This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json) Hash identifier: OZhpJw/jtdp/YdCSuOxJ032jRglpkrl5M6548zKP0mU= Subject key identifier: 4C:B5:67:B0:4D:FC:6B:D1:FF:D2:0C:92:F9:48:13:77:99:07:CF:40 Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019BFEE5D633C1297922844DF3DCD44FA816 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft Manifest number: 10FB Signing time: Tue 27 Jan 2026 10:00:33 +0000 Manifest this update: Tue 27 Jan 2026 10:00:33 +0000 Manifest next update: Wed 28 Jan 2026 10:00:33 +0000 Files and hashes: 1: Hh7KFktywM-1-107eqrB5yEmn-8.roa (hash: QGn4U4QC+cKt83SkTXHhg4z++P/aykfUDnj2eiXvebY=) 2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: YlWJ/OICPqcuYovf6gD69Wvj0UfPinlYzGRo+DB4254=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fe:e5:d6:33:c1:29:79:22:84:4d:f3:dc:d4:4f:a8:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Jan 27 10:00:33 2026 GMT Not After : Jan 28 10:00:33 2026 GMT Subject: CN=4cb567b04dfc6bd1ffd20c92f94813779907cf40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ec:1b:83:da:f2:ae:f0:72:2b:d3:22:76:28: bd:e7:ac:55:23:e4:81:94:a7:45:79:55:a9:c3:e6: cc:d4:3a:50:e4:d6:5b:09:b5:a5:f3:54:9f:36:7d: 46:38:0e:9e:4b:71:9d:48:2b:4e:56:e6:47:e1:85: fe:52:de:ef:5e:93:24:ae:d1:6b:b9:61:44:07:4c: 87:6b:e5:cc:28:b4:63:8e:9d:64:93:29:7d:2a:48: 44:47:d8:a9:ca:62:13:8e:d0:d2:82:56:4a:7d:5c: d5:c9:46:ec:f0:ea:79:da:db:ce:46:e1:21:a1:6c: 06:a0:63:70:f6:73:b7:3c:ca:3a:26:4f:60:ba:b9: 8b:6d:c8:9f:4f:75:50:c3:55:2f:cb:84:40:5e:dd: 86:57:1f:27:12:44:21:54:97:20:a8:d7:a4:f6:84: 12:3f:42:bc:8a:d2:7f:0c:b4:23:df:f6:6c:33:42: be:18:a1:f5:46:f5:1d:7e:b3:e8:d2:58:bd:67:0c: 49:68:ce:ea:87:05:ae:65:ac:93:29:bb:c8:01:01: de:48:26:e7:b9:10:82:96:09:b4:16:9a:21:ea:71: ca:f1:1b:f1:e5:83:4a:b6:29:6a:91:ac:84:f6:75: fc:5b:cb:d7:f3:b4:34:48:87:7e:2b:41:ae:2c:fd: a8:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:B5:67:B0:4D:FC:6B:D1:FF:D2:0C:92:F9:48:13:77:99:07:CF:40 X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:0b:d6:a6:cb:70:5b:a6:c8:85:dc:71:ae:17:4a:97:f1:9b: a1:e3:a8:d8:25:f1:a9:c3:90:b7:62:0f:52:1b:52:34:13:82: 87:ea:20:17:17:dd:eb:e6:57:40:1c:72:fd:93:52:d3:d3:c6: 59:4d:47:8b:d2:f1:4c:0f:d0:8f:fe:6f:f1:00:d1:79:20:63: f1:0e:a4:f3:a0:96:3c:13:82:be:d1:14:50:0e:4a:5a:d0:8e: a2:3d:19:d5:9c:d5:4a:02:4f:2d:db:59:ce:8a:29:96:c3:64: a7:4c:0b:00:a8:a3:5b:f8:aa:15:4e:73:34:77:7d:f8:4f:fd: 65:88:d0:2c:6a:66:67:e5:20:f8:46:2f:d3:01:78:7c:8d:46: 10:30:7d:71:0e:28:e4:95:8e:1f:76:d8:91:59:18:75:fb:dc: e4:90:87:98:33:19:40:00:b2:d8:09:7b:21:8d:b3:6c:1a:44: 6c:01:57:0f:bd:4d:9c:0d:28:5b:c3:cb:f4:5d:c7:56:68:2a: 9d:f5:86:3f:34:03:39:4b:7c:23:5a:97:94:1f:f6:83:b1:7e: 76:7d:b3:9d:0d:d4:e6:27:06:91:97:7b:7e:19:cb:d9:63:cf: 6c:b7:b3:28:99:26:95:87:26:0f:31:ad:16:26:97:dc:8a:bb: 71:0f:01:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv+5dYzwSl5IoRN89zUT6gWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjYwMTI3MTAwMDMzWhcNMjYwMTI4MTAwMDMzWjAzMTEwLwYDVQQD Eyg0Y2I1NjdiMDRkZmM2YmQxZmZkMjBjOTJmOTQ4MTM3Nzk5MDdjZjQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuwbg9ryrvByK9Midii956xVI+SB lKdFeVWpw+bM1DpQ5NZbCbWl81SfNn1GOA6eS3GdSCtOVuZH4YX+Ut7vXpMkrtFr uWFEB0yHa+XMKLRjjp1kkyl9KkhER9ipymITjtDSglZKfVzVyUbs8Op52tvORuEh oWwGoGNw9nO3PMo6Jk9gurmLbcifT3VQw1Uvy4RAXt2GVx8nEkQhVJcgqNek9oQS P0K8itJ/DLQj3/ZsM0K+GKH1RvUdfrPo0li9ZwxJaM7qhwWuZayTKbvIAQHeSCbn uRCClgm0Fpoh6nHK8Rvx5YNKtilqkayE9nX8W8vX87Q0SId+K0GuLP2o/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEy1Z7BN/GvR/9IMkvlIE3eZB89AMB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQvWpstw W6bIhdxxrhdKl/GboeOo2CXxqcOQt2IPUhtSNBOCh+ogFxfd6+ZXQBxy/ZNS09PG WU1Hi9LxTA/Qj/5v8QDReSBj8Q6k86CWPBOCvtEUUA5KWtCOoj0Z1ZzVSgJPLdtZ zooplsNkp0wLAKijW/iqFU5zNHd9+E/9ZYjQLGpmZ+Ug+EYv0wF4fI1GEDB9cQ4o 5JWOH3bYkVkYdfvc5JCHmDMZQACy2Al7IY2zbBpEbAFXD71NnA0oW8PL9F3HVmgq nfWGPzQDOUt8I1qXlB/2g7F+dn2znQ3U5icGkZd7fhnL2WPPbLezKJkmlYcmDzGt FiaX3Iq7cQ8BPw== -----END CERTIFICATE-----Generated at Tue Jan 27 18:50:33 2026 by rpki-client