This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft File: 0PFLigjLX4BX1IsD5T9Fi44f7tY.mft (raw, json) Hash identifier: NceHwCd63ein2Cf+YFIae3DKQdwTQR11BRJgwZjMNn8= Subject key identifier: 3A:0C:B0:CD:CD:4B:D2:2D:BB:BB:D9:D2:69:59:9B:9B:75:88:28:B0 Authority key identifier: D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 Certificate issuer: /CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Certificate serial: 019C07E9A1585EB0DB30177A0D34518AD009 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft Manifest number: 0440 Signing time: Thu 29 Jan 2026 04:01:17 +0000 Manifest this update: Thu 29 Jan 2026 04:01:17 +0000 Manifest next update: Fri 30 Jan 2026 04:01:17 +0000 Files and hashes: 1: 0PFLigjLX4BX1IsD5T9Fi44f7tY.crl (hash: iT2Eh0R9hjw4OApa0Ut3DD89jle7wHUf8OLNDFW7EtA=) 2: Yp5EzvNAptv0FF3dq0dG-qbNXDE.roa (hash: rEVjSa04WTwHqfNGkpfReSocSUSeb47hyl6D9pld43I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 03:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:07:e9:a1:58:5e:b0:db:30:17:7a:0d:34:51:8a:d0:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0f14b8a08cb5f8057d48b03e53f458b8e1feed6 Validity Not Before: Jan 29 04:01:17 2026 GMT Not After : Jan 30 04:01:17 2026 GMT Subject: CN=3a0cb0cdcd4bd22dbbbbd9d269599b9b758828b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:62:ef:a8:86:d4:36:57:77:52:7e:5b:7f:0c: 6f:b5:7b:93:7f:57:e5:ae:31:65:49:e2:bf:bf:60: c9:1a:fa:08:8e:23:77:2c:11:74:c8:25:c9:e6:43: 20:cc:9d:35:00:c6:75:bc:05:aa:85:c3:48:da:8a: b5:70:61:0a:c7:7d:ff:28:ca:ee:d4:6a:a0:f5:e1: ab:01:a3:c0:72:3e:ce:45:08:2f:4c:4d:6b:ec:e4: b8:23:3b:54:fe:e0:77:c5:0a:e5:ad:0c:88:b0:76: 6d:07:df:80:c6:92:98:f2:a6:b3:a2:2a:9f:10:1a: 40:a9:fe:fe:82:65:55:e0:91:cf:2f:71:16:b7:d7: 3a:c5:8f:54:7b:4b:df:c0:74:45:a5:a5:d5:51:b4: 49:32:55:39:b7:1b:11:7d:4f:58:6f:30:34:0b:29: 7b:70:a7:b6:5f:a7:c0:5f:6d:f0:1d:e2:e2:b9:f1: c4:d4:f6:bc:ea:7e:38:0c:a5:40:b8:c6:9f:e9:79: dc:1e:23:f0:bb:71:6a:8b:38:46:5c:b3:36:47:87: 61:70:ee:3c:cd:b9:4f:40:ad:f3:82:a0:0a:51:8d: 40:b3:84:f9:34:db:58:a8:52:f8:18:3f:b7:99:83: dd:e2:4e:e4:a4:fc:04:09:08:d9:4c:58:42:3d:bd: df:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:0C:B0:CD:CD:4B:D2:2D:BB:BB:D9:D2:69:59:9B:9B:75:88:28:B0 X509v3 Authority Key Identifier: