This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.mft File: IwqhYKbohsED2tvkSyPCd3YFc5E.mft (raw, json) Hash identifier: JzzTmVmjXdhtb7hL2OMiqH4TgVUggiQKf705aelNFU4= Subject key identifier: 3F:FB:26:5B:29:1D:A7:F3:2E:6C:0E:89:FB:20:8E:78:4F:51:17:1D Authority key identifier: 23:0A:A1:60:A6:E8:86:C1:03:DA:DB:E4:4B:23:C2:77:76:05:73:91 Certificate issuer: /CN=230aa160a6e886c103dadbe44b23c27776057391 Certificate serial: 019BFA9BEC52EE61028D756650053C0BF66A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwqhYKbohsED2tvkSyPCd3YFc5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.mft Manifest number: 0F8A Signing time: Mon 26 Jan 2026 14:01:21 +0000 Manifest this update: Mon 26 Jan 2026 14:01:21 +0000 Manifest next update: Tue 27 Jan 2026 14:01:21 +0000 Files and hashes: 1: EG_Id09DvFvq6OjCzlCxHI8GXVg.roa (hash: SEYIizAUZ8Gr2yBztTyZlf2jtywb5D92XRV6mbkv9uw=) 2: IwqhYKbohsED2tvkSyPCd3YFc5E.crl (hash: vDgo3+vClZVCtueB7jQ2gQcRDek9kGJ/PTaCmsOoI80=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.crl rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.mft rsync://rpki.ripe.net/repository/DEFAULT/IwqhYKbohsED2tvkSyPCd3YFc5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:9b:ec:52:ee:61:02:8d:75:66:50:05:3c:0b:f6:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=230aa160a6e886c103dadbe44b23c27776057391 Validity Not Before: Jan 26 14:01:21 2026 GMT Not After : Jan 27 14:01:21 2026 GMT Subject: CN=3ffb265b291da7f32e6c0e89fb208e784f51171d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:10:98:d9:62:d0:b2:46:61:d0:6c:e3:2d:f7: 59:a4:67:9f:29:cd:ec:73:8e:39:10:2e:53:74:f1: 3f:18:e4:2c:d9:bc:62:2f:d8:fd:11:8c:48:44:cd: 17:ef:8d:41:8c:29:a7:0c:7e:bd:5a:80:28:30:bd: f8:8d:4a:68:04:89:df:7b:89:29:95:a6:8b:dd:0f: 5a:c6:b4:07:1a:d5:76:0a:b1:b0:cf:4e:05:ac:90: 67:8c:18:f2:7e:6f:17:44:c8:2e:e2:26:f3:f0:d1: b3:70:06:e1:50:2a:5b:f1:b3:b5:6b:2e:d3:fc:24: 70:ac:04:48:9a:6b:4d:bf:77:fa:e3:f9:e3:a6:33: 01:a6:88:a8:5f:92:e6:34:d7:0c:71:7b:a7:90:ba: 7d:23:16:b2:6a:b4:e2:ef:6b:0e:2f:52:99:61:ec: f0:5b:5a:75:94:71:99:43:6e:d1:46:4e:d1:99:1a: 77:ca:c1:30:9e:c2:75:ae:0d:a0:0f:a7:2c:1d:fb: 33:78:bd:e9:cd:b8:15:6e:5c:0f:a6:3d:df:71:16: 3e:fd:2e:ca:10:91:6d:85:65:fb:6a:76:55:c7:a5: 27:d4:84:28:12:1d:82:5b:fd:e6:61:eb:f0:9c:8d: 05:bf:53:f4:a5:bc:bf:29:64:45:b3:55:5d:4e:18: 3f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:FB:26:5B:29:1D:A7:F3:2E:6C:0E:89:FB:20:8E:78:4F:51:17:1D X509v3 Authority Key Identifier: