This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft File: X7qw05-2l5_k09JIOgG908k77O8.mft (raw, json) Hash identifier: sTuxOZI1v9j7iM3m5Q2Tza05S9UwLvWKOFc3qKqdVLc= Subject key identifier: 2C:83:A9:1A:BD:75:4A:85:3A:4E:C1:8D:CD:9A:10:A5:A6:C8:37:4E Authority key identifier: 5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF Certificate issuer: /CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef Certificate serial: 019BF988D347821B158B8899AF2EABBC458E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft Manifest number: 0CFA Signing time: Mon 26 Jan 2026 09:00:52 +0000 Manifest this update: Mon 26 Jan 2026 09:00:52 +0000 Manifest next update: Tue 27 Jan 2026 09:00:52 +0000 Files and hashes: 1: Fnr8UBCRPeUQhRVFOAHVctCKPfo.roa (hash: PgOyYUmMG9zgljOcOgtP5byxd2cN3HfKRRt85MDBTwk=) 2: X7qw05-2l5_k09JIOgG908k77O8.crl (hash: V8NOjsei728fKMwN4ZinH0ns+hz6PkGXiOdIT0D8kMg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:88:d3:47:82:1b:15:8b:88:99:af:2e:ab:bc:45:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef Validity Not Before: Jan 26 09:00:52 2026 GMT Not After : Jan 27 09:00:52 2026 GMT Subject: CN=2c83a91abd754a853a4ec18dcd9a10a5a6c8374e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:90:41:90:df:53:74:70:f8:ae:e1:19:07:21: 71:ae:ae:d3:a6:c0:8a:2b:26:a9:c6:7e:00:05:25: 20:9a:c5:e2:cb:5f:e8:f3:d5:74:f2:3e:d5:0a:fb: a5:94:a7:12:70:f6:2d:83:b8:6f:25:2a:87:66:85: 9c:70:7c:0b:2e:e0:88:7c:33:40:7d:fa:5b:41:14: 56:3c:c9:1b:9d:d7:82:fd:5b:04:2c:8f:1a:cd:5c: a0:80:f5:78:0f:11:c0:66:62:bf:b6:69:6b:65:92: 72:fe:63:5b:bd:f3:56:20:7d:09:c3:f0:98:58:49: e8:5a:e0:ea:98:4a:7d:38:1d:48:ed:ed:4b:48:09: 03:e6:89:ef:48:68:79:32:fc:6b:4d:35:c7:ad:e7: 96:66:06:3d:f8:19:fb:0e:dd:31:ae:03:45:ff:45: 8a:c0:07:d8:6d:03:8d:1e:9e:52:c2:5d:94:9c:39: 5c:57:20:3d:4b:9d:c3:97:8b:8a:b4:c3:8d:4f:b1: 64:f5:c1:44:5b:72:0a:27:7b:8e:93:52:2e:35:d4: ab:0b:4c:cf:0b:93:b2:53:43:33:7a:5c:9d:f9:bd: e1:96:94:57:0e:67:94:e8:fe:72:00:d1:44:d2:20: c3:8c:6a:e4:fe:5a:5b:3f:4c:ae:25:05:3c:72:c6: 51:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:83:A9:1A:BD:75:4A:85:3A:4E:C1:8D:CD:9A:10:A5:A6:C8:37:4E X509v3 Authority Key Identifier: keyid:5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:91:eb:50:b4:ed:b0:e0:6f:21:be:a6:44:46:79:88:31:61: e7:c4:d4:b9:e1:74:10:ef:aa:e1:58:7e:8a:87:e8:a8:89:da: d4:de:6b:8e:3b:49:66:48:10:d9:a5:f7:02:b0:a5:08:68:d6: 86:03:10:0c:b3:34:9f:6c:24:55:71:3b:41:84:14:22:52:38: 70:90:44:ae:6a:b0:ae:7e:38:a4:ae:70:c8:cb:b3:c9:a0:8e: ee:cd:99:99:d1:b5:6b:ba:9d:82:2c:10:05:41:97:ae:e2:83: c3:bc:8e:16:0a:1e:2f:16:14:e9:3b:21:07:c2:3d:e1:23:2d: 64:8a:16:db:4f:f1:5f:98:47:21:c2:75:61:32:db:ae:a9:2b: cd:19:a7:18:aa:e5:13:8e:6e:75:b2:36:aa:62:d3:66:f4:47: 3e:90:73:a0:68:f0:2a:7a:94:60:ee:25:37:a3:ba:c5:85:61: 0a:0d:6e:75:4f:fe:c4:5e:07:6b:4d:cf:fc:29:64:88:10:95: e2:57:cf:4f:58:d6:96:71:02:9a:7b:ea:32:13:3a:84:be:30: e1:c3:92:ed:4e:a5:aa:1c:c1:de:90:b5:0a:54:27:b2:16:55: 88:e6:f5:45:41:1c:85:a0:04:45:04:6d:41:1b:29:78:54:f2: 31:36:eb:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5iNNHghsVi4iZry6rvEWOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYmFiMGQzOWZiNjk3OWZlNGQzZDI0ODNhMDFiZGQzYzkz YmVjZWYwHhcNMjYwMTI2MDkwMDUyWhcNMjYwMTI3MDkwMDUyWjAzMTEwLwYDVQQD EygyYzgzYTkxYWJkNzU0YTg1M2E0ZWMxOGRjZDlhMTBhNWE2YzgzNzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5BBkN9TdHD4ruEZByFxrq7TpsCK Kyapxn4ABSUgmsXiy1/o89V08j7VCvullKcScPYtg7hvJSqHZoWccHwLLuCIfDNA ffpbQRRWPMkbndeC/VsELI8azVyggPV4DxHAZmK/tmlrZZJy/mNbvfNWIH0Jw/CY WEnoWuDqmEp9OB1I7e1LSAkD5onvSGh5MvxrTTXHreeWZgY9+Bn7Dt0xrgNF/0WK wAfYbQONHp5Swl2UnDlcVyA9S53Dl4uKtMONT7Fk9cFEW3IKJ3uOk1IuNdSrC0zP C5OyU0Mzelyd+b3hlpRXDmeU6P5yANFE0iDDjGrk/lpbP0yuJQU8csZRDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCyDqRq9dUqFOk7Bjc2aEKWmyDdOMB8GA1UdIwQY MBaAFF+6sNOftpef5NPSSDoBvdPJO+zvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAt MzBkZjYyNDI5ZGYwLzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAtMzBkZjYyNDI5ZGYw LzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoZHrULTt sOBvIb6mREZ5iDFh58TUueF0EO+q4Vh+iofoqIna1N5rjjtJZkgQ2aX3ArClCGjW hgMQDLM0n2wkVXE7QYQUIlI4cJBErmqwrn44pK5wyMuzyaCO7s2ZmdG1a7qdgiwQ BUGXruKDw7yOFgoeLxYU6TshB8I94SMtZIoW20/xX5hHIcJ1YTLbrqkrzRmnGKrl E45udbI2qmLTZvRHPpBzoGjwKnqUYO4lN6O6xYVhCg1udU/+xF4Ha03P/ClkiBCV 4lfPT1jWlnECmnvqMhM6hL4w4cOS7U6lqhzB3pC1ClQnshZViOb1RUEchaAERQRt QRspeFTyMTbr0w== -----END CERTIFICATE-----Generated at Mon Jan 26 12:59:26 2026 by rpki-client