keyid:D0:F1:4B:8A:08:CB:5F:80:57:D4:8B:03:E5:3F:45:8B:8E:1F:EE:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PFLigjLX4BX1IsD5T9Fi44f7tY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21bdbb-856f-41dd-aad9-066ddf32bfcc/1/0PFLigjLX4BX1IsD5T9Fi44f7tY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:7c:f6:03:98:0d:f9:59:7d:52:e6:b1:bf:43:9e:1b:04:5b: 4b:14:5d:a5:31:7d:4b:0d:27:06:6e:ef:4e:d6:c3:c1:ec:7e: f0:19:95:cc:d7:90:25:9c:70:e5:9d:fc:b7:55:48:fa:ec:a5: 1e:24:01:90:3c:c3:e5:67:9a:ce:38:11:2a:b0:f7:37:85:0b: 3a:36:e0:4f:63:21:83:4e:26:3c:d3:aa:35:24:7f:b6:c3:ec: 81:7d:1e:cb:bc:2e:93:09:78:0c:c8:e2:36:7b:85:e4:e1:68: 5c:b6:a3:4a:c4:b9:a7:c9:2d:f0:de:36:36:3a:00:76:66:50: 45:fa:a9:36:f9:3c:16:12:de:1e:a7:d3:25:54:5b:13:07:bb: 41:a5:c9:28:f1:7a:c6:5e:22:70:95:68:5c:1c:a4:bd:e6:44: 38:6d:f1:3b:90:c8:f1:00:dd:0c:64:b5:97:76:11:99:60:4c: d0:55:00:b9:18:ae:77:e3:4f:3c:61:58:af:45:81:4b:08:30: 25:ed:26:64:f7:ff:08:76:76:e6:d3:6e:f2:ea:bc:78:75:25: 98:89:e8:76:14:76:5e:b0:18:9d:2d:70:bf:97:92:5a:67:d7: 2c:5f:f2:0a:97:ff:79:e4:ae:ae:7c:39:f7:e3:3f:58:3d:92: 94:f7:3b:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwH6aFYXrDbMBd6DTRRitAJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwZjE0YjhhMDhjYjVmODA1N2Q0OGIwM2U1M2Y0NThiOGUx ZmVlZDYwHhcNMjYwMTI5MDQwMTE3WhcNMjYwMTMwMDQwMTE3WjAzMTEwLwYDVQQD EygzYTBjYjBjZGNkNGJkMjJkYmJiYmQ5ZDI2OTU5OWI5Yjc1ODgyOGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGLvqIbUNld3Un5bfwxvtXuTf1fl rjFlSeK/v2DJGvoIjiN3LBF0yCXJ5kMgzJ01AMZ1vAWqhcNI2oq1cGEKx33/KMru 1Gqg9eGrAaPAcj7ORQgvTE1r7OS4IztU/uB3xQrlrQyIsHZtB9+AxpKY8qazoiqf EBpAqf7+gmVV4JHPL3EWt9c6xY9Ue0vfwHRFpaXVUbRJMlU5txsRfU9YbzA0Cyl7 cKe2X6fAX23wHeLiufHE1Pa86n44DKVAuMaf6XncHiPwu3FqizhGXLM2R4dhcO48 zblPQK3zgqAKUY1As4T5NNtYqFL4GD+3mYPd4k7kpPwECQjZTFhCPb3fXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDoMsM3NS9Itu7vZ0mlZm5t1iCiwMB8GA1UdIwQY MBaAFNDxS4oIy1+AV9SLA+U/RYuOH+7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDkt MDY2ZGRmMzJiZmNjLzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8yMWJkYmItODU2Zi00MWRkLWFhZDktMDY2ZGRmMzJiZmNj LzEvMFBGTGlnakxYNEJYMUlzRDVUOUZpNDRmN3RZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHz2A5gN +Vl9Uuaxv0OeGwRbSxRdpTF9Sw0nBm7vTtbDwex+8BmVzNeQJZxw5Z38t1VI+uyl HiQBkDzD5WeazjgRKrD3N4ULOjbgT2Mhg04mPNOqNSR/tsPsgX0ey7wukwl4DMji NnuF5OFoXLajSsS5p8kt8N42NjoAdmZQRfqpNvk8FhLeHqfTJVRbEwe7QaXJKPF6 xl4icJVoXBykveZEOG3xO5DI8QDdDGS1l3YRmWBM0FUAuRiud+NPPGFYr0WBSwgw Je0mZPf/CHZ25tNu8uq8eHUlmInodhR2XrAYnS1wv5eSWmfXLF/yCpf/eeSurnw5 9+M/WD2SlPc7Cw== -----END CERTIFICATE-----Generated at Thu Jan 29 07:26:40 2026 by rpki-client