This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft File: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft (raw, json) Hash identifier: ntVPQV7rmd04M819NQ685g/6tpatuEADho1G1LJGvEQ= Subject key identifier: 50:B4:3C:03:E7:6D:09:74:A0:82:65:48:73:B3:22:AA:41:41:E7:B3 Authority key identifier: C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E Certificate issuer: /CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e Certificate serial: 019BF72D7A6938E76C03633992EC769EA7A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft Manifest number: 0987 Signing time: Sun 25 Jan 2026 22:01:51 +0000 Manifest this update: Sun 25 Jan 2026 22:01:51 +0000 Manifest next update: Mon 26 Jan 2026 22:01:51 +0000 Files and hashes: 1: bkpFrc_6laoYbGdkqTlHlW-Qe80.roa (hash: p/3gwRkkBDXycKoUYkEzWpJbWT3T+RMybdZ5AMyzIgo=) 2: xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl (hash: PcQOQnceH8HSfehGQVsUCDOfaXhE56H082gUt3b80d8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:7a:69:38:e7:6c:03:63:39:92:ec:76:9e:a7:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c43c74022cbbf0b3cfff6031d6d2de0369c99e4e Validity Not Before: Jan 25 22:01:51 2026 GMT Not After : Jan 26 22:01:51 2026 GMT Subject: CN=50b43c03e76d0974a082654873b322aa4141e7b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e6:f5:cc:fe:e1:be:59:e9:96:ff:33:7d:38: 8b:af:be:f2:2a:bf:b3:4c:7a:f0:a6:f1:db:19:f9: 95:72:2c:23:56:66:cd:87:f2:f6:d5:dd:ca:3a:d8: c5:af:bf:9b:48:2c:5e:e7:43:79:cc:93:67:f0:ae: 6d:7d:c5:7d:ce:64:8c:ba:d8:f5:6e:77:8b:2e:72: 39:0d:9c:c5:3f:66:ee:92:85:80:1c:e3:01:1d:0c: 66:0c:86:71:2f:8c:54:65:ef:e2:99:07:15:1b:6e: 91:da:d3:73:06:06:cd:7b:43:88:9b:4a:bd:87:f4: a3:7a:a6:d3:8e:88:16:bc:4e:86:d1:f4:99:5c:7c: 14:e1:04:91:79:db:31:e6:52:9c:d5:9b:98:08:5f: 68:5e:b9:a3:5b:7c:7d:88:f3:61:08:68:4d:ce:08: 09:07:5b:82:04:5e:55:aa:08:1a:fd:8c:2c:a6:bf: 94:9c:40:44:59:e7:6b:1a:f6:7d:fd:c9:48:86:61: e1:de:5e:90:76:d1:6f:38:02:21:b3:7a:0f:db:b9: d9:02:ba:1c:c8:ce:34:42:e9:a0:75:9c:2d:b1:d7: 2a:20:3f:49:9c:51:e2:db:03:9b:b8:31:3b:5b:23: 80:f9:28:6e:80:5d:88:94:12:18:c8:08:d3:d6:62: aa:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:B4:3C:03:E7:6D:09:74:A0:82:65:48:73:B3:22:AA:41:41:E7:B3 X509v3 Authority Key Identifier: keyid:C4:3C:74:02:2C:BB:F0:B3:CF:FF:60:31:D6:D2:DE:03:69:C9:9E:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed5d3a-b869-4cda-9d32-250e55b9d4a9/1/xDx0Aiy78LPP_2Ax1tLeA2nJnk4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:5b:f2:5d:1b:d8:fd:32:17:76:c3:60:58:00:91:86:a9:bc: