This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft File: _2szYaGioA284xkBmCf-u3Fb0EQ.mft (raw, json) Hash identifier: FQbJlnWYB900OfwmFrIvlA3mVN++V/cXKgw+qoG5Qg8= Subject key identifier: E4:D6:B3:D6:D5:F4:BB:21:19:B4:B5:94:71:A3:9A:48:7C:4F:30:12 Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044 Certificate serial: 019C01B0BB0528A9C38FF4C3540E6E0221DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft Manifest number: 1751 Signing time: Tue 27 Jan 2026 23:01:25 +0000 Manifest this update: Tue 27 Jan 2026 23:01:25 +0000 Manifest next update: Wed 28 Jan 2026 23:01:25 +0000 Files and hashes: 1: PZ_gBS2JDBR5UR9Zyi6R_A5y1vM.roa (hash: oUnwI/hWFydpEOEqwC9HOMZdSyF2a1xfxAbzlwQhdS8=) 2: _2szYaGioA284xkBmCf-u3Fb0EQ.crl (hash: sk/r6JqRhOOL3ekSP7ZcTu/gQkpDN6Odguld4iY83vs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 23:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:01:b0:bb:05:28:a9:c3:8f:f4:c3:54:0e:6e:02:21:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044 Validity Not Before: Jan 27 23:01:25 2026 GMT Not After : Jan 28 23:01:25 2026 GMT Subject: CN=e4d6b3d6d5f4bb2119b4b59471a39a487c4f3012 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f1:59:4f:3a:22:04:63:b3:5c:e1:3b:d1:d0: 5f:2c:1c:46:32:64:8b:32:a9:51:4e:36:af:3a:bf: 12:16:82:ba:54:3f:ee:03:0d:96:f6:91:7a:1e:c2: 38:4f:7e:7b:b5:56:2a:b5:0e:8a:93:3c:ea:0b:fc: 17:93:1b:2e:ec:4b:d2:e7:0a:6c:b1:18:7b:58:b8: 33:ce:48:d1:f9:0a:ff:80:d2:9c:37:8b:18:28:82: 0b:c7:cf:39:74:dc:d4:85:97:b0:dc:e8:5f:7f:9d: d0:d3:ef:cc:b3:d3:be:5d:3a:95:3f:39:de:d6:d3: 72:1d:fa:f2:8d:8c:2b:69:ea:c5:5b:bf:3f:27:a6: 8f:f3:be:78:e6:6a:72:ac:72:6e:7b:82:4b:6f:64: 29:e4:10:0b:f3:c9:b9:23:be:13:22:78:2e:c7:75: 49:74:60:fd:35:bc:4a:65:48:f5:59:b8:eb:67:49: fb:44:74:1f:62:08:44:6b:41:48:66:e1:a9:99:8a: a5:9e:1b:f1:e8:d1:9d:1f:1a:5d:ed:82:c4:a2:f8: fe:60:cb:fb:2b:26:2c:22:82:11:d7:c6:08:32:fe: 22:f6:7c:0a:2c:02:7b:37:2a:41:04:13:04:27:0b: 1e:8a:e7:15:8e:23:b0:17:08:9c:f1:ce:79:1b:c3: 81:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:D6:B3:D6:D5:F4:BB:21:19:B4:B5:94:71:A3:9A:48:7C:4F:30:12 X509v3 Authority Key Identifier: keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:f7:b2:33:4a:d6:22:22:c5:fb:ba:4c:48:28:fd:c4:db:f0: 6c:a6:d9:8e:c6:d7:3c:96:cd:76:a5:5e:6a:96:3f:47:ca:cd: f8:17:8c:fe:ec:eb:2b:7f:59:fe:14:50:ea:62:c1:6b:43:4f: 4c:44:52:86:6c:91:ad:e9:5f:de:af:a9:c9:b7:f7:50:56:a9: ec:8f:00:39:f8:19:b2:ff:79:05:69:81:db:8f:57:79:9e:a4: 86:f2:15:44:57:49:3a:fc:90:44:13:19:2e:51:b5:5c:f5:b3: c0:f7:ad:80:c5:05:36:b3:27:24:fd:58:1a:a4:38:90:e9:47: 79:0c:02:fc:14:bf:f9:ad:16:86:d7:81:39:b4:dd:2e:77:ba: bc:07:78:f1:75:49:e0:c4:18:fd:8c:9e:4a:6b:64:82:fd:2c: 9a:69:c6:1b:4b:da:15:4f:30:a9:0e:a3:52:aa:fb:f8:65:aa: db:9a:b1:bf:06:e4:a7:91:f2:1c:cc:90:2d:ca:f2:22:71:94: be:ce:5b:6e:da:f3:53:6e:c3:b9:fa:d2:90:af:9d:38:c6:2c: ee:9d:1a:77:d2:0f:6c:77:66:43:04:6d:88:58:b2:42:d1:5a: 59:a8:6c:ec:b8:d4:03:82:10:5f:96:40:92:3e:60:8c:05:0c: bc:dc:3f:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwBsLsFKKnDj/TDVA5uAiHbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1 YmQwNDQwHhcNMjYwMTI3MjMwMTI1WhcNMjYwMTI4MjMwMTI1WjAzMTEwLwYDVQQD EyhlNGQ2YjNkNmQ1ZjRiYjIxMTliNGI1OTQ3MWEzOWE0ODdjNGYzMDEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPFZTzoiBGOzXOE70dBfLBxGMmSL MqlRTjavOr8SFoK6VD/uAw2W9pF6HsI4T357tVYqtQ6KkzzqC/wXkxsu7EvS5wps sRh7WLgzzkjR+Qr/gNKcN4sYKIILx885dNzUhZew3Ohff53Q0+/Ms9O+XTqVPzne 1tNyHfryjYwraerFW78/J6aP87545mpyrHJue4JLb2Qp5BAL88m5I74TIngux3VJ dGD9NbxKZUj1WbjrZ0n7RHQfYghEa0FIZuGpmYqlnhvx6NGdHxpd7YLEovj+YMv7 KyYsIoIR18YIMv4i9nwKLAJ7NypBBBMEJwseiucVjiOwFwic8c55G8OBawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTWs9bV9LshGbS1lHGjmkh8TzASMB8GA1UdIwQY MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt ZjYyMzIwOTUxYTM2LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2 LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPeyM0rW IiLF+7pMSCj9xNvwbKbZjsbXPJbNdqVeapY/R8rN+BeM/uzrK39Z/hRQ6mLBa0NP TERShmyRrelf3q+pybf3UFap7I8AOfgZsv95BWmB249XeZ6khvIVRFdJOvyQRBMZ LlG1XPWzwPetgMUFNrMnJP1YGqQ4kOlHeQwC/BS/+a0WhteBObTdLne6vAd48XVJ 4MQY/YyeSmtkgv0smmnGG0vaFU8wqQ6jUqr7+GWq25qxvwbkp5HyHMyQLcryInGU vs5bbtrzU27DufrSkK+dOMYs7p0ad9IPbHdmQwRtiFiyQtFaWahs7LjUA4IQX5ZA kj5gjAUMvNw/rg== -----END CERTIFICATE-----Generated at Wed Jan 28 07:45:19 2026 by rpki-client