This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft File: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft (raw, json) Hash identifier: tXpYfTaiRypLN2Allx5gVF1vlJ6XeqanuwFGFRHf/aw= Subject key identifier: E6:A5:39:98:3D:0D:81:6E:02:21:7A:78:DF:18:61:4B:D1:2C:34:F5 Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c Certificate serial: 019BF42BEE69EC625C822A15277D2F400643 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft Manifest number: 141A Signing time: Sun 25 Jan 2026 08:01:18 +0000 Manifest this update: Sun 25 Jan 2026 08:01:18 +0000 Manifest next update: Mon 26 Jan 2026 08:01:18 +0000 Files and hashes: 1: EsvahZdQZVhluZsLSr98J_sMDK4.roa (hash: DNS5SQ17LOTRnwWYUw1eb+IWwNLBZu1qV/4r+8SuduY=) 2: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl (hash: oT0Xlt3ZGKONRQE13sJIdoo6Il3mrGZege/VC1P/x1g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:2b:ee:69:ec:62:5c:82:2a:15:27:7d:2f:40:06:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c Validity Not Before: Jan 25 08:01:18 2026 GMT Not After : Jan 26 08:01:18 2026 GMT Subject: CN=e6a539983d0d816e02217a78df18614bd12c34f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:0b:a7:82:e4:17:bb:bb:bf:f9:a6:6b:6d:52: c3:6b:92:d1:91:20:dc:12:38:a6:44:dc:46:a6:8c: eb:ed:69:6e:9e:64:8f:8c:e8:ac:01:d0:02:35:64: b6:4c:1a:ea:2f:83:c1:38:36:e7:5b:57:61:32:1b: 53:ce:ec:50:5f:0d:70:72:2e:81:68:ce:fb:f9:f2: 34:f1:41:dc:15:23:45:a6:83:0e:a6:43:47:56:01: 98:10:d0:14:b8:47:c9:52:81:b7:58:3d:d1:59:3c: 02:1e:d8:0c:cb:12:cb:a6:18:eb:57:75:07:18:73: da:48:9e:d5:51:98:e3:73:20:d8:ca:35:45:c3:29: 44:c2:ca:26:7f:10:e1:d9:7b:53:75:5f:53:40:7a: c8:c2:41:ee:86:a1:02:43:6b:1d:62:ab:26:5c:86: 8d:e1:4a:64:25:3c:63:8d:d3:23:2c:75:12:2c:70: 58:5b:6f:78:51:17:83:e1:67:1f:4e:11:27:8f:7e: dd:1e:95:26:2e:06:05:24:e0:18:80:c1:15:85:44: 1d:e6:76:41:70:8a:50:a1:1f:29:9c:28:ff:55:e7: 79:29:8e:1b:f5:16:02:50:72:3e:db:06:2d:43:55: fe:df:1f:46:1d:8d:b2:d1:f0:28:47:89:d6:1d:7f: 2a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:A5:39:98:3D:0D:81:6E:02:21:7A:78:DF:18:61:4B:D1:2C:34:F5 X509v3 Authority Key Identifier: keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:6b:8b:61:bf:ab:29:91:cf:4d:16:c1:d5:56:8b:28:39:6a: 53:53:85:bc:55:bb:01:53:3d:a8:28:bf:75:93:d9:87:39:bc: 60:cc:21:d5:ba:ec:d9:c0:58:d2:28:8c:1f:d1:dd:f0:cd:fa: 9f:3d:5b:4f:16:c0:2e:14:ec:c4:30:4d:f1:2b:02:c5:15:ed: b4:45:9e:5f:94:b1:95:96:62:8d:f0:8c:d6:70:7f:8b:9c:89: a5:be:69:2c:f4:7c:c6:6a:55:f3:ef:8e:9c:e1:ef:7e:7b:31: 59:34:de:2c:84:78:57:57:d8:78:c2:3e:60:8e:55:0b:eb:69: a4:ec:fb:e6:81:3b:12:f3:3f:f0:b2:a2:76:ef:34:b2:cc:9a: 0f:a2:df:9d:9d:b7:17:e6:b7:ca:ef:89:b4:0d:97:22:cf:25: 5d:6d:48:cd:22:ae:2d:dc:87:70:b2:1f:11:d3:95:1f:69:6f: 6e:0a:69:22:1c:c6:73:51:fb:e3:4b:ac:35:a2:19:d1:0e:3c: 9e:cc:78:1a:0d:5e:08:7b:e4:34:28:f3:d8:e8:71:5a:5b:31: 51:38:e0:0f:73:06:ac:71:ac:8a:f0:9b:a8:95:eb:bd:a5:17: 45:bd:48:8e:c9:9e:72:b9:cb:c2:bb:c6:26:c8:b2:8a:35:fb: 7a:0b:53:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0K+5p7GJcgioVJ30vQAZDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3 NTYyMGMwHhcNMjYwMTI1MDgwMTE4WhcNMjYwMTI2MDgwMTE4WjAzMTEwLwYDVQQD EyhlNmE1Mzk5ODNkMGQ4MTZlMDIyMTdhNzhkZjE4NjE0YmQxMmMzNGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwunguQXu7u/+aZrbVLDa5LRkSDc EjimRNxGpozr7WlunmSPjOisAdACNWS2TBrqL4PBODbnW1dhMhtTzuxQXw1wci6B aM77+fI08UHcFSNFpoMOpkNHVgGYENAUuEfJUoG3WD3RWTwCHtgMyxLLphjrV3UH GHPaSJ7VUZjjcyDYyjVFwylEwsomfxDh2XtTdV9TQHrIwkHuhqECQ2sdYqsmXIaN 4UpkJTxjjdMjLHUSLHBYW294UReD4WcfThEnj37dHpUmLgYFJOAYgMEVhUQd5nZB cIpQoR8pnCj/Ved5KY4b9RYCUHI+2wYtQ1X+3x9GHY2y0fAoR4nWHX8qPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOalOZg9DYFuAiF6eN8YYUvRLDT1MB8GA1UdIwQY MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt NmY1ZDhhNzRhMGU0LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0 LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmuLYb+r KZHPTRbB1VaLKDlqU1OFvFW7AVM9qCi/dZPZhzm8YMwh1brs2cBY0iiMH9Hd8M36 nz1bTxbALhTsxDBN8SsCxRXttEWeX5SxlZZijfCM1nB/i5yJpb5pLPR8xmpV8++O nOHvfnsxWTTeLIR4V1fYeMI+YI5VC+tppOz75oE7EvM/8LKidu80ssyaD6LfnZ23 F+a3yu+JtA2XIs8lXW1IzSKuLdyHcLIfEdOVH2lvbgppIhzGc1H740usNaIZ0Q48 nsx4Gg1eCHvkNCjz2OhxWlsxUTjgD3MGrHGsivCbqJXrvaUXRb1IjsmecrnLwrvG JsiyijX7egtTMg== -----END CERTIFICATE-----Generated at Sun Jan 25 16:46:32 2026 by rpki-client