This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft File: xHC41L-HFAS8pTx3gVME7y6k4co.mft (raw, json) Hash identifier: IDeDHNVhFpoUYPFqRPMAlPjl5zL/C0MKWgXEekNRFI4= Subject key identifier: 4A:C8:28:FE:17:25:ED:0B:FF:0B:F2:F1:25:39:4C:44:24:4D:2B:59 Authority key identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA Certificate issuer: /CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Certificate serial: 019BF651B219DCF5250F1F09F0A17FA478DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft Manifest number: 01CE Signing time: Sun 25 Jan 2026 18:01:47 +0000 Manifest this update: Sun 25 Jan 2026 18:01:47 +0000 Manifest next update: Mon 26 Jan 2026 18:01:47 +0000 Files and hashes: 1: DnR3n06izuqiF0c6QLmB63bhByA.roa (hash: wXx/mCp3Tb5hj1tTLAH162/y2WEyBpkE4oI2Qluv1II=) 2: xHC41L-HFAS8pTx3gVME7y6k4co.crl (hash: s6I/7QyggKX+Q3CiE6dZTYxpCvlmKFZIvr8HCBCQSyE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:51:b2:19:dc:f5:25:0f:1f:09:f0:a1:7f:a4:78:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Validity Not Before: Jan 25 18:01:47 2026 GMT Not After : Jan 26 18:01:47 2026 GMT Subject: CN=4ac828fe1725ed0bff0bf2f125394c44244d2b59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:8c:f0:29:db:f0:33:bd:67:58:06:68:71:ab: a8:01:be:ff:3f:cf:6a:9b:d7:51:f3:f7:53:2b:84: 4f:c2:51:e2:47:56:81:2c:43:64:13:a1:52:ae:5c: 83:b4:e9:f7:09:46:3f:64:e0:c0:26:20:c6:fa:9d: 06:a6:d2:0d:9c:14:9e:b9:9b:61:f2:6e:20:84:95: 9e:29:0f:f3:dc:f7:8e:27:96:46:03:8e:50:b0:0d: 40:64:48:f9:81:6a:4f:64:6e:58:2f:58:a8:8e:c8: da:6a:92:22:4c:c4:66:4f:6f:70:96:61:96:4f:41: c3:54:45:43:f4:17:b1:bc:f4:07:c5:05:33:ca:9e: f6:bd:9b:56:c1:e6:10:36:dd:c5:28:9a:39:50:92: 32:a3:f5:84:34:91:d4:1a:39:5a:08:c3:aa:89:09: 15:b5:90:28:3b:63:d7:b0:18:c8:f7:1c:4c:1e:da: ad:f2:c0:8b:d4:49:99:61:b7:32:4d:a8:b2:5f:04: 62:3b:04:07:6d:0d:5f:f9:18:16:42:ff:14:5c:65: 6c:a1:e2:7e:39:7f:e2:6d:24:aa:5e:53:d5:5b:7c: 2e:7d:17:0c:9b:d6:2b:db:4f:9d:ae:d9:2d:74:32: 8d:08:05:8b:bf:9d:de:6c:12:98:5f:be:cd:05:be: 9f:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:C8:28:FE:17:25:ED:0B:FF:0B:F2:F1:25:39:4C:44:24:4D:2B:59 X509v3 Authority Key Identifier: keyid:C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:a6:f3:9b:f7:c7:65:38:22:92:e0:2b:84:da:2f:ee:9a:25: 3e:8a:cf:57:f8:7c:8e:de:5f:4f:26:cb:33:45:fe:ae:19:09: 39:28:1d:b7:35:d9:ab:3f:a0:40:b3:5c:74:75:c6:00:fa:cc: 5e:94:78:7c:8f:2b:4e:fe:c7:18:45:f0:2b:d2:ed:82:1e:e6: d5:5b:4c:40:25:a5:3c:94:2c:b3:e0:ec:13:bf:4d:b4:fd:21: d5:1f:1d:e4:dc:51:24:ad:38:27:68:9e:f2:cb:5b:bc:3f:49: b3:b1:88:05:e7:5a:1a:34:53:12:f1:f3:f2:15:87:e3:4d:82: bc:7f:26:d2:76:96:66:92:cd:07:77:fe:44:64:be:a4:6e:50: b9:c6:75:3a:c1:ee:5c:d2:45:e9:28:d9:ce:51:4f:32:39:58: 14:88:61:6a:e8:da:4e:15:54:83:ad:71:81:8e:00:24:ca:de: 34:63:7d:5c:c3:54:1c:91:17:88:de:62:83:21:6f:6d:ef:be: ea:5a:a1:5c:ce:36:50:83:0c:24:61:3e:dd:4c:a2:fb:e7:6a: 7f:c9:40:8c:0d:51:e4:45:87:fc:76:9f:84:2c:d9:af:c3:d6: 4f:b9:0a:06:01:24:f7:9c:81:b8:75:1a:25:cf:fa:6c:4f:a8: d5:0d:0a:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2UbIZ3PUlDx8J8KF/pHjcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NzBiOGQ0YmY4NzE0MDRiY2E1M2M3NzgxNTMwNGVmMmVh NGUxY2EwHhcNMjYwMTI1MTgwMTQ3WhcNMjYwMTI2MTgwMTQ3WjAzMTEwLwYDVQQD Eyg0YWM4MjhmZTE3MjVlZDBiZmYwYmYyZjEyNTM5NGM0NDI0NGQyYjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ozwKdvwM71nWAZocauoAb7/P89q m9dR8/dTK4RPwlHiR1aBLENkE6FSrlyDtOn3CUY/ZODAJiDG+p0GptINnBSeuZth 8m4ghJWeKQ/z3PeOJ5ZGA45QsA1AZEj5gWpPZG5YL1iojsjaapIiTMRmT29wlmGW T0HDVEVD9BexvPQHxQUzyp72vZtWweYQNt3FKJo5UJIyo/WENJHUGjlaCMOqiQkV tZAoO2PXsBjI9xxMHtqt8sCL1EmZYbcyTaiyXwRiOwQHbQ1f+RgWQv8UXGVsoeJ+ OX/ibSSqXlPVW3wufRcMm9Yr20+drtktdDKNCAWLv53ebBKYX77NBb6fXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFErIKP4XJe0L/wvy8SU5TEQkTStZMB8GA1UdIwQY MBaAFMRwuNS/hxQEvKU8d4FTBO8upOHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGIt ZjYyNGVkNWY0NmZlLzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9hNGJhOGYtNWU2MS00ZGNjLWJhMGItZjYyNGVkNWY0NmZl LzEveEhDNDFMLUhGQVM4cFR4M2dWTUU3eTZrNGNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZabzm/fH ZTgikuArhNov7polPorPV/h8jt5fTybLM0X+rhkJOSgdtzXZqz+gQLNcdHXGAPrM XpR4fI8rTv7HGEXwK9Ltgh7m1VtMQCWlPJQss+DsE79NtP0h1R8d5NxRJK04J2ie 8stbvD9Js7GIBedaGjRTEvHz8hWH402CvH8m0naWZpLNB3f+RGS+pG5QucZ1OsHu XNJF6SjZzlFPMjlYFIhhaujaThVUg61xgY4AJMreNGN9XMNUHJEXiN5igyFvbe++ 6lqhXM42UIMMJGE+3Uyi++dqf8lAjA1R5EWH/HafhCzZr8PWT7kKBgEk95yBuHUa Jc/6bE+o1Q0Kmw== -----END CERTIFICATE-----Generated at Sun Jan 25 22:19:29 2026 by rpki-client