This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft File: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json) Hash identifier: 2Bm3N4UB4nkhr0Ff3JjRA9Q4RBzt7YHbJemTZx3drE8= Subject key identifier: 49:B0:90:4D:B7:DA:B0:67:90:3D:26:2F:B7:66:2E:51:72:AE:BB:19 Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB Certificate issuer: /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Certificate serial: 019BD20D192563BA14DEBF38628128F51B19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft Manifest number: 1769 Signing time: Sun 18 Jan 2026 17:00:32 +0000 Manifest this update: Sun 18 Jan 2026 17:00:32 +0000 Manifest next update: Mon 19 Jan 2026 17:00:32 +0000 Files and hashes: 1: a3vqBzTeMihaLI7nX3YXTwT9QXM.roa (hash: YtcSgTlR3L7xs2ulbON7vgzLF5ftnMrGCR+z8FjX7OE=) 2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: Eh8Pfukwm2o29B6gpXrckl5ap6G1KbwZP4oHLYxYs5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 17:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d2:0d:19:25:63:ba:14:de:bf:38:62:81:28:f5:1b:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb Validity Not Before: Jan 18 17:00:32 2026 GMT Not After : Jan 19 17:00:32 2026 GMT Subject: CN=49b0904db7dab067903d262fb7662e5172aebb19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:70:a6:cd:e4:fd:98:3e:42:4a:f5:87:8e:06: bb:2e:e9:d7:18:fd:c7:52:c9:90:1a:73:42:e9:86: ff:ac:80:4b:38:9a:98:93:b8:ad:9a:a8:5f:11:25: 5e:01:d4:ad:d7:c0:16:73:5a:37:29:9d:d6:29:ab: cc:cd:ff:e0:45:8a:ac:c7:f5:b4:33:92:6d:cc:6c: bf:b5:21:6e:56:db:2d:9d:4e:b6:7c:fc:ae:9b:7f: 31:64:d9:f4:c5:d8:e0:1a:49:6a:5a:4e:57:53:cf: 48:df:40:62:be:da:5c:c1:39:b7:95:47:84:c4:85: f3:97:b0:a7:d6:6e:71:d8:55:fa:6a:c6:ef:11:de: d1:b0:69:5e:ce:ae:83:e5:7a:76:00:66:b9:63:05: 4b:c6:ce:91:52:a9:e3:04:71:d7:80:61:a1:e4:fa: 18:63:a6:4e:8b:b3:63:5c:4a:57:59:9a:34:43:fa: b2:a8:75:ff:be:a7:d8:02:ce:96:c7:db:b0:af:1f: 80:d9:0f:57:ed:0a:fd:e6:26:d3:8d:1c:d4:6e:85: 19:22:9e:dc:2b:ec:b7:2f:73:dc:0f:74:32:70:76: a1:91:1c:5f:86:37:8f:1f:ae:95:6c:fb:38:5b:80: b5:d1:05:fb:d4:0e:ae:d5:fa:58:74:d2:56:51:5d: 60:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B0:90:4D:B7:DA:B0:67:90:3D:26:2F:B7:66:2E:51:72:AE:BB:19 X509v3 Authority Key Identifier: keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:81:99:d1:57:a0:b8:c5:2c:c9:7f:bc:ae:0e:bf:72:21:3a: f7:ea:f2:2c:36:dc:c2:dd:0a:0f:6f:f4:23:90:c5:8f:8f:3d: 88:b5:b0:68:9a:42:1f:67:e2:a9:03:cb:c4:c5:64:c8:75:53: 0b:ce:bf:5b:5c:99:21:a6:80:84:ec:24:e2:fa:60:78:5d:cb: f7:f3:81:d5:7d:cf:fa:29:4d:fe:b5:5b:f4:6e:3e:14:bf:0e: 65:05:93:aa:bf:5b:e1:c6:1b:ca:96:b2:59:46:a8:97:54:6e: 7c:58:3d:ad:73:e1:b0:69:6e:de:c1:5c:70:52:1f:0b:61:30: 67:44:5b:e3:b6:1c:61:42:fa:ee:37:3c:ae:8f:2e:a4:d3:86: a8:af:57:66:57:7a:1f:aa:97:d2:9d:a1:36:a8:81:4d:e3:2e: eb:04:b3:30:da:b7:cd:bd:90:07:64:4b:cf:6e:fc:b5:02:15: 60:91:2c:59:42:c0:17:32:52:5e:5a:a1:57:5f:cb:92:ac:48: 6c:ce:4b:50:b2:f1:6e:85:66:c7:51:38:9a:a8:e9:03:ef:ae: 1c:a1:83:4b:8a:43:fd:cb:82:83:d8:9b:e1:fa:db:5b:b4:1e: 68:35:36:80:2f:e1:7b:0f:4b:7e:37:be:b5:f6:01:fa:3d:fc: 4c:48:e3:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvSDRklY7oU3r84YoEo9RsZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl YTU3YmIwHhcNMjYwMTE4MTcwMDMyWhcNMjYwMTE5MTcwMDMyWjAzMTEwLwYDVQQD Eyg0OWIwOTA0ZGI3ZGFiMDY3OTAzZDI2MmZiNzY2MmU1MTcyYWViYjE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunCmzeT9mD5CSvWHjga7LunXGP3H UsmQGnNC6Yb/rIBLOJqYk7itmqhfESVeAdSt18AWc1o3KZ3WKavMzf/gRYqsx/W0 M5JtzGy/tSFuVtstnU62fPyum38xZNn0xdjgGklqWk5XU89I30BivtpcwTm3lUeE xIXzl7Cn1m5x2FX6asbvEd7RsGlezq6D5Xp2AGa5YwVLxs6RUqnjBHHXgGGh5PoY Y6ZOi7NjXEpXWZo0Q/qyqHX/vqfYAs6Wx9uwrx+A2Q9X7Qr95ibTjRzUboUZIp7c K+y3L3PcD3QycHahkRxfhjePH66VbPs4W4C10QX71A6u1fpYdNJWUV1gYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEmwkE232rBnkD0mL7dmLlFyrrsZMB8GA1UdIwQY MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2 LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4GZ0Veg uMUsyX+8rg6/ciE69+ryLDbcwt0KD2/0I5DFj489iLWwaJpCH2fiqQPLxMVkyHVT C86/W1yZIaaAhOwk4vpgeF3L9/OB1X3P+ilN/rVb9G4+FL8OZQWTqr9b4cYbypay WUaol1RufFg9rXPhsGlu3sFccFIfC2EwZ0Rb47YcYUL67jc8ro8upNOGqK9XZld6 H6qX0p2hNqiBTeMu6wSzMNq3zb2QB2RLz278tQIVYJEsWULAFzJSXlqhV1/LkqxI bM5LULLxboVmx1E4mqjpA++uHKGDS4pD/cuCg9ib4frbW7QeaDU2gC/hew9Lfje+ tfYB+j38TEjjPw== -----END CERTIFICATE-----Generated at Mon Jan 19 03:13:38 2026 by rpki-client