This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft File: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft (raw, json) Hash identifier: nPJkgqsHXY8hivx92/cKlHU2d+l9zdeBH7o55qoHa9g= Subject key identifier: 47:29:E9:5D:0A:A5:0A:CB:9A:3F:7E:2D:3F:B0:C6:BD:57:F7:39:26 Authority key identifier: 4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 Certificate issuer: /CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Certificate serial: 019BFC8A9FA2A62F03339B679F2373F14ABA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft Manifest number: 0815 Signing time: Mon 26 Jan 2026 23:01:41 +0000 Manifest this update: Mon 26 Jan 2026 23:01:41 +0000 Manifest next update: Tue 27 Jan 2026 23:01:41 +0000 Files and hashes: 1: QHXSRTuQ2wXN4fBaqbTGI2do0QM.roa (hash: 6/Lj3vL/L1J4PjbZ1lCMZ4grKgrWI3SnlcnhAkor32k=) 2: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl (hash: tLHYI8nzkI8VH0W0Xsgvzn3at8cTTqcsXFXhzlR02zM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:8a:9f:a2:a6:2f:03:33:9b:67:9f:23:73:f1:4a:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Validity Not Before: Jan 26 23:01:41 2026 GMT Not After : Jan 27 23:01:41 2026 GMT Subject: CN=4729e95d0aa50acb9a3f7e2d3fb0c6bd57f73926 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:90:8e:b0:a1:2c:fe:ae:68:97:f8:97:8d:07: ac:9f:5f:f9:91:8c:91:3a:5c:20:7c:ba:e5:f7:16: af:bf:46:a3:99:5c:b2:a5:a5:c6:b9:45:83:44:2b: 4d:60:e4:ab:6c:13:47:f9:53:e6:c3:97:68:2d:f2: 95:66:66:00:c8:48:d8:d6:27:83:c8:31:45:85:47: 86:bf:14:ce:76:e2:47:fe:a6:5d:0d:cd:bc:f3:98: bc:22:84:9a:7f:0f:22:ef:fd:db:e6:34:47:39:1b: d7:89:a7:62:bc:4a:f3:06:80:a7:dd:0c:74:10:45: d2:22:e2:b1:0a:19:9b:40:b3:50:f8:b4:e9:89:41: 15:54:e7:be:11:8b:cf:11:eb:55:41:7a:81:63:e7: 29:a5:3f:e9:d6:8c:c8:97:d1:cd:6b:a2:49:58:b7: b1:1b:08:44:a6:e7:75:aa:e9:b2:10:25:b1:af:77: 6a:1f:24:1e:87:a9:0c:9c:26:aa:7e:84:fd:91:bd: 11:14:60:df:9f:5c:52:c7:3d:82:01:c8:42:41:09: 1a:12:25:c4:9f:c5:67:4e:27:4b:91:cd:d5:b7:76: af:9c:dd:3a:72:49:e2:2f:8f:d0:48:22:2d:bc:00: 43:81:a0:ed:88:49:fa:12:c0:03:bc:49:9b:89:cc: 63:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:29:E9:5D:0A:A5:0A:CB:9A:3F:7E:2D:3F:B0:C6:BD:57:F7:39:26 X509v3 Authority Key Identifier: keyid:4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:ad:14:bc:3e:0c:5e:e3:c2:29:ca:0a:02:aa:ea:5a:4e:84: 62:cc:70:d1:f5:9e:bc:f1:fd:23:97:92:dc:2b:46:71:e2:24: 5d:a4:ee:ce:00:8d:f3:09:5e:70:43:10:a2:61:41:e1:9b:cd: 58:7d:6b:1a:62:65:52:c3:06:20:2a:31:05:b5:de:11:86:69: b6:4d:4d:c7:80:d6:18:f2:23:74:b9:9a:2f:85:76:88:84:94: db:36:0c:35:c9:25:05:af:13:93:64:34:97:77:0a:a4:fa:2d: e1:35:25:5a:cf:b9:2d:5a:88:4d:0c:42:f3:ee:ea:ff:8f:2a: 32:b4:91:0c:61:b5:cc:d7:68:21:da:a9:63:54:23:a3:fe:86: 43:2b:c7:74:14:a0:a7:03:1c:25:03:4c:95:60:39:47:af:45: 61:6d:fa:17:d4:9f:52:a9:9a:ca:b7:3e:b5:31:76:f9:80:97: 32:71:77:27:22:5c:09:4b:48:98:da:12:0b:21:13:81:b4:c8: 02:3b:83:69:ed:0e:9c:25:b0:48:2e:0d:17:c6:99:fc:53:dd: 61:eb:b3:14:1b:57:d9:82:a0:f9:48:9c:17:69:e6:03:74:85: e5:f8:68:94:51:1b:33:7b:85:0a:f1:e2:cf:5e:66:07:fe:bb: a7:6a:55:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8ip+ipi8DM5tnnyNz8Uq6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiM2U1OTZhMjRkNDM2NTBjYjYwZThmY2M5ZTQ0ZDZmOGM5 MjlkMzUwHhcNMjYwMTI2MjMwMTQxWhcNMjYwMTI3MjMwMTQxWjAzMTEwLwYDVQQD Eyg0NzI5ZTk1ZDBhYTUwYWNiOWEzZjdlMmQzZmIwYzZiZDU3ZjczOTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZCOsKEs/q5ol/iXjQesn1/5kYyR OlwgfLrl9xavv0ajmVyypaXGuUWDRCtNYOSrbBNH+VPmw5doLfKVZmYAyEjY1ieD yDFFhUeGvxTOduJH/qZdDc2885i8IoSafw8i7/3b5jRHORvXiadivErzBoCn3Qx0 EEXSIuKxChmbQLNQ+LTpiUEVVOe+EYvPEetVQXqBY+cppT/p1ozIl9HNa6JJWLex GwhEpud1qumyECWxr3dqHyQeh6kMnCaqfoT9kb0RFGDfn1xSxz2CAchCQQkaEiXE n8VnTidLkc3Vt3avnN06ckniL4/QSCItvABDgaDtiEn6EsADvEmbicxjDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEcp6V0KpQrLmj9+LT+wxr1X9zkmMB8GA1UdIwQY MBaAFEs+WWok1DZQy2Do/MnkTW+Mkp01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEt MzNkMThiZjZkZjU1LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEtMzNkMThiZjZkZjU1 LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaa0UvD4M XuPCKcoKAqrqWk6EYsxw0fWevPH9I5eS3CtGceIkXaTuzgCN8wlecEMQomFB4ZvN WH1rGmJlUsMGICoxBbXeEYZptk1Nx4DWGPIjdLmaL4V2iISU2zYMNcklBa8Tk2Q0 l3cKpPot4TUlWs+5LVqITQxC8+7q/48qMrSRDGG1zNdoIdqpY1Qjo/6GQyvHdBSg pwMcJQNMlWA5R69FYW36F9SfUqmayrc+tTF2+YCXMnF3JyJcCUtImNoSCyETgbTI AjuDae0OnCWwSC4NF8aZ/FPdYeuzFBtX2YKg+UicF2nmA3SF5fholFEbM3uFCvHi z15mB/67p2pVAA== -----END CERTIFICATE-----Generated at Tue Jan 27 06:06:26 2026 by rpki-client