This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft File: idaknSMAf7sSRxkvu3vZgus3M18.mft (raw, json) Hash identifier: ziGesyMDYIVK9ZzdJFF8bJFybNaHO3X71c4IYjH6rSI= Subject key identifier: 0F:DC:EF:CF:CF:BA:ED:0F:D3:35:2B:89:6A:31:3A:59:E4:F6:4B:9D Authority key identifier: 89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F Certificate issuer: /CN=89d6a49d23007fbb1247192fbb7bd982eb37335f Certificate serial: 019BFC89F485D3DB90D3424380AD5D48590E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft Manifest number: 02F1 Signing time: Mon 26 Jan 2026 23:00:57 +0000 Manifest this update: Mon 26 Jan 2026 23:00:57 +0000 Manifest next update: Tue 27 Jan 2026 23:00:57 +0000 Files and hashes: 1: Af_5rqEWBhs_t_5t3ubsN4ME7qQ.roa (hash: US3yyitysBySkBj1duM7uaT/kHoh5Ro/nrveWTewP9E=) 2: idaknSMAf7sSRxkvu3vZgus3M18.crl (hash: oJZuzzzAr7HKLhRzrFEflsyw8n50qA5APMI6SQb30yc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:89:f4:85:d3:db:90:d3:42:43:80:ad:5d:48:59:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89d6a49d23007fbb1247192fbb7bd982eb37335f Validity Not Before: Jan 26 23:00:57 2026 GMT Not After : Jan 27 23:00:57 2026 GMT Subject: CN=0fdcefcfcfbaed0fd3352b896a313a59e4f64b9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:a7:9c:9b:86:0f:9c:b9:4b:7c:51:4d:19:6a: 5d:f3:00:7c:87:b2:cb:83:4b:ef:3a:30:8f:22:04: 7f:bd:a9:8d:b8:14:6d:32:3d:8f:a4:27:e1:33:51: bc:be:f4:ac:4d:4c:0b:36:67:6b:dc:33:ba:3a:41: 8c:2a:ae:d7:8e:31:8b:f6:2f:c9:f9:7d:db:da:6a: 33:b2:08:43:a7:9e:c9:61:ba:54:54:6b:6a:d3:df: 2a:60:c6:c2:7c:16:9e:38:90:6b:e2:52:03:0a:bd: d1:d0:71:00:50:4e:59:c3:d0:e7:cf:49:b9:17:17: 95:bb:e3:72:7f:5c:3a:dc:c2:33:e1:d3:81:26:d1: c8:20:a6:64:c5:3f:19:af:f1:48:46:c1:ad:97:f4: d4:ec:13:fb:49:32:49:bd:82:f4:5b:aa:4b:28:9d: be:de:2b:80:f2:6c:2a:e3:71:45:d2:b6:e7:41:4a: a9:6d:3e:41:ad:f2:d0:85:2f:9d:63:10:3e:a4:ae: de:d4:31:3c:79:62:5d:bc:06:1d:dd:e1:23:f5:3c: 0d:e6:5a:bc:2d:19:00:86:fc:09:7f:4e:fe:21:90: b2:87:6f:10:a9:9d:74:b6:aa:5c:b7:37:2e:8b:52: 3f:dd:ab:64:ca:cd:87:05:f2:79:6b:c2:01:14:80: bf:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:DC:EF:CF:CF:BA:ED:0F:D3:35:2B:89:6A:31:3A:59:E4:F6:4B:9D X509v3 Authority Key Identifier: keyid:89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:29:f6:cc:2c:47:fe:df:0c:03:b8:af:93:ab:6f:db:12:08: f2:66:07:5d:2e:d4:05:12:ac:d6:7b:24:3f:99:16:e6:45:2f: 6f:12:88:e4:78:45:af:fe:62:eb:dc:aa:1d:57:d0:48:0f:29: 3f:72:cd:b1:e4:ed:8c:c8:ec:31:d5:71:b2:bc:ec:eb:c7:69: 4d:60:4a:fe:25:65:95:24:7a:73:7d:76:2a:ed:e7:55:d4:4d: b3:6c:9b:a0:64:6f:27:38:e0:a0:39:db:41:6a:9c:d9:e2:62: 2f:20:32:4c:7c:e4:45:86:83:cd:1e:9d:81:8d:5c:23:fe:5e: c5:49:89:82:52:fe:33:de:d2:c3:07:b5:3e:1f:bc:fe:88:e6: b0:e8:f4:ee:3c:63:55:13:94:d8:e3:08:1e:c3:d1:6a:90:52: 14:70:af:56:6f:1f:ce:e8:a1:42:2f:8a:3d:ab:7c:ac:11:75: a9:0e:55:b4:b4:8c:b1:19:1a:28:da:0c:91:4b:ca:36:b3:0f: 17:33:c1:40:37:01:e8:f4:bb:fa:8c:a8:92:a1:c4:fd:79:cd: 4d:61:57:34:92:37:cd:95:ef:57:ed:a5:06:91:d9:97:90:8b: e7:89:ae:c3:93:b7:71:75:be:79:15:fe:1d:7a:f2:7e:ef:48: 59:45:95:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8ifSF09uQ00JDgK1dSFkOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ZDZhNDlkMjMwMDdmYmIxMjQ3MTkyZmJiN2JkOTgyZWIz NzMzNWYwHhcNMjYwMTI2MjMwMDU3WhcNMjYwMTI3MjMwMDU3WjAzMTEwLwYDVQQD EygwZmRjZWZjZmNmYmFlZDBmZDMzNTJiODk2YTMxM2E1OWU0ZjY0YjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKecm4YPnLlLfFFNGWpd8wB8h7LL g0vvOjCPIgR/vamNuBRtMj2PpCfhM1G8vvSsTUwLNmdr3DO6OkGMKq7XjjGL9i/J +X3b2mozsghDp57JYbpUVGtq098qYMbCfBaeOJBr4lIDCr3R0HEAUE5Zw9Dnz0m5 FxeVu+Nyf1w63MIz4dOBJtHIIKZkxT8Zr/FIRsGtl/TU7BP7STJJvYL0W6pLKJ2+ 3iuA8mwq43FF0rbnQUqpbT5BrfLQhS+dYxA+pK7e1DE8eWJdvAYd3eEj9TwN5lq8 LRkAhvwJf07+IZCyh28QqZ10tqpctzcui1I/3atkys2HBfJ5a8IBFIC/9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA/c78/Puu0P0zUriWoxOlnk9kudMB8GA1UdIwQY MBaAFInWpJ0jAH+7EkcZL7t72YLrNzNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQt NmZkNzUxZGU3MTdhLzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQtNmZkNzUxZGU3MTdh LzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoin2zCxH /t8MA7ivk6tv2xII8mYHXS7UBRKs1nskP5kW5kUvbxKI5HhFr/5i69yqHVfQSA8p P3LNseTtjMjsMdVxsrzs68dpTWBK/iVllSR6c312Ku3nVdRNs2yboGRvJzjgoDnb QWqc2eJiLyAyTHzkRYaDzR6dgY1cI/5exUmJglL+M97Swwe1Ph+8/ojmsOj07jxj VROU2OMIHsPRapBSFHCvVm8fzuihQi+KPat8rBF1qQ5VtLSMsRkaKNoMkUvKNrMP FzPBQDcB6PS7+oyokqHE/XnNTWFXNJI3zZXvV+2lBpHZl5CL54muw5O3cXW+eRX+ HXryfu9IWUWVVA== -----END CERTIFICATE-----Generated at Tue Jan 27 01:19:29 2026 by rpki-client