This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.mft File: sxLbld_DsxOV4Oy1_yYhLXmN6DQ.mft (raw, json) Hash identifier: AEFMgUzovN4m0JS/x5gm6kb6M2WGv9uGVtE/tXjTZOU= Subject key identifier: 43:57:E0:53:5B:CC:63:37:45:D2:88:4C:40:C6:40:5B:4A:21:E6:CA Authority key identifier: B3:12:DB:95:DF:C3:B3:13:95:E0:EC:B5:FF:26:21:2D:79:8D:E8:34 Certificate issuer: /CN=b312db95dfc3b31395e0ecb5ff26212d798de834 Certificate serial: 019BF9BFDD287427800B67BCCF2DC063E326 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.mft Manifest number: 158F Signing time: Mon 26 Jan 2026 10:00:59 +0000 Manifest this update: Mon 26 Jan 2026 10:00:59 +0000 Manifest next update: Tue 27 Jan 2026 10:00:59 +0000 Files and hashes: 1: X8tdXJvU9JJe77PtcT-JDwBOQi8.roa (hash: tVoeTVft5vKlrmkaWfTVngTflVy/IwyLYYQaNJOX868=) 2: sxLbld_DsxOV4Oy1_yYhLXmN6DQ.crl (hash: Z15NZ3p4EQIX0QdxVy8yI+cujIHjbzsK7Y8CzQIA1i4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.crl rsync://rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:bf:dd:28:74:27:80:0b:67:bc:cf:2d:c0:63:e3:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b312db95dfc3b31395e0ecb5ff26212d798de834 Validity Not Before: Jan 26 10:00:59 2026 GMT Not After : Jan 27 10:00:59 2026 GMT Subject: CN=4357e0535bcc633745d2884c40c6405b4a21e6ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0e:b4:11:b9:55:3e:af:35:28:15:f1:e8:03: 30:5c:a9:f0:7b:3c:44:ae:ae:f2:2c:2b:d5:4b:bf: e4:1d:0c:f1:f0:cc:b5:04:6f:4f:78:08:09:be:bb: 61:0a:09:94:64:94:dd:3f:b6:03:ec:cd:82:7e:65: 83:50:18:95:1b:8e:05:24:5e:ea:f4:ba:a4:fc:bd: 29:19:1e:ce:40:b7:e4:04:6a:9a:b9:4f:80:47:b1: 7a:2d:62:c3:cb:2a:b5:3d:06:1e:c7:32:fb:94:b1: ae:bd:e1:0e:32:d1:05:dc:49:20:1b:af:6d:b2:ee: 75:a4:2f:40:80:c9:6a:6c:0e:c3:9b:ae:28:6b:d5: 3c:82:d8:e5:68:ea:cb:d6:79:3a:29:9a:77:aa:e9: 13:43:74:d1:39:86:3f:b4:ca:9b:5c:1d:b9:b7:85: 09:10:1c:82:b6:a3:ca:ec:61:77:e2:28:dd:e9:e0: 68:e4:59:ae:17:7f:20:3b:5b:1d:40:70:61:b7:72: 8e:06:c3:37:bc:a9:f9:86:5d:62:ab:35:38:66:e5: 63:2f:75:89:b2:06:1f:1a:67:05:72:98:79:22:c9: eb:d7:08:43:87:cc:28:b2:5e:f6:aa:d1:97:87:4a: a9:f0:78:67:1c:c8:e7:77:86:54:a9:56:b5:6c:7c: 3a:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:57:E0:53:5B:CC:63:37:45:D2:88:4C:40:C6:40:5B:4A:21:E6:CA X509v3 Authority Key Identifier: keyid:B3:12:DB:95:DF:C3:B3:13:95:E0:EC:B5:FF:26:21:2D:79:8D:E8:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/cbc50e-faef-43ec-bdba-fda470c61e09/1/sxLbld_DsxOV4Oy1_yYhLXmN6DQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:94:b6:6f:6c:f6:29:dd:54:97:7c:c7:bf:68:f3:f9:ae:7a: 