This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft File: ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft (raw, json) Hash identifier: oyZmvc+rZxsc7tjWP8TlQvdXegdkqXUCDYoEdc+K+hs= Subject key identifier: 91:F1:CD:25:57:FC:B9:AD:4F:31:B0:B1:5C:08:15:CF:5D:71:F3:C2 Authority key identifier: 66:D1:F8:FB:6A:DD:27:2B:46:C4:06:B1:88:5C:93:29:5B:1F:4B:8C Certificate issuer: /CN=66d1f8fb6add272b46c406b1885c93295b1f4b8c Certificate serial: 019BFA2E60F366E31AC04F9990C972DC5713 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft Manifest number: 0E38 Signing time: Mon 26 Jan 2026 12:01:42 +0000 Manifest this update: Mon 26 Jan 2026 12:01:42 +0000 Manifest next update: Tue 27 Jan 2026 12:01:42 +0000 Files and hashes: 1: ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl (hash: fJjrloAs2d2QZOYVxyaRi/XI5zopP1R9x+zjuVrLjsw=) 2: lL_8oe9yDIiLRfrdt08QXqwSDgI.roa (hash: mGmiDsommMvkvURrhIoo2stvYxOoFvSbhP9bGr4bphU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:2e:60:f3:66:e3:1a:c0:4f:99:90:c9:72:dc:57:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66d1f8fb6add272b46c406b1885c93295b1f4b8c Validity Not Before: Jan 26 12:01:42 2026 GMT Not After : Jan 27 12:01:42 2026 GMT Subject: CN=91f1cd2557fcb9ad4f31b0b15c0815cf5d71f3c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:e3:6a:1e:fb:8c:b4:c2:e0:a9:0c:8e:a6:92: 09:61:55:15:37:dc:a1:5d:e3:06:99:77:c6:19:db: 1b:e5:3f:fc:9c:31:85:28:40:36:3a:65:8e:ce:a4: 24:60:d1:66:40:dc:0d:58:1b:41:67:c2:8c:44:9d: ee:b5:a0:d6:60:69:52:e3:0e:6d:1b:92:bf:8f:b2: 06:07:df:e6:67:81:b6:dd:71:3c:69:d9:18:87:96: b8:de:7d:84:34:5f:6b:01:a8:b2:5f:de:79:e6:00: 56:30:cd:c9:24:2b:cb:a6:64:15:d9:0b:ec:e6:2d: c4:dc:ef:ef:3a:af:58:ae:96:31:98:7c:de:38:43: 06:7b:a6:a3:b9:dd:f5:d9:69:c3:f9:a1:e6:c5:45: db:23:23:b6:9d:ac:1a:86:08:c7:53:cb:a6:45:34: a0:70:a4:7e:90:a8:4f:ed:ab:55:43:2c:bc:af:8b: 65:48:f6:8a:03:a9:69:57:dd:6e:ea:ab:30:08:74: 85:a9:9e:70:f5:c9:f9:2d:79:01:57:64:52:d1:1f: 88:c2:81:df:bc:b9:c2:f0:c3:9f:63:b9:98:62:3b: 6d:97:e0:34:fa:be:2f:e1:94:6a:9f:79:ef:fa:34: 7c:b2:2a:55:59:8e:75:0c:5e:5a:43:a6:20:b8:c4: f7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F1:CD:25:57:FC:B9:AD:4F:31:B0:B1:5C:08:15:CF:5D:71:F3:C2 X509v3 Authority Key Identifier: keyid:66:D1:F8:FB:6A:DD:27:2B:46:C4:06:B1:88:5C:93:29:5B:1F:4B:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtH4-2rdJytGxAaxiFyTKVsfS4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a52f6f-14f8-419c-99d9-a59d1350deec/1/ZtH4-2rdJytGxAaxiFyTKVsfS4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:2c:d0:c4:00:1a:27:f4:02:ed:55:86:8f:63:53:8f:f4:8e: