This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json) Hash identifier: R3aOGYjf1OZgTcOMGraGQZe9oFG5Qxa2jXZ8yrR6gNE= Subject key identifier: BA:0B:7A:23:CE:E9:5F:4C:1E:2A:D5:EF:88:B6:1E:FA:14:4D:88:E1 Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa Certificate serial: 019BFC8A64C79D6627C84196D0DA0904A85A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft Manifest number: 17ED Signing time: Mon 26 Jan 2026 23:01:26 +0000 Manifest this update: Mon 26 Jan 2026 23:01:26 +0000 Manifest next update: Tue 27 Jan 2026 23:01:26 +0000 Files and hashes: 1: _NSxXKWLAT32ACYjnb_Q_v0bth4.roa (hash: jFEG3V9iSls0XRVWy4kyBvsz0M23pnXIeMtJ7lA5i08=) 2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: mj9XhFsuAcTF/NSwiKSW796TQFp8bfFgl3Ivu8bYQAM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 23:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:8a:64:c7:9d:66:27:c8:41:96:d0:da:09:04:a8:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa Validity Not Before: Jan 26 23:01:26 2026 GMT Not After : Jan 27 23:01:26 2026 GMT Subject: CN=ba0b7a23cee95f4c1e2ad5ef88b61efa144d88e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:bd:0f:6d:90:0d:e2:a3:1a:67:bf:13:ba:06: 47:51:3b:0e:05:e1:6c:f3:86:da:30:24:40:df:16: 6e:c4:cb:77:e4:34:43:25:5d:dd:d6:41:28:8d:0a: d4:f4:96:6e:44:04:61:d4:c8:3e:ea:78:34:78:d6: 31:ac:4c:e8:41:25:62:2e:f0:c4:01:f8:32:38:00: f1:bd:86:65:57:d3:8f:ed:c2:68:15:04:29:13:a7: 46:91:34:f1:1c:57:2d:40:07:1b:9c:4d:b2:2c:ec: a1:9f:4b:51:fa:98:2b:b2:fe:38:31:ab:58:f0:f3: fb:92:bc:3d:5b:55:a4:40:aa:ad:90:40:73:55:f5: 84:eb:46:9e:06:5b:18:66:cf:59:4e:55:21:fb:fd: 9e:1c:2f:3c:af:27:d3:0b:99:d7:9f:f1:00:59:33: c6:18:bc:1c:97:05:13:a8:93:36:cf:a6:8b:37:69: 61:8e:8c:d6:5b:1b:0d:95:c6:5f:ad:07:62:cc:b4: 41:d7:8c:30:be:ec:4b:24:8f:b2:c5:54:c1:c1:fb: cc:30:69:ce:c0:1f:99:17:cc:53:e7:1f:88:d1:91: 9a:79:ef:2d:0e:7a:62:62:45:58:e1:3f:75:25:8f: 64:7a:f2:48:56:90:ca:c8:72:8f:b4:14:25:7c:31: 70:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:0B:7A:23:CE:E9:5F:4C:1E:2A:D5:EF:88:B6:1E:FA:14:4D:88:E1 X509v3 Authority Key Identifier: keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:40:e8:f3:1d:d5:87:36:81:9c:af:25:47:51:21:9d:66:f8: ff:32:0f:39:ce:07:82:ac:dd:ff:5d:c2:c3:cb:9b:c3:d6:7b: 42:6a:ae:e4:89:4b:a0:d9:1c:66:19:78:8b:3c:3f:cd:07:d4: 8c:84:5e:ba:d6:95:2b:98:33:56:57:68:db:1a:db:31:37:08: 31:0d:04:6b:0c:66:19:2f:90:15:18:bb:a2:6c:a6:f8:d2:e0: 88:6e:9c:07:21:3b:ce:fb:4c:e4:5f:79:fe:9b:1f:ef:14:f6: f1:23:f5:7f:3b:69:14:af:85:03:4d:74:d2:bf:bf:e0:ba:8b: 61:97:f1:0e:13:8b:f4:a7:07:5f:54:12:eb:b3:c8:b5:58:b8: ea:fd:8a:c8:6e:a0:b7:dc:86:44:fa:0a:87:14:49:f7:2f:ac: 23:45:ab:4d:d2:72:18:f2:b5:05:90:27:8e:9c:20:ee:c1:0f: 21:c6:e8:00:9a:81:aa:db:9a:78:db:ba:f5:eb:9b:30:2e:13: 7e:bd:36:3f:4f:02:e1:1e:64:f5:14:79:f4:af:42:51:dc:0a: f9:b1:d5:db:42:64:6e:e4:c6:ec:0b:97:f4:2a:1f:5f:39:4f: e6:38:07:5c:83:57:e7:ce:de:9c:0a:e3:53:da:80:55:2f:98: ef:e7:0f:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8imTHnWYnyEGW0NoJBKhaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz ODg1YWEwHhcNMjYwMTI2MjMwMTI2WhcNMjYwMTI3MjMwMTI2WjAzMTEwLwYDVQQD EyhiYTBiN2EyM2NlZTk1ZjRjMWUyYWQ1ZWY4OGI2MWVmYTE0NGQ4OGUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt70PbZAN4qMaZ78TugZHUTsOBeFs 84baMCRA3xZuxMt35DRDJV3d1kEojQrU9JZuRARh1Mg+6ng0eNYxrEzoQSViLvDE AfgyOADxvYZlV9OP7cJoFQQpE6dGkTTxHFctQAcbnE2yLOyhn0tR+pgrsv44MatY 8PP7krw9W1WkQKqtkEBzVfWE60aeBlsYZs9ZTlUh+/2eHC88ryfTC5nXn/EAWTPG GLwclwUTqJM2z6aLN2lhjozWWxsNlcZfrQdizLRB14wwvuxLJI+yxVTBwfvMMGnO wB+ZF8xT5x+I0ZGaee8tDnpiYkVY4T91JY9kevJIVpDKyHKPtBQlfDFwVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLoLeiPO6V9MHirV74i2HvoUTYjhMB8GA1UdIwQY MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3 LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATEDo8x3V hzaBnK8lR1EhnWb4/zIPOc4Hgqzd/13Cw8ubw9Z7Qmqu5IlLoNkcZhl4izw/zQfU jIReutaVK5gzVldo2xrbMTcIMQ0EawxmGS+QFRi7omym+NLgiG6cByE7zvtM5F95 /psf7xT28SP1fztpFK+FA0100r+/4LqLYZfxDhOL9KcHX1QS67PItVi46v2KyG6g t9yGRPoKhxRJ9y+sI0WrTdJyGPK1BZAnjpwg7sEPIcboAJqBqtuaeNu69eubMC4T fr02P08C4R5k9RR59K9CUdwK+bHV20JkbuTG7AuX9CofXzlP5jgHXINX587enArj U9qAVS+Y7+cP0w== -----END CERTIFICATE-----Generated at Tue Jan 27 08:29:53 2026 by rpki-client