9c:40:ec:77:a7:19:1c:bc:8d:8a:6b:ae:25:51:26:af:a8:95: bc:05:c1:89:bc:84:fe:30:06:06:a6:f3:2f:33:6c:80:5c:e3: 02:87:c9:01:d1:96:f7:f8:5f:79:40:21:07:ab:02:2e:c2:37: 8d:6f:a6:26:e1:41:4c:c7:17:2c:80:69:c1:62:77:89:57:b4: 44:cf:4b:48:cf:12:9a:67:d0:61:81:b9:b1:21:10:2c:74:5c: a3:12:d7:99:79:83:ed:7e:81:88:80:23:d7:dd:b8:35:8e:47: 45:a9:df:7a:1e:19:c9:09:a9:de:bf:89:f6:a9:dd:fb:c4:f9: b3:e1:16:51:ad:4e:00:c6:7d:80:a4:da:62:94:82:e4:ed:b9: 0a:12:9e:f3:a0:ee:cd:a3:61:a5:1f:d0:fb:8d:bb:98:79:60: e7:0a:8d:fc:f4:a0:5e:10:55:91:94:9f:b1:72:bf:1b:b1:e1: 33:40:55:45:79:cf:b4:31:ab:6d:0d:a5:63:8d:d4:94:42:4f: c0:f5:80:e4:27:6f:7a:a5:df:b4:04:c1:3c:e4:fe:7f:58:27: 49:b0:0c:d3:15:a0:14:00:03:4e:13:f2:26:1a:93:a6:78:e5: 80:13:54:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5v90odCeAC2e8zy3AY+MmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzMTJkYjk1ZGZjM2IzMTM5NWUwZWNiNWZmMjYyMTJkNzk4 ZGU4MzQwHhcNMjYwMTI2MTAwMDU5WhcNMjYwMTI3MTAwMDU5WjAzMTEwLwYDVQQD Eyg0MzU3ZTA1MzViY2M2MzM3NDVkMjg4NGM0MGM2NDA1YjRhMjFlNmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA60EblVPq81KBXx6AMwXKnwezxE rq7yLCvVS7/kHQzx8My1BG9PeAgJvrthCgmUZJTdP7YD7M2CfmWDUBiVG44FJF7q 9Lqk/L0pGR7OQLfkBGqauU+AR7F6LWLDyyq1PQYexzL7lLGuveEOMtEF3EkgG69t su51pC9AgMlqbA7Dm64oa9U8gtjlaOrL1nk6KZp3qukTQ3TROYY/tMqbXB25t4UJ EByCtqPK7GF34ijd6eBo5FmuF38gO1sdQHBht3KOBsM3vKn5hl1iqzU4ZuVjL3WJ sgYfGmcFcph5Isnr1whDh8wosl72qtGXh0qp8HhnHMjnd4ZUqVa1bHw6nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFENX4FNbzGM3RdKITEDGQFtKIebKMB8GA1UdIwQY MBaAFLMS25Xfw7MTleDstf8mIS15jeg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3hMYmxkX0RzeE9WNE95MV95WWhMWG1ONkRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jYmM1MGUtZmFlZi00M2VjLWJkYmEt ZmRhNDcwYzYxZTA5LzEvc3hMYmxkX0RzeE9WNE95MV95WWhMWG1ONkRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9jYmM1MGUtZmFlZi00M2VjLWJkYmEtZmRhNDcwYzYxZTA5 LzEvc3hMYmxkX0RzeE9WNE95MV95WWhMWG1ONkRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpS2b2z2 Kd1Ul3zHv2jz+a56nEDsd6cZHLyNimuuJVEmr6iVvAXBibyE/jAGBqbzLzNsgFzj AofJAdGW9/hfeUAhB6sCLsI3jW+mJuFBTMcXLIBpwWJ3iVe0RM9LSM8SmmfQYYG5 sSEQLHRcoxLXmXmD7X6BiIAj1924NY5HRanfeh4ZyQmp3r+J9qnd+8T5s+EWUa1O AMZ9gKTaYpSC5O25ChKe86DuzaNhpR/Q+427mHlg5wqN/PSgXhBVkZSfsXK/G7Hh M0BVRXnPtDGrbQ2lY43UlEJPwPWA5CdveqXftATBPOT+f1gnSbAM0xWgFAADThPy JhqTpnjlgBNU0g== -----END CERTIFICATE-----Generated at Mon Jan 26 18:18:10 2026 by rpki-client