This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft File: xmCFijitXhG3sYk5KIO8g-trNh0.mft (raw, json) Hash identifier: If03XtecM3fo20jeillooOKsbeHflZAoH8gNieXRnbM= Subject key identifier: 2F:BA:06:7B:71:A8:60:58:02:37:3F:3C:73:6C:A1:0F:8F:8E:4D:30 Authority key identifier: C6:60:85:8A:38:AD:5E:11:B7:B1:89:39:28:83:BC:83:EB:6B:36:1D Certificate issuer: /CN=c660858a38ad5e11b7b189392883bc83eb6b361d Certificate serial: 019C1ACB014AEF1C3418506FCF336F222732 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft Manifest number: 17FA Signing time: Sun 01 Feb 2026 20:00:37 +0000 Manifest this update: Sun 01 Feb 2026 20:00:37 +0000 Manifest next update: Mon 02 Feb 2026 20:00:37 +0000 Files and hashes: 1: xmCFijitXhG3sYk5KIO8g-trNh0.crl (hash: gx6NbtoRPDOZCf/pg7EqQJRFi/70cHCcwKJIvqOHivM=) 2: xpQHQe9JK1CUe7FrE6UQJmb2ot8.asa (hash: 4NpowpxrTh5AKJl4K8wnIP5UZeAISCMu/TY3f9v3FM8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.crl rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 20:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1a:cb:01:4a:ef:1c:34:18:50:6f:cf:33:6f:22:27:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c660858a38ad5e11b7b189392883bc83eb6b361d Validity Not Before: Feb 1 20:00:37 2026 GMT Not After : Feb 2 20:00:37 2026 GMT Subject: CN=2fba067b71a8605802373f3c736ca10f8f8e4d30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5c:37:4d:05:9d:9f:82:8f:cc:32:57:3c:52: 67:72:1e:b8:59:09:82:d6:28:45:e4:50:fd:20:19: 40:41:b3:da:ec:a7:ce:bf:6b:f3:0a:ee:d3:a5:d7: fc:79:37:41:21:fb:b9:f3:91:fe:b3:fe:d0:32:10: 99:1c:39:96:08:c8:f4:0f:1f:4e:c8:aa:c2:7b:33: 7d:ee:ed:1e:27:3e:df:79:cf:d2:e2:88:11:d5:26: e9:6f:4b:68:9f:25:6e:79:4f:40:72:72:27:35:fd: 17:16:4d:76:95:4f:b8:5b:40:19:59:b0:11:41:d5: a6:7c:5a:03:44:f0:8e:56:3f:2d:39:f2:63:89:60: ff:14:5b:e4:cd:aa:47:04:9a:0a:de:0f:54:63:40: a9:19:3c:73:75:f8:07:1e:fa:be:da:45:70:01:0c: 4a:09:59:5f:9b:81:02:4a:ad:be:f6:7a:24:5a:17: 3b:b4:79:eb:4e:97:1d:5e:4f:dd:58:35:45:80:53: 7a:b6:58:08:54:79:cc:98:a0:04:e1:b6:e4:87:56: b6:42:dc:54:91:45:17:b6:35:66:07:af:44:65:da: dd:c8:69:d5:25:2b:95:64:7e:a0:b9:a3:ea:6b:07: 72:87:06:78:74:e0:b5:b3:6e:d7:91:40:3b:33:c6: e2:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:BA:06:7B:71:A8:60:58:02:37:3F:3C:73:6C:A1:0F:8F:8E:4D:30 X509v3 Authority Key Identifier: