This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json) Hash identifier: u7cLc0fzc50ggOSJG+whsinFn8Wq0Yt68DilXqiOTsA= Subject key identifier: 30:75:EF:68:72:FD:2D:9F:F5:00:89:72:87:CC:1C:9B:1B:F4:28:06 Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a Certificate serial: 019BFBADEE68893E2AD11B4832A9EE6046D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft Manifest number: 040E Signing time: Mon 26 Jan 2026 19:00:38 +0000 Manifest this update: Mon 26 Jan 2026 19:00:38 +0000 Manifest next update: Tue 27 Jan 2026 19:00:38 +0000 Files and hashes: 1: 3BcGBZCHDgJs9gSoEvIJqO6Wdng.roa (hash: QqrBTNsjue3924ijEFZUnNRSzA8ZRhSOavKbIrZOqys=) 2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: HzLyUor8X21bVjysANEyHewayGZhYFcjzA5iQKXPorc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:ad:ee:68:89:3e:2a:d1:1b:48:32:a9:ee:60:46:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a Validity Not Before: Jan 26 19:00:38 2026 GMT Not After : Jan 27 19:00:38 2026 GMT Subject: CN=3075ef6872fd2d9ff500897287cc1c9b1bf42806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d6:fe:8a:2a:b2:33:cb:b0:c3:d5:08:06:16: a8:e0:b0:bf:68:82:01:b9:60:e8:f8:09:26:3a:40: de:72:19:4d:cc:24:49:86:79:f1:2d:ed:90:cb:5b: a2:97:57:71:e9:7e:da:04:3e:eb:89:4a:5d:d0:c0: ec:fb:9f:3d:71:1c:03:04:64:64:09:fa:22:db:8d: 78:a6:34:5e:d4:84:0c:be:63:16:ff:3a:ec:61:a1: 0c:17:e5:54:34:f2:6b:c4:3e:57:dd:8b:72:99:66: 7c:2f:8c:e7:c7:0d:f7:8f:40:48:f9:a7:a8:08:31: 3b:37:34:ae:1b:92:98:d6:c3:da:0e:18:e5:5d:4a: 4a:8e:9d:f4:98:97:5e:41:bf:99:49:a3:ee:8b:3e: 8e:ad:3c:f8:12:c2:56:cf:eb:6e:42:c3:ca:a3:c1: d1:25:b3:19:55:28:c8:0e:b6:a1:57:7a:e1:1c:06: 2b:9a:b9:28:79:70:4a:ac:dc:9c:41:3b:06:ce:8e: c6:44:71:85:c3:1b:51:dc:74:31:89:8c:28:4e:f3: 97:ee:32:76:0f:63:45:b8:90:11:26:5d:be:fe:a8: 0f:0d:37:13:09:90:1f:f2:82:23:bf:78:64:d9:35: 02:8c:62:30:20:8b:2d:90:5c:95:d4:70:85:6d:9d: 99:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:75:EF:68:72:FD:2D:9F:F5:00:89:72:87:CC:1C:9B:1B:F4:28:06 X509v3 Authority Key Identifier: keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:2c:b5:9d:d9:a2:07:69:1e:4b:bf:19:24:9a:6d:90:11:fb: 8e:f7:f2:65:53:e0:72:1d:6c:6b:27:b5:d2:b7:16:f1:df:45: 47:eb:54:79:0e:5f:d2:6e:e0:a2:1b:66:1b:99:59:5f:68:13: 21:6a:57:ba:26:4e:f0:d2:0d:c9:3f:0f:55:4b:34:e6:c8:1f: 5e:7c:e2:93:73:5b:d2:65:01:30:d0:d0:00:22:57:52:66:75: c7:74:ce:81:ed:d4:10:d3:64:fd:12:fb:6a:20:88:c7:3e:5e: d8:02:6d:7f:7f:cb:3f:20:f1:8c:7b:e3:f3:48:6d:6b:e8:a8: b8:8a:b0:0c:62:eb:e9:d5:83:6d:9f:6d:59:3b:af:c8:18:d4: e5:a4:cd:03:97:a7:b4:09:67:cc:64:ac:d3:7a:ac:9c:16:81: 96:e1:ef:76:d6:33:79:1b:8d:ba:e2:d6:c5:c5:2c:95:51:b5: bb:14:52:20:f2:3f:08:69:65:5b:ef:ef:2d:da:4f:5e:8b:bf: ba:41:2d:ee:0a:fe:f7:f2:c7:a7:27:cc:65:4d:96:a6:cd:65: a4:bc:59:13:4c:43:15:55:e7:f2:25:0f:d0:92:7d:48:3f:6f: 25:c6:0c:ee:fc:55:8c:e8:55:13:93:64:53:4d:83:3a:82:3f: 17:b4:8c:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7re5oiT4q0RtIMqnuYEbVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2 ODY5MWEwHhcNMjYwMTI2MTkwMDM4WhcNMjYwMTI3MTkwMDM4WjAzMTEwLwYDVQQD EygzMDc1ZWY2ODcyZmQyZDlmZjUwMDg5NzI4N2NjMWM5YjFiZjQyODA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdb+iiqyM8uww9UIBhao4LC/aIIB uWDo+AkmOkDechlNzCRJhnnxLe2Qy1uil1dx6X7aBD7riUpd0MDs+589cRwDBGRk Cfoi2414pjRe1IQMvmMW/zrsYaEMF+VUNPJrxD5X3YtymWZ8L4znxw33j0BI+aeo CDE7NzSuG5KY1sPaDhjlXUpKjp30mJdeQb+ZSaPuiz6OrTz4EsJWz+tuQsPKo8HR JbMZVSjIDrahV3rhHAYrmrkoeXBKrNycQTsGzo7GRHGFwxtR3HQxiYwoTvOX7jJ2 D2NFuJARJl2+/qgPDTcTCZAf8oIjv3hk2TUCjGIwIIstkFyV1HCFbZ2ZHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDB172hy/S2f9QCJcofMHJsb9CgGMB8GA1UdIwQY MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSy1ndmi B2keS78ZJJptkBH7jvfyZVPgch1saye10rcW8d9FR+tUeQ5f0m7gohtmG5lZX2gT IWpXuiZO8NINyT8PVUs05sgfXnzik3Nb0mUBMNDQACJXUmZ1x3TOge3UENNk/RL7 aiCIxz5e2AJtf3/LPyDxjHvj80hta+iouIqwDGLr6dWDbZ9tWTuvyBjU5aTNA5en tAlnzGSs03qsnBaBluHvdtYzeRuNuuLWxcUslVG1uxRSIPI/CGllW+/vLdpPXou/ ukEt7gr+9/LHpyfMZU2Wps1lpLxZE0xDFVXn8iUP0JJ9SD9vJcYM7vxVjOhVE5Nk U02DOoI/F7SMew== -----END CERTIFICATE-----Generated at Tue Jan 27 01:18:38 2026 by rpki-client