This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: 5CiWLn97ibqUggUnC79sI//FIVI3aVDmT3ua1kme7og= Subject key identifier: 32:F0:E7:F8:BA:A4:86:2F:90:7D:BB:6F:25:18:57:2B:38:65:14:C2 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019C06321C3E4B829A39988918F8FDB04F0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1784 Signing time: Wed 28 Jan 2026 20:01:13 +0000 Manifest this update: Wed 28 Jan 2026 20:01:13 +0000 Manifest next update: Thu 29 Jan 2026 20:01:13 +0000 Files and hashes: 1: a3vqBzTeMihaLI7nX3YXTwT9QXM.roa (hash: YtcSgTlR3L7xs2ulbON7vgzLF5ftnMrGCR+z8FjX7OE=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: 1qwJ8Ol3xQilZ4CSA09KO0mQnFtli2CxW052WvD7SM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 18:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:06:32:1c:3e:4b:82:9a:39:98:89:18:f8:fd:b0:4f:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Jan 28 20:01:13 2026 GMT Not After : Jan 29 20:01:13 2026 GMT Subject: CN=32f0e7f8baa4862f907dbb6f2518572b386514c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:dc:09:be:38:1e:d8:be:d2:7f:b6:53:e8:4e: c3:fd:2f:e1:60:6e:1f:88:cd:4e:d7:3e:ca:50:bb: 78:55:d7:aa:c0:d6:cc:6c:cb:53:cd:ac:4f:a6:bf: 6e:08:c8:e3:2e:f3:a1:66:8f:49:f3:27:ec:79:f0: 5b:7e:f0:76:bc:e8:7a:99:9f:8c:e1:3e:e7:6e:63: b1:1e:aa:81:fb:f8:25:fc:f3:cd:38:3b:0a:46:f5: 20:81:bf:fa:0a:75:ba:80:08:e0:bb:81:aa:80:7f: d2:bf:66:b2:fe:fe:0d:64:c9:88:fd:9c:22:5d:90: bf:d8:f3:38:b8:e9:6d:39:b8:91:c8:4e:dc:52:61: 48:2b:eb:51:0e:81:d1:8c:22:5f:02:72:0a:a6:89: 8c:bd:d6:a8:e3:e3:3b:71:79:a5:39:15:35:26:5a: 69:4b:f4:61:f9:55:e4:ab:be:5b:f9:3a:85:7d:f5: 03:88:c3:b2:5f:9f:8d:43:a0:05:af:54:e8:b4:84: c0:14:af:01:90:01:ee:22:02:c4:d9:0a:af:27:43: de:2a:7c:95:fd:af:5f:b0:03:97:01:5a:8a:35:44: d7:95:df:65:c2:8e:89:38:e1:40:59:1b:ed:27:94: d5:e5:4a:02:1f:14:4b:e0:98:da:69:2f:a1:e9:4d: 55:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:F0:E7:F8:BA:A4:86:2F:90:7D:BB:6F:25:18:57:2B:38:65:14:C2 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:ff:dc:06:8d:e5:b0:01:13:db:16:38:de:49:8c:c8:87:b1: 75:11:d3:22:a5:cb:fb:c1:63:52:1a:2c:1f:85:80:ff:2a:1b: de:0a:06:b1:05:b6:6b:7b:95:18:a8:42:0b:6f:e3:7f:99:26: cd:f0:be:3e:49:32:98:75:5e:f7:0d:0a:85:f0:33:2e:36:fa: da:46:63:04:9d:b8:36:93:ea:95:51:14:96:dc:b2:53:d7:96: 3c:34:e6:5d:e7:c5:0a:9d:1f:63:3c:59:94:63:5f:97:11:4c: c0:56:8d:88:e2:11:e0:3c:d4:8d:8d:58:ae:61:2a:6c:a1:9d: 8e:86:1b:54:8f:55:e2:38:ad:dc:b6:af:c8:36:9c:1e:5d:d9: bd:c9:88:59:08:e0:38:ce:38:f9:ce:8d:7b:ea:bd:93:78:18: e8:1b:69:a9:6f:92:0e:99:42:20:0a:0d:60:47:44:e7:20:dc: bd:34:55:bc:81:1b:a9:5d:2d:a9:9f:5b:1b:b6:67:46:91:a0: 26:b3:f4:f9:76:e7:64:78:87:73:ee:af:76:68:ac:8d:18:bd: 30:bd:00:3e:a9:97:7c:10:a3:64:7b:01:c5:b0:1b:cb:4f:ea: 74:ac:58:9c:6d:62:73:f4:ee:c7:77:66:e8:66:ac:fd:7a:b2: c2:26:7d:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwGMhw+S4KaOZiJGPj9sE8OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjYwMTI4MjAwMTEzWhcNMjYwMTI5MjAwMTEzWjAzMTEwLwYDVQQD EygzMmYwZTdmOGJhYTQ4NjJmOTA3ZGJiNmYyNTE4NTcyYjM4NjUxNGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9wJvjge2L7Sf7ZT6E7D/S/hYG4f iM1O1z7KULt4VdeqwNbMbMtTzaxPpr9uCMjjLvOhZo9J8yfsefBbfvB2vOh6mZ+M 4T7nbmOxHqqB+/gl/PPNODsKRvUggb/6CnW6gAjgu4GqgH/Sv2ay/v4NZMmI/Zwi XZC/2PM4uOltObiRyE7cUmFIK+tRDoHRjCJfAnIKpomMvdao4+M7cXmlORU1Jlpp S/Rh+VXkq75b+TqFffUDiMOyX5+NQ6AFr1TotITAFK8BkAHuIgLE2QqvJ0PeKnyV /a9fsAOXAVqKNUTXld9lwo6JOOFAWRvtJ5TV5UoCHxRL4JjaaS+h6U1V6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDLw5/i6pIYvkH27byUYVys4ZRTCMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIv/cBo3l sAET2xY43kmMyIexdRHTIqXL+8FjUhosH4WA/yob3goGsQW2a3uVGKhCC2/jf5km zfC+PkkymHVe9w0KhfAzLjb62kZjBJ24NpPqlVEUltyyU9eWPDTmXefFCp0fYzxZ lGNflxFMwFaNiOIR4DzUjY1YrmEqbKGdjoYbVI9V4jit3LavyDacHl3ZvcmIWQjg OM44+c6Ne+q9k3gY6BtpqW+SDplCIAoNYEdE5yDcvTRVvIEbqV0tqZ9bG7ZnRpGg JrP0+XbnZHiHc+6vdmisjRi9ML0APqmXfBCjZHsBxbAby0/qdKxYnG1ic/Tux3dm 6Gas/XqywiZ9LQ== -----END CERTIFICATE-----Generated at Thu Jan 29 03:55:38 2026 by rpki-client