This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json) Hash identifier: aLWu+bqQzKdESv3TJhSzrEAguqNgRKxqVmEwNg+719k= Subject key identifier: EA:E3:B2:A2:06:5B:73:B0:90:3B:96:DB:5C:B8:D4:55:F4:42:21:FF Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Certificate serial: 019BDCC8890150034CB673BAC932A76BB82C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft Manifest number: 0568 Signing time: Tue 20 Jan 2026 19:01:28 +0000 Manifest this update: Tue 20 Jan 2026 19:01:28 +0000 Manifest next update: Wed 21 Jan 2026 19:01:28 +0000 Files and hashes: 1: Je_y8wxQvqCgs-B_X_JDDy6e4N4.roa (hash: EsZORo0khgTEum2xHY+MdLQ0jyUTYVdE3AQ38NpK21M=) 2: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: 3XuaMVDSxD8LLCNE/CZ9jQOJcD+I7oQvLCdwvK6OJwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 19:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:dc:c8:89:01:50:03:4c:b6:73:ba:c9:32:a7:6b:b8:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Validity Not Before: Jan 20 19:01:28 2026 GMT Not After : Jan 21 19:01:28 2026 GMT Subject: CN=eae3b2a2065b73b0903b96db5cb8d455f44221ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:83:f9:87:7e:36:b9:a3:e4:01:51:32:d6:7c: 77:70:6b:08:4c:c1:06:54:bd:ce:83:87:de:d9:43: f8:e3:1e:30:24:48:ac:a7:fa:55:8c:60:1b:d2:a2: 31:a8:e9:ec:6c:cf:c0:be:1f:bd:75:d2:64:c3:28: 4e:02:96:de:ce:b6:53:89:3a:56:80:3d:b2:36:31: a0:50:ed:97:d3:36:3d:50:5a:8f:7c:b6:a3:cc:77: 4e:5e:4f:4f:d9:03:ab:29:b1:04:b8:d8:1f:99:2a: 9e:c3:5e:24:8d:b8:42:75:8f:23:69:df:94:72:01: 51:6d:9d:17:1e:ee:f5:da:cd:92:69:c6:a5:7f:02: 8a:a4:50:5a:a2:51:5a:a9:d3:40:de:c1:4b:5a:96: 1a:9b:b2:19:bb:30:7a:ee:a7:6d:81:ee:c9:1f:1f: 15:ff:26:03:85:12:f0:2e:f0:08:35:a9:77:0e:57: fe:10:4b:44:99:72:d2:8c:ba:f1:46:dd:72:f2:20: a7:59:cc:23:36:52:01:74:0e:27:66:9c:89:22:1d: 78:7c:b0:1b:98:1a:87:d2:fb:3e:50:d2:cf:10:56: 26:b9:69:de:c4:58:08:35:44:d7:76:7f:8f:13:2f: b6:db:75:a9:a2:d1:af:96:6b:d0:bc:e2:70:ad:39: 07:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:E3:B2:A2:06:5B:73:B0:90:3B:96:DB:5C:B8:D4:55:F4:42:21:FF X509v3 Authority Key Identifier: keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:7f:3e:17:38:d0:e7:b0:a4:2d:62:74:bb:12:5d:77:51:d4: 48:89:16:bd:21:8c:01:b6:2f:6b:5b:7d:3c:40:c5:7d:67:a5: 05:f0:a2:64:db:09:2b:7d:e8:5a:44:e8:f6:0e:2e:39:97:82: 40:f2:3e:b7:95:1a:5f:44:b4:a9:f5:0c:b0:1e:0a:fa:72:b5: a1:eb:fd:e7:c8:85:15:39:37:4e:57:3d:ba:4f:8f:c9:7d:d3: ac:6d:94:7a:0b:ef:64:1e:e4:47:ba:17:fd:2d:f7:df:a2:7f: 59:57:af:0a:96:90:9f:b1:99:c6:09:17:67:6c:4b:24:8c:9e: cf:29:50:a6:ca:57:ef:79:d1:16:72:22:c2:6e:53:bc:92:23: 6f:c2:67:85:81:40:70:f8:af:74:cd:60:83:2c:b5:5d:24:8c: 7a:af:cd:63:9f:00:9a:04:9c:61:3e:a7:0f:6e:13:b7:13:2e: 32:46:d7:82:05:2d:86:23:0e:50:86:39:cf:04:08:44:e4:ff: 97:55:2d:60:28:60:c3:52:13:e2:c0:b8:10:bc:ab:20:a0:13: b0:24:e2:4e:3f:37:94:54:c7:bf:27:06:ae:1a:12:12:b9:5e: 75:35:bd:e2:0d:de:27:c6:40:dd:91:6f:a8:c4:5c:23:13:ca: 3c:ef:ae:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvcyIkBUANMtnO6yTKna7gsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk NDM0NTIwHhcNMjYwMTIwMTkwMTI4WhcNMjYwMTIxMTkwMTI4WjAzMTEwLwYDVQQD EyhlYWUzYjJhMjA2NWI3M2IwOTAzYjk2ZGI1Y2I4ZDQ1NWY0NDIyMWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooP5h342uaPkAVEy1nx3cGsITMEG VL3Og4fe2UP44x4wJEisp/pVjGAb0qIxqOnsbM/Avh+9ddJkwyhOApbezrZTiTpW gD2yNjGgUO2X0zY9UFqPfLajzHdOXk9P2QOrKbEEuNgfmSqew14kjbhCdY8jad+U cgFRbZ0XHu712s2SacalfwKKpFBaolFaqdNA3sFLWpYam7IZuzB67qdtge7JHx8V /yYDhRLwLvAINal3Dlf+EEtEmXLSjLrxRt1y8iCnWcwjNlIBdA4nZpyJIh14fLAb mBqH0vs+UNLPEFYmuWnexFgINUTXdn+PEy+223WpotGvlmvQvOJwrTkHLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOrjsqIGW3OwkDuW21y41FX0QiH/MB8GA1UdIwQY MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGX8+FzjQ 57CkLWJ0uxJdd1HUSIkWvSGMAbYva1t9PEDFfWelBfCiZNsJK33oWkTo9g4uOZeC QPI+t5UaX0S0qfUMsB4K+nK1oev958iFFTk3Tlc9uk+PyX3TrG2UegvvZB7kR7oX /S3336J/WVevCpaQn7GZxgkXZ2xLJIyezylQpspX73nRFnIiwm5TvJIjb8JnhYFA cPivdM1ggyy1XSSMeq/NY58AmgScYT6nD24TtxMuMkbXggUthiMOUIY5zwQIROT/ l1UtYChgw1IT4sC4ELyrIKATsCTiTj83lFTHvycGrhoSErledTW94g3eJ8ZA3ZFv qMRcIxPKPO+usQ== -----END CERTIFICATE-----Generated at Wed Jan 21 03:09:49 2026 by rpki-client