keyid:23:0A:A1:60:A6:E8:86:C1:03:DA:DB:E4:4B:23:C2:77:76:05:73:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwqhYKbohsED2tvkSyPCd3YFc5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/6eb54e-e709-4b7a-ade9-a9aeb485d592/1/IwqhYKbohsED2tvkSyPCd3YFc5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:1a:b9:ff:b0:35:c6:b2:f2:13:47:d5:58:a7:38:46:59:49: a4:e9:d6:27:2d:16:b9:f1:4f:eb:cf:7a:3c:5b:39:e6:03:61: 90:b1:90:72:05:44:ed:df:6c:79:52:93:b5:ba:be:57:b1:da: d6:cc:a9:a4:d0:61:b1:41:47:40:b5:8d:3b:2e:22:91:b1:f3: fe:33:3d:f1:ff:4b:e1:7b:0b:21:c8:b2:9f:54:80:a5:77:1a: 82:22:65:1f:53:17:63:35:6c:a8:cc:d1:bc:70:fe:98:79:9f: 35:4c:f0:f5:1e:85:88:76:1b:98:1c:3b:ec:f2:5e:3b:69:d6: f5:9e:49:b5:b0:b1:d9:49:52:d3:ab:02:27:22:20:b7:15:31: 19:3f:30:4e:58:d7:74:23:7e:33:7e:2d:69:56:33:41:c6:94: 3e:d0:06:5d:71:34:17:4f:6d:1c:3e:dd:da:da:ab:1d:ca:97: 19:e4:ee:50:ae:c4:61:f8:0e:1d:c6:5f:f5:15:e5:01:00:71: 30:65:b4:60:ee:5c:26:7c:66:07:2c:74:35:8b:d5:ee:07:d6: 80:2a:14:11:12:c7:73:56:8e:c7:6a:fe:20:fe:29:7c:11:27: c4:c0:a7:0d:95:f2:2d:7a:77:29:1a:f1:24:80:c5:23:9c:3b: b8:c0:b9:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6m+xS7mECjXVmUAU8C/ZqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMGFhMTYwYTZlODg2YzEwM2RhZGJlNDRiMjNjMjc3NzYw NTczOTEwHhcNMjYwMTI2MTQwMTIxWhcNMjYwMTI3MTQwMTIxWjAzMTEwLwYDVQQD EygzZmZiMjY1YjI5MWRhN2YzMmU2YzBlODlmYjIwOGU3ODRmNTExNzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBCY2WLQskZh0GzjLfdZpGefKc3s c445EC5TdPE/GOQs2bxiL9j9EYxIRM0X741BjCmnDH69WoAoML34jUpoBInfe4kp laaL3Q9axrQHGtV2CrGwz04FrJBnjBjyfm8XRMgu4ibz8NGzcAbhUCpb8bO1ay7T /CRwrARImmtNv3f64/njpjMBpoioX5LmNNcMcXunkLp9IxayarTi72sOL1KZYezw W1p1lHGZQ27RRk7RmRp3ysEwnsJ1rg2gD6csHfszeL3pzbgVblwPpj3fcRY+/S7K EJFthWX7anZVx6Un1IQoEh2CW/3mYevwnI0Fv1P0pby/KWRFs1VdThg/9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD/7JlspHafzLmwOifsgjnhPURcdMB8GA1UdIwQY MBaAFCMKoWCm6IbBA9rb5Esjwnd2BXORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXdxaFlLYm9oc0VEMnR2a1N5UENkM1lGYzVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82ZWI1NGUtZTcwOS00YjdhLWFkZTkt YTlhZWI0ODVkNTkyLzEvSXdxaFlLYm9oc0VEMnR2a1N5UENkM1lGYzVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS82ZWI1NGUtZTcwOS00YjdhLWFkZTktYTlhZWI0ODVkNTky LzEvSXdxaFlLYm9oc0VEMnR2a1N5UENkM1lGYzVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRq5/7A1 xrLyE0fVWKc4RllJpOnWJy0WufFP6896PFs55gNhkLGQcgVE7d9seVKTtbq+V7Ha 1syppNBhsUFHQLWNOy4ikbHz/jM98f9L4XsLIciyn1SApXcagiJlH1MXYzVsqMzR vHD+mHmfNUzw9R6FiHYbmBw77PJeO2nW9Z5JtbCx2UlS06sCJyIgtxUxGT8wTljX dCN+M34taVYzQcaUPtAGXXE0F09tHD7d2tqrHcqXGeTuUK7EYfgOHcZf9RXlAQBx MGW0YO5cJnxmByx0NYvV7gfWgCoUERLHc1aOx2r+IP4pfBEnxMCnDZXyLXp3KRrx JIDFI5w7uMC5Dw== -----END CERTIFICATE-----Generated at Mon Jan 26 16:26:48 2026 by rpki-client