This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft File: HlcDhG16g2S-wwMDTbkay_9C2gw.mft (raw, json) Hash identifier: 3zXqvmN92sFm9DDCtMJswPh4lMqpPcJdFtd0eBH02DY= Subject key identifier: 4F:E8:F3:36:B3:CB:61:93:4C:68:A7:65:58:13:C1:AB:63:AB:60:00 Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c Certificate serial: 019BD8B46A8D7C628A0F3E30D80551BD3B19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft Manifest number: 0B9A Signing time: Tue 20 Jan 2026 00:01:00 +0000 Manifest this update: Tue 20 Jan 2026 00:01:00 +0000 Manifest next update: Wed 21 Jan 2026 00:01:00 +0000 Files and hashes: 1: HlcDhG16g2S-wwMDTbkay_9C2gw.crl (hash: nrCYqXyYX4RMd6PryvBYfXx8LgGEPy/51q6mUMkT7FU=) 2: brOPRHZE8w8OlykjjLgAfmNZ_2E.roa (hash: KdHvIOBRCGI/cneTU0VrbKbHmdpXYBJ4OfKXRKTAahs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d8:b4:6a:8d:7c:62:8a:0f:3e:30:d8:05:51:bd:3b:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c Validity Not Before: Jan 20 00:01:00 2026 GMT Not After : Jan 21 00:01:00 2026 GMT Subject: CN=4fe8f336b3cb61934c68a7655813c1ab63ab6000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:87:99:62:e6:99:1c:7e:9e:f0:4c:84:0f:6c: 93:fd:46:72:fb:30:f2:c4:bf:ee:46:ac:63:80:1d: ad:a7:cf:78:91:f3:01:db:5d:7e:81:e7:c3:81:a2: b5:0b:af:fd:bb:48:05:e9:fa:9b:3c:57:17:2f:cc: 8d:ea:bd:55:02:f6:13:e8:43:eb:d0:bf:11:da:ed: c0:77:5f:13:9e:81:4c:c4:cd:ee:85:14:56:36:c6: 98:6b:f5:26:53:bb:65:9c:60:62:13:33:a8:a7:61: 2d:b8:45:82:ce:87:ee:d0:e1:15:f3:f0:32:99:3b: 1a:aa:a3:a1:bb:fb:74:7f:7a:20:a4:9d:25:5d:f3: 7c:e6:69:73:64:c0:0b:35:df:fe:5a:66:f5:aa:f1: f9:b4:57:52:6b:61:0b:32:3c:d3:56:5d:fa:1c:03: 55:21:b1:77:dd:84:85:76:dc:19:89:dd:dd:1e:02: 28:0c:54:20:f2:88:12:67:72:32:77:d0:33:b7:11: ce:8f:95:82:6a:20:c0:44:a4:14:00:db:01:37:f4: 4e:f6:cd:ce:df:2e:ff:31:25:da:e4:f2:50:31:83: e4:d4:78:64:dc:e0:66:95:49:65:47:a4:d8:3b:0f: 0e:97:d8:37:91:e5:70:74:ca:00:40:39:4a:b9:c1: 54:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:E8:F3:36:B3:CB:61:93:4C:68:A7:65:58:13:C1:AB:63:AB:60:00 X509v3 Authority Key Identifier: keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:f3:bf:f7:1d:5e:d6:41:43:52:b0:7d:c4:d7:02:2c:a6:09: 80:56:9b:bd:56:ee:8b:79:81:00:bb:f9:2e:39:f0:62:f0:aa: 98:d1:10:36:fa:6d:74:fa:82:3e:b5:96:b8:32:26:a3:42:0b: c0:ca:2a:d1:94:e6:26:ee:39:dd:ee:ec:da:d4:6b:5f:ac:84: 01:29:52:7a:2c:f4:1b:d0:73:f8:35:e1:d1:94:8c:80:3b:17: 85:f4:70:9d:aa:57:d5:b7:94:3b:4b:84:1e:e9:2a:a5:f4:c3: 98:51:43:0e:e6:46:63:ff:d9:f0:ad:66:cb:37:89:d9:84:20: 4b:b5:cd:5b:0c:c8:22:fa:ee:47:6e:5a:1c:12:0d:10:6e:a5: ab:45:75:c1:35:8c:9d:27:ef:d3:53:ce:9e:33:f4:17:4c:a5: 82:79:47:e7:e4:5b:eb:d7:95:62:a8:51:37:c3:fb:3f:9c:b0: 90:c0:a7:71:c9:49:a2:d4:b8:d5:b9:af:7f:d8:ec:d2:be:5f: ab:8d:dc:03:d9:c1:d6:8d:8f:c8:cd:6c:73:8b:0f:79:1b:44: 69:7c:48:01:26:d2:fd:f0:cd:58:63:5d:8c:d1:9a:b3:89:21: 2b:e5:0a:68:34:8b:72:64:0e:e6:90:4d:91:0e:90:03:0d:19: 49:37:7c:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvYtGqNfGKKDz4w2AVRvTsZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0 MmRhMGMwHhcNMjYwMTIwMDAwMTAwWhcNMjYwMTIxMDAwMTAwWjAzMTEwLwYDVQQD Eyg0ZmU4ZjMzNmIzY2I2MTkzNGM2OGE3NjU1ODEzYzFhYjYzYWI2MDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YeZYuaZHH6e8EyED2yT/UZy+zDy xL/uRqxjgB2tp894kfMB211+gefDgaK1C6/9u0gF6fqbPFcXL8yN6r1VAvYT6EPr 0L8R2u3Ad18TnoFMxM3uhRRWNsaYa/UmU7tlnGBiEzOop2EtuEWCzofu0OEV8/Ay mTsaqqOhu/t0f3ogpJ0lXfN85mlzZMALNd/+Wmb1qvH5tFdSa2ELMjzTVl36HANV IbF33YSFdtwZid3dHgIoDFQg8ogSZ3Iyd9AztxHOj5WCaiDARKQUANsBN/RO9s3O 3y7/MSXa5PJQMYPk1Hhk3OBmlUllR6TYOw8Ol9g3keVwdMoAQDlKucFU/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE/o8zazy2GTTGinZVgTwatjq2AAMB8GA1UdIwQY MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt MDdiMDllNDY1MTE5LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5 LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/O/9x1e 1kFDUrB9xNcCLKYJgFabvVbui3mBALv5LjnwYvCqmNEQNvptdPqCPrWWuDImo0IL wMoq0ZTmJu453e7s2tRrX6yEASlSeiz0G9Bz+DXh0ZSMgDsXhfRwnapX1beUO0uE HukqpfTDmFFDDuZGY//Z8K1myzeJ2YQgS7XNWwzIIvruR25aHBINEG6lq0V1wTWM nSfv01POnjP0F0ylgnlH5+Rb69eVYqhRN8P7P5ywkMCncclJotS41bmvf9js0r5f q43cA9nB1o2PyM1sc4sPeRtEaXxIASbS/fDNWGNdjNGas4khK+UKaDSLcmQO5pBN kQ6QAw0ZSTd8yw== -----END CERTIFICATE-----Generated at Tue Jan 20 09:27:42 2026 by rpki-client