This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json) Hash identifier: a19n2uMVQ36XpUP5VKbLba/PvtrJTO+rIISfUW3b6lI= Subject key identifier: DD:07:EE:EF:C2:76:55:21:06:34:7F:B1:53:6D:BA:B7:D8:01:6F:CE Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Certificate serial: 019BFE41B9259FB362411B96BEC0A147CB6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft Manifest number: 04D4 Signing time: Tue 27 Jan 2026 07:01:18 +0000 Manifest this update: Tue 27 Jan 2026 07:01:18 +0000 Manifest next update: Wed 28 Jan 2026 07:01:18 +0000 Files and hashes: 1: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: 9+/6Op5SjUTTypHllWeZy1tJ7SFEjFtAhC09IiNHvIM=) 2: d9ad6eSfGOCAtJCyfx5T80LXc84.roa (hash: l8TnxH7nYsbi9OkxC5kgX4fiX1lQ108inFjyeEj/BH0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fe:41:b9:25:9f:b3:62:41:1b:96:be:c0:a1:47:cb:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Validity Not Before: Jan 27 07:01:18 2026 GMT Not After : Jan 28 07:01:18 2026 GMT Subject: CN=dd07eeefc276552106347fb1536dbab7d8016fce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4e:2e:a6:15:1b:35:de:d4:66:07:53:02:bc: b2:97:38:b5:e7:a9:f3:f5:73:f2:3e:74:3f:7c:b9: 83:4f:55:a2:6f:56:a1:6d:a1:c2:14:ab:b2:37:3e: 2c:aa:22:12:55:a3:c6:04:53:ef:f2:c9:d9:80:49: 9a:0f:5c:2a:92:df:cf:5f:f8:50:e2:f0:bf:7d:fc: 5e:68:10:da:65:6c:24:f2:51:18:ae:04:13:a6:82: 71:b3:b0:09:ec:ea:e6:d6:20:27:c2:a8:7e:cb:ef: 4c:b7:4a:65:54:63:46:9a:9c:f1:3f:85:68:9f:f9: 90:52:11:c4:fd:3e:52:92:46:7f:1a:ff:c0:6f:3f: f3:09:cc:d3:12:4c:33:0c:77:c0:5d:d3:58:75:6b: 40:44:a3:42:55:3d:db:74:61:83:38:9d:90:1a:15: 3b:69:be:ae:e1:52:d5:38:e8:1f:ef:5d:21:5f:78: 37:4d:52:44:15:b9:ab:3f:a8:ac:0d:5f:dd:79:12: 2f:19:1d:f8:27:1a:8e:3f:33:6b:78:d6:27:7b:43: 3e:cf:5c:43:e1:48:ae:ee:70:6d:e2:94:1d:75:75: 20:99:97:e1:3c:40:85:2e:2c:08:6f:f0:29:95:7a: a4:46:4a:bb:2e:e7:8c:34:a8:28:16:2d:10:c2:7d: fd:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:07:EE:EF:C2:76:55:21:06:34:7F:B1:53:6D:BA:B7:D8:01:6F:CE X509v3 Authority Key Identifier: keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:63:bd:3b:e5:64:38:fa:50:a1:67:8d:22:4d:ed:39:8b:ea: 61:15:22:b7:45:36:f8:d5:5d:a9:91:83:48:6d:e9:23:e6:de: 31:fc:d3:cd:27:04:26:cc:1d:40:a1:e5:8c:06:38:52:c4:d9: 55:3a:96:50:06:ca:dc:36:35:d0:30:e3:1d:ba:5d:75:b2:7c: 69:fb:fb:95:ae:73:86:5f:c9:e8:d1:c9:db:50:3f:5d:e5:99: c3:e2:56:6d:e6:52:d2:2b:0f:e6:ff:72:4a:38:6a:5c:13:7a: 1e:bf:d3:4b:00:2f:0a:a2:86:2c:e5:f0:f0:b2:0b:b8:3e:03: 7d:24:db:b6:0e:91:11:df:b3:c2:4e:a2:2e:78:fc:48:5a:5e: 4d:39:2e:c8:78:95:1e:4b:40:e8:74:68:1b:2d:9b:23:b0:12: d6:a8:68:ed:bd:41:a2:c7:9c:2f:f7:1a:5c:87:ab:9d:5f:c9: 28:30:66:61:00:1f:68:28:9a:46:77:82:e4:28:7e:d9:6d:0f: 91:c8:92:c4:15:1a:a3:27:5a:16:4f:87:f6:eb:2f:ec:c4:ea: 84:8d:dd:8f:c0:3f:5f:eb:f7:9e:57:03:ed:34:22:4f:e1:cd: 2d:b1:24:45:ba:43:e3:7d:ec:81:16:63:a0:4c:79:b3:40:a5: 5c:c3:9f:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv+Qbkln7NiQRuWvsChR8trMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz NDFkZTEwHhcNMjYwMTI3MDcwMTE4WhcNMjYwMTI4MDcwMTE4WjAzMTEwLwYDVQQD EyhkZDA3ZWVlZmMyNzY1NTIxMDYzNDdmYjE1MzZkYmFiN2Q4MDE2ZmNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl04uphUbNd7UZgdTAryylzi156nz 9XPyPnQ/fLmDT1Wib1ahbaHCFKuyNz4sqiISVaPGBFPv8snZgEmaD1wqkt/PX/hQ 4vC/ffxeaBDaZWwk8lEYrgQTpoJxs7AJ7Orm1iAnwqh+y+9Mt0plVGNGmpzxP4Vo n/mQUhHE/T5SkkZ/Gv/Abz/zCczTEkwzDHfAXdNYdWtARKNCVT3bdGGDOJ2QGhU7 ab6u4VLVOOgf710hX3g3TVJEFbmrP6isDV/deRIvGR34JxqOPzNreNYne0M+z1xD 4Uiu7nBt4pQddXUgmZfhPECFLiwIb/AplXqkRkq7LueMNKgoFi0Qwn39NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN0H7u/CdlUhBjR/sVNturfYAW/OMB8GA1UdIwQY MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWO9O+Vk OPpQoWeNIk3tOYvqYRUit0U2+NVdqZGDSG3pI+beMfzTzScEJswdQKHljAY4UsTZ VTqWUAbK3DY10DDjHbpddbJ8afv7la5zhl/J6NHJ21A/XeWZw+JWbeZS0isP5v9y SjhqXBN6Hr/TSwAvCqKGLOXw8LILuD4DfSTbtg6REd+zwk6iLnj8SFpeTTkuyHiV HktA6HRoGy2bI7AS1qho7b1BosecL/caXIernV/JKDBmYQAfaCiaRneC5Ch+2W0P kciSxBUaoydaFk+H9usv7MTqhI3dj8A/X+v3nlcD7TQiT+HNLbEkRbpD433sgRZj oEx5s0ClXMOfaw== -----END CERTIFICATE-----Generated at Tue Jan 27 09:55:11 2026 by rpki-client