4:c3:eb:5a: 8d:70:27:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6LcwFgtjtDLlbB1zQKGe6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjYwMTI2MTIwMTAzWhcNMjYwMTI3MTIwMTAzWjAzMTEwLwYDVQQD EyhkNGE0MjYzNmZmMzViNjMzZWRiZGU4YzRjMWE2NjEwODc0MDk1NzM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5biE38nP5tsDdKrrcecxKfBClhqJ F06Ei0YdDfQ1utDINnHBZfuJA40JgTIfOnX6p+S14fGJAYiMKasKOE7ju3QU5YwH km9B373JRIt/fk5vUlj20bhGgSJywzpw5dYGfivVp80jHdQ7nqqVpjpTHJPYO2r0 OmbHDVH48dZxrTnjOD3fnDrWtS2c/aH/b0Nn+i2zrIPpiGrP0yhyXvP3PahJYk8/ um6JzUg+971Ow5e6xzFDJhEhBdatMB2ZssrY6fU3I5Fu5ZV2A9fmLAkM0lhPha78 6xkXiojPOTgcLxnHX1KWguC7y8jDfmJp96HCV53dcbrEdzpq0zyhu0ry5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNSkJjb/NbYz7b3oxMGmYQh0CVc5MB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM2MORAGC HkX3JeZ6nShQCVR15etRTyH0agcwEk6d6nN85xyWTXwTf0lY7gjMa1iOCsibZggz PF+TcmfuC/2/WJI079XT2ZU3d1pSH89QCrZ1py1IYEJ5uk5Lpp166qtHa5fqsCay gV1S/fA0BN96M6nAP+15MI3vF8S8WL9g6E4/4OqJRcrMZH59RQYu958DQXrK8BGz NQDxmK0EAGxeF6NrIzEKtRpXG9wC3SKUCmsPmElQrEcNoAqHf+DSPZj81FcWqQqX 6HY3z3/nf81OXqyLr94SlwWGiDkqgcVFZs4Xhiah7lfYS44N6avx6gMq4WxgpiCt rjbEw+tajXAnaw== -----END CERTIFICATE-----Generated at Mon Jan 26 21:08:53 2026 by rpki-client