This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json) Hash identifier: 6ywJDpZEaFIjQ9fHLWYl5i9nfsu3klIwWg/C6b+x5x4= Subject key identifier: E3:63:33:2D:20:00:59:19:ED:E8:82:EB:34:E9:0D:0A:76:05:6F:97 Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79 Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79 Certificate serial: 019BE0002E33ABEB176225C7115B90409F56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft Manifest number: 17DE Signing time: Wed 21 Jan 2026 10:01:06 +0000 Manifest this update: Wed 21 Jan 2026 10:01:06 +0000 Manifest next update: Thu 22 Jan 2026 10:01:06 +0000 Files and hashes: 1: 3eahbNs7sLSlMwMQAPIK4WlF5S0.roa (hash: iShcDJZ7gmNtw4FSGePEabrCqu38c4kHe0CrQJ2Q7ow=) 2: MuKPEjpSeKLvjqZfVopVa-G44-Y.roa (hash: gXY94gXYWU1Pqibv85vvI+18JY770F42380MRYt28Gc=) 3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: 0ZOmm1tpzUdBji3oHmjCZ9HZ7EMu93KMm1pg3kb7XaQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:00:2e:33:ab:eb:17:62:25:c7:11:5b:90:40:9f:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79 Validity Not Before: Jan 21 10:01:06 2026 GMT Not After : Jan 22 10:01:06 2026 GMT Subject: CN=e363332d20005919ede882eb34e90d0a76056f97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:22:7c:2b:8f:95:19:1f:d0:0c:98:07:f9:c4: 81:42:d1:87:bb:bc:b4:4b:c1:25:43:89:bc:84:e2: 9b:fe:96:9b:9f:ef:15:9e:6f:57:d5:71:01:30:30: 09:0b:f5:da:da:4c:bd:3f:4f:60:cb:f0:66:e8:55: 8e:3e:4f:b1:9c:76:40:21:4a:fb:9c:01:20:bd:ff: 54:f0:11:9d:c5:34:d0:3f:75:9c:8d:79:58:5a:0b: 26:c5:d6:4e:be:6b:ee:82:0b:c9:8f:a3:f7:3f:5f: d3:d0:fd:d5:10:96:00:8f:93:d8:b3:63:b5:76:e2: 87:88:58:0a:8d:a7:ac:d6:ee:ce:a1:5d:af:13:1a: c5:b5:0a:44:92:41:4b:49:9a:34:c4:ba:43:a4:48: 1f:eb:e7:23:51:30:24:dc:66:02:d2:02:17:eb:af: 83:4d:60:97:14:98:51:d7:a5:1b:11:ae:60:49:13: ea:8f:22:07:38:e2:21:bd:f4:f2:24:91:73:0c:ea: 77:cd:56:1b:4a:f6:19:b1:50:f5:fe:5f:41:05:3b: 69:47:e8:23:7c:21:63:69:00:80:b2:58:15:34:84: a0:f5:c3:e1:17:c6:c6:a6:a8:2f:86:ca:97:ca:45: eb:ec:ad:e2:73:a2:e7:f0:a7:8a:04:9a:c4:d9:ae: e3:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:63:33:2D:20:00:59:19:ED:E8:82:EB:34:E9:0D:0A:76:05:6F:97 X509v3 Authority Key Identifier: keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:7a:3b:10:a8:ac:c8:65:9d:16:f8:a1:59:31:11:33:11:05: d0:4c:c4:af:55:dc:32:f5:11:2c:50:9f:3c:d1:37:7f:65:3d: 78:f4:2f:a6:fe:e1:9a:9f:7d:14:75:4e:c3:2f:40:3c:47:73: bc:33:24:13:e2:34:b1:58:f4:31:5c:d5:dd:8e:71:9a:3b:de: 4b:aa:1a:f1:8f:ae:cc:51:cf:4d:dc:9a:5f:05:55:a6:bc:39: c3:ce:b9:58:5b:d9:1a:66:ec:3c:91:a3:09:72:a2:2c:a2:76: 9b:6e:b5:cf:38:a3:66:3b:c5:75:96:9b:d0:94:27:81:13:0b: 1f:25:d7:ab:87:65:72:db:31:cc:9e:4f:bb:1b:77:0d:58:db: cd:91:06:c9:33:33:bd:d7:4a:f0:26:ce:59:6c:bc:7e:54:68: fa:e5:f6:1a:73:f1:48:4c:30:ee:19:80:e4:77:c9:51:0b:4f: 5c:92:df:c6:e5:0a:2b:39:e4:e8:d0:41:42:e4:11:7b:21:61: b5:39:ad:c2:85:07:52:a1:1b:6a:22:2e:be:aa:39:78:11:51: 51:6b:a9:44:6a:89:9b:10:40:2d:9f:9a:c0:6d:e7:aa:da:d7: cd:4e:3b:39:8a:de:eb:73:7c:bf:d0:a0:24:f7:ea:5b:69:54: 76:22:cc:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvgAC4zq+sXYiXHEVuQQJ9WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy YzNkNzkwHhcNMjYwMTIxMTAwMTA2WhcNMjYwMTIyMTAwMTA2WjAzMTEwLwYDVQQD EyhlMzYzMzMyZDIwMDA1OTE5ZWRlODgyZWIzNGU5MGQwYTc2MDU2Zjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iJ8K4+VGR/QDJgH+cSBQtGHu7y0 S8ElQ4m8hOKb/pabn+8Vnm9X1XEBMDAJC/Xa2ky9P09gy/Bm6FWOPk+xnHZAIUr7 nAEgvf9U8BGdxTTQP3WcjXlYWgsmxdZOvmvuggvJj6P3P1/T0P3VEJYAj5PYs2O1 duKHiFgKjaes1u7OoV2vExrFtQpEkkFLSZo0xLpDpEgf6+cjUTAk3GYC0gIX66+D TWCXFJhR16UbEa5gSRPqjyIHOOIhvfTyJJFzDOp3zVYbSvYZsVD1/l9BBTtpR+gj fCFjaQCAslgVNISg9cPhF8bGpqgvhsqXykXr7K3ic6Ln8KeKBJrE2a7jjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFONjMy0gAFkZ7eiC6zTpDQp2BW+XMB8GA1UdIwQY MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv3o7EKis yGWdFvihWTERMxEF0EzEr1XcMvURLFCfPNE3f2U9ePQvpv7hmp99FHVOwy9APEdz vDMkE+I0sVj0MVzV3Y5xmjveS6oa8Y+uzFHPTdyaXwVVprw5w865WFvZGmbsPJGj CXKiLKJ2m261zzijZjvFdZab0JQngRMLHyXXq4dlctsxzJ5Puxt3DVjbzZEGyTMz vddK8CbOWWy8flRo+uX2GnPxSEww7hmA5HfJUQtPXJLfxuUKKznk6NBBQuQReyFh tTmtwoUHUqEbaiIuvqo5eBFRUWupRGqJmxBALZ+awG3nqtrXzU47OYre63N8v9Cg JPfqW2lUdiLMsg== -----END CERTIFICATE-----Generated at Wed Jan 21 12:22:38 2026 by rpki-client