e1:64:75:e2:75:63:4c:8b:f2:7d:59:0c:e7:fe:bb:93:04:19: 90:e8:47:cc:f5:79:58:c8:51:19:69:8c:ac:6b:9f:09:cb:24: 91:1d:99:45:aa:1d:50:69:92:92:83:8e:72:44:27:f3:0f:ea: 7b:c4:73:fb:6d:45:3e:e9:11:69:6e:3a:f4:c9:fd:36:36:96: cf:9b:a0:ab:22:1d:12:dc:33:9a:24:ed:b9:19:b5:3e:24:2e: 3f:b1:bd:28:78:83:0e:a6:5b:52:88:cb:ca:9d:e8:b2:eb:f1: 76:57:30:39:f2:b5:75:96:54:47:15:20:4c:e5:03:9f:7d:fe: 75:49:69:bf:17:8e:e5:cd:41:23:9f:42:34:16:6e:41:0f:29: 2a:dc:8f:fb:80:16:2c:93:e5:3a:a7:c4:9d:4f:c3:47:7e:5a: 51:32:03:65:61:68:a1:ca:59:1d:36:4b:8b:15:be:b2:a4:74: 4c:45:33:0c:33:c8:0a:b0:8a:15:64:df:39:97:be:dc:1f:0d: ea:a2:85:8e:3c:69:95:88:e3:81:26:0e:52:bf:f2:74:cd:b2: c4:29:58:d7:01:1a:07:01:f4:e0:67:e7:07:ae:14:be:9b:f3: a9:7f:ed:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LXppOOdsA2M5kux2nqemMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0M2M3NDAyMmNiYmYwYjNjZmZmNjAzMWQ2ZDJkZTAzNjlj OTllNGUwHhcNMjYwMTI1MjIwMTUxWhcNMjYwMTI2MjIwMTUxWjAzMTEwLwYDVQQD Eyg1MGI0M2MwM2U3NmQwOTc0YTA4MjY1NDg3M2IzMjJhYTQxNDFlN2IzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+b1zP7hvlnplv8zfTiLr77yKr+z THrwpvHbGfmVciwjVmbNh/L21d3KOtjFr7+bSCxe50N5zJNn8K5tfcV9zmSMutj1 bneLLnI5DZzFP2bukoWAHOMBHQxmDIZxL4xUZe/imQcVG26R2tNzBgbNe0OIm0q9 h/SjeqbTjogWvE6G0fSZXHwU4QSRedsx5lKc1ZuYCF9oXrmjW3x9iPNhCGhNzggJ B1uCBF5Vqgga/Ywspr+UnEBEWedrGvZ9/clIhmHh3l6QdtFvOAIhs3oP27nZAroc yM40QumgdZwtsdcqID9JnFHi2wObuDE7WyOA+ShugF2IlBIYyAjT1mKqwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFC0PAPnbQl0oIJlSHOzIqpBQeezMB8GA1UdIwQY MBaAFMQ8dAIsu/Czz/9gMdbS3gNpyZ5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzIt MjUwZTU1YjlkNGE5LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9lZDVkM2EtYjg2OS00Y2RhLTlkMzItMjUwZTU1YjlkNGE5 LzEveER4MEFpeTc4TFBQXzJBeDF0TGVBMm5Kbms0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIlvyXRvY /TIXdsNgWACRhqm84WR14nVjTIvyfVkM5/67kwQZkOhHzPV5WMhRGWmMrGufCcsk kR2ZRaodUGmSkoOOckQn8w/qe8Rz+21FPukRaW469Mn9NjaWz5ugqyIdEtwzmiTt uRm1PiQuP7G9KHiDDqZbUojLyp3osuvxdlcwOfK1dZZURxUgTOUDn33+dUlpvxeO 5c1BI59CNBZuQQ8pKtyP+4AWLJPlOqfEnU/DR35aUTIDZWFoocpZHTZLixW+sqR0 TEUzDDPICrCKFWTfOZe+3B8N6qKFjjxplYjjgSYOUr/ydM2yxClY1wEaBwH04Gfn B64UvpvzqX/tQg== -----END CERTIFICATE-----Generated at Mon Jan 26 03:32:48 2026 by rpki-client