a8:20:01:9e:e5:fd:e9:45:54:0e:b8:b5:a0:ae:35:03:5a:da: aa:f1:30:4d:c5:74:9b:eb:40:16:3d:0e:67:52:9f:9f:20:5e: e2:d6:7c:cd:5c:9e:72:3c:72:49:69:5f:7c:7a:a1:db:9c:a8: 67:32:89:aa:0a:eb:91:a8:e8:4b:9d:f6:3c:67:f7:9e:70:d3: be:ad:34:1e:41:b8:38:58:ac:32:53:45:1d:7a:bb:1e:9e:83: 05:bf:71:47:8c:87:b4:2e:55:33:eb:52:bc:9c:7b:3d:82:00: ca:90:11:f5:cb:76:c0:67:e3:76:ee:4b:13:50:83:d7:f9:2f: 95:c0:a0:94:ec:af:5d:c6:19:84:c1:24:28:8e:ec:59:da:97: 7a:79:2d:dc:a9:e1:17:9a:e9:78:fc:43:6d:cc:a3:89:19:a7: 11:c4:ca:27:43:16:63:c1:73:9c:39:68:7c:66:e3:80:7d:2a: 0f:fa:16:ed:ed:75:94:a0:b0:ce:c5:77:dc:ee:65:58:9e:ba: a8:d1:c3:e2:f6:41:96:54:ed:13:5b:a4:8a:ea:dc:03:03:43: 27:d2:3a:f9:00:74:aa:96:81:3e:36:05:1d:27:50:ed:97:6a: 23:b5:46:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6LmDzZuMawE+ZkMly3FcTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZDFmOGZiNmFkZDI3MmI0NmM0MDZiMTg4NWM5MzI5NWIx ZjRiOGMwHhcNMjYwMTI2MTIwMTQyWhcNMjYwMTI3MTIwMTQyWjAzMTEwLwYDVQQD Eyg5MWYxY2QyNTU3ZmNiOWFkNGYzMWIwYjE1YzA4MTVjZjVkNzFmM2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uNqHvuMtMLgqQyOppIJYVUVN9yh XeMGmXfGGdsb5T/8nDGFKEA2OmWOzqQkYNFmQNwNWBtBZ8KMRJ3utaDWYGlS4w5t G5K/j7IGB9/mZ4G23XE8adkYh5a43n2ENF9rAaiyX9555gBWMM3JJCvLpmQV2Qvs 5i3E3O/vOq9YrpYxmHzeOEMGe6ajud312WnD+aHmxUXbIyO2nawahgjHU8umRTSg cKR+kKhP7atVQyy8r4tlSPaKA6lpV91u6qswCHSFqZ5w9cn5LXkBV2RS0R+IwoHf vLnC8MOfY7mYYjttl+A0+r4v4ZRqn3nv+jR8sipVWY51DF5aQ6YguMT3fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJHxzSVX/LmtTzGwsVwIFc9dcfPCMB8GA1UdIwQY MBaAFGbR+Ptq3ScrRsQGsYhckylbH0uMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNTJmNmYtMTRmOC00MTljLTk5ZDkt YTU5ZDEzNTBkZWVjLzEvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi9hNTJmNmYtMTRmOC00MTljLTk5ZDktYTU5ZDEzNTBkZWVj LzEvWnRINC0ycmRKeXRHeEFheGlGeVRLVnNmUzR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPyzQxAAa J/QC7VWGj2NTj/SOqCABnuX96UVUDri1oK41A1raqvEwTcV0m+tAFj0OZ1KfnyBe 4tZ8zVyecjxySWlffHqh25yoZzKJqgrrkajoS532PGf3nnDTvq00HkG4OFisMlNF HXq7Hp6DBb9xR4yHtC5VM+tSvJx7PYIAypAR9ct2wGfjdu5LE1CD1/kvlcCglOyv XcYZhMEkKI7sWdqXenkt3KnhF5rpePxDbcyjiRmnEcTKJ0MWY8FznDlofGbjgH0q D/oW7e11lKCwzsV33O5lWJ66qNHD4vZBllTtE1ukiurcAwNDJ9I6+QB0qpaBPjYF HSdQ7ZdqI7VGPA== -----END CERTIFICATE-----Generated at Mon Jan 26 15:04:57 2026 by rpki-client