keyid:C6:60:85:8A:38:AD:5E:11:B7:B1:89:39:28:83:BC:83:EB:6B:36:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmCFijitXhG3sYk5KIO8g-trNh0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/dbb5e4-c558-4efe-9c9a-fa5d7b48aae9/1/xmCFijitXhG3sYk5KIO8g-trNh0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:3c:ad:9b:dc:6b:92:ac:ec:4c:ac:3d:0f:b9:58:d9:e8:48: 0b:4f:d2:dd:dc:4b:79:22:46:c7:89:07:19:10:bc:55:c1:f9: e9:c8:62:11:51:84:0e:67:31:5a:13:13:f6:67:35:98:f1:b0: be:a8:eb:1b:5f:51:7f:7e:77:c9:1b:b6:fb:91:44:48:01:7b: 67:5f:c4:1a:2e:bf:f8:fc:1f:33:bf:87:57:4b:78:33:05:84: 3c:f4:fb:1c:b3:9a:4b:89:69:bc:b7:bd:0b:f0:92:83:71:d0: d0:f3:e8:14:40:77:28:c3:a6:7d:09:e6:87:59:9f:db:17:20: 2c:06:72:23:81:cd:f0:e4:c7:2f:ee:06:e5:c0:c6:10:19:60: 96:81:01:bf:0b:4a:3f:2b:31:82:78:76:99:0b:0b:c4:a0:3e: a8:25:82:f7:f4:46:6f:d3:29:17:04:4c:2c:02:bf:e4:0d:bc: 8f:07:34:14:ae:33:a5:e1:65:36:e6:8c:5c:98:bb:0e:5f:15: d5:bf:8d:83:e0:00:4d:cb:3c:64:99:ae:fa:05:c7:ea:80:e5: 85:c6:fe:bb:ac:b9:e7:46:a8:cd:6e:67:25:86:0d:82:24:a3: 53:e5:cb:25:d1:d4:a9:b2:fb:12:5a:00:27:a8:05:84:1d:af: c1:67:a4:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwaywFK7xw0GFBvzzNvIicyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjA4NThhMzhhZDVlMTFiN2IxODkzOTI4ODNiYzgzZWI2 YjM2MWQwHhcNMjYwMjAxMjAwMDM3WhcNMjYwMjAyMjAwMDM3WjAzMTEwLwYDVQQD EygyZmJhMDY3YjcxYTg2MDU4MDIzNzNmM2M3MzZjYTEwZjhmOGU0ZDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1w3TQWdn4KPzDJXPFJnch64WQmC 1ihF5FD9IBlAQbPa7KfOv2vzCu7Tpdf8eTdBIfu585H+s/7QMhCZHDmWCMj0Dx9O yKrCezN97u0eJz7fec/S4ogR1Sbpb0tonyVueU9AcnInNf0XFk12lU+4W0AZWbAR QdWmfFoDRPCOVj8tOfJjiWD/FFvkzapHBJoK3g9UY0CpGTxzdfgHHvq+2kVwAQxK CVlfm4ECSq2+9nokWhc7tHnrTpcdXk/dWDVFgFN6tlgIVHnMmKAE4bbkh1a2QtxU kUUXtjVmB69EZdrdyGnVJSuVZH6guaPqawdyhwZ4dOC1s27XkUA7M8bieQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC+6BntxqGBYAjc/PHNsoQ+Pjk0wMB8GA1UdIwQY MBaAFMZghYo4rV4Rt7GJOSiDvIPrazYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYmI1ZTQtYzU1OC00ZWZlLTljOWEt ZmE1ZDdiNDhhYWU5LzEveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9kYmI1ZTQtYzU1OC00ZWZlLTljOWEtZmE1ZDdiNDhhYWU5 LzEveG1DRmlqaXRYaEczc1lrNUtJTzhnLXRyTmgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzytm9xr kqzsTKw9D7lY2ehIC0/S3dxLeSJGx4kHGRC8VcH56chiEVGEDmcxWhMT9mc1mPGw vqjrG19Rf353yRu2+5FESAF7Z1/EGi6/+PwfM7+HV0t4MwWEPPT7HLOaS4lpvLe9 C/CSg3HQ0PPoFEB3KMOmfQnmh1mf2xcgLAZyI4HN8OTHL+4G5cDGEBlgloEBvwtK Pysxgnh2mQsLxKA+qCWC9/RGb9MpFwRMLAK/5A28jwc0FK4zpeFlNuaMXJi7Dl8V 1b+Ng+AATcs8ZJmu+gXH6oDlhcb+u6y550aozW5nJYYNgiSjU+XLJdHUqbL7EloA J6gFhB2vwWekMA== -----END CERTIFICATE-----Generated at Mon Feb 2 08:14:18 2026 by rpki-client