This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft File: XGGrSm35u5XP3orwdmaKWVs0HeE.mft (raw, json) Hash identifier: A2YP3GjfBl5eqIrFrMGYHkdwh3JYFMxjq45+0cmOQGU= Subject key identifier: B7:4E:A1:2D:9F:14:ED:19:23:A5:48:8B:1F:D9:3E:D6:00:C8:05:74 Authority key identifier: 5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 Certificate issuer: /CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Certificate serial: 019BFC52E9123B1C86C856460B1648057B19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft Manifest number: 04D3 Signing time: Mon 26 Jan 2026 22:00:50 +0000 Manifest this update: Mon 26 Jan 2026 22:00:50 +0000 Manifest next update: Tue 27 Jan 2026 22:00:50 +0000 Files and hashes: 1: XGGrSm35u5XP3orwdmaKWVs0HeE.crl (hash: vFrk+eWZ437LvMIu8E+wHlnc/nwrgJ4PHKdKzA8Rtak=) 2: d9ad6eSfGOCAtJCyfx5T80LXc84.roa (hash: l8TnxH7nYsbi9OkxC5kgX4fiX1lQ108inFjyeEj/BH0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 22:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:52:e9:12:3b:1c:86:c8:56:46:0b:16:48:05:7b:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c61ab4a6df9bb95cfde8af076668a595b341de1 Validity Not Before: Jan 26 22:00:50 2026 GMT Not After : Jan 27 22:00:50 2026 GMT Subject: CN=b74ea12d9f14ed1923a5488b1fd93ed600c80574 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:46:76:ed:c3:9b:69:8a:84:95:04:14:14:00: e8:57:ea:fa:98:81:8a:ca:86:6a:a0:da:02:04:89: 61:1d:d9:7b:75:57:9e:9b:f3:55:59:a3:3f:f3:5c: dc:17:0b:c9:94:d2:72:27:40:10:62:18:2a:3e:8d: 87:38:27:8c:17:0a:a2:17:cb:23:dd:0c:31:0f:95: 34:2d:9f:59:7a:40:c1:54:81:c7:68:84:a2:8f:d5: a0:12:ed:f1:48:99:71:e3:2c:a9:68:78:4c:5c:05: 07:8e:a1:7a:7b:dd:9b:21:7b:0f:c0:00:ed:46:b6: 88:af:bf:d8:82:28:f2:86:cb:89:e6:07:ab:f6:aa: 0c:4a:11:db:9e:17:a7:18:4d:32:21:2b:71:4d:a3: 9e:d3:90:06:48:40:1a:0c:b5:5f:5f:c2:77:cd:10: da:df:9d:b1:aa:45:24:77:19:40:5b:86:e6:d2:e4: 17:b9:db:41:c9:dc:2b:1c:6c:77:69:7d:af:0f:4b: 59:b0:b9:a2:62:b7:0e:74:53:08:98:c4:4f:b8:b6: 0e:86:5a:a6:e3:5c:3f:cf:35:81:f7:66:01:c5:2e: b4:3a:f1:e4:1f:3b:e1:19:aa:62:9f:2d:40:82:0d: 7e:46:04:c3:3a:dc:c8:49:aa:0b:27:fb:c5:5a:92: 53:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:4E:A1:2D:9F:14:ED:19:23:A5:48:8B:1F:D9:3E:D6:00:C8:05:74 X509v3 Authority Key Identifier: keyid:5C:61:AB:4A:6D:F9:BB:95:CF:DE:8A:F0:76:66:8A:59:5B:34:1D:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGGrSm35u5XP3orwdmaKWVs0HeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/fd5a98-272f-4078-948d-6fa868921dfb/1/XGGrSm35u5XP3orwdmaKWVs0HeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:56:47:52:51:57:c7:6d:18:fa:5d:8b:a4:ee:17:37:c9:23: ad:cf:bd:73:fd:8d:04:a5:75:6a:eb:00:14:60:6e:83:f3:3d: 57:f7:12:21:6c:4c:59:89:cc:f7:03:ad:72:59:4a:17:5e:cf: f5:bd:c6:49:b4:95:f0:e7:8c:b9:6d:78:56:9a:65:74:b0:c8: 98:f4:c8:55:cd:73:01:cd:ab:70:52:f2:8f:d0:b3:d6:cf:c9: c8:36:ee:09:8d:15:55:51:0a:2e:54:f3:1a:51:43:c8:4b:11: 77:f1:6e:78:88:9c:b2:ec:0a:e4:55:90:1a:3b:e7:44:0f:55: df:05:b0:b0:fd:5b:97:2e:9b:41:30:ba:58:f7:2d:36:7b:b9: 75:a5:83:0f:fc:6d:3c:c5:20:2d:fd:1c:8f:90:99:44:44:f2: f9:d2:ec:c1:56:cf:fb:6c:b0:bd:20:14:03:8e:f0:4d:9b:63: 34:03:8f:b8:ee:75:a6:8c:de:f9:a2:1e:fe:44:f1:4a:a4:fc: 79:b7:4a:b4:df:85:44:85:76:83:37:98:37:c1:4c:63:56:b1: bb:98:0c:eb:c8:6e:4d:d9:b2:1b:f2:21:3b:eb:d1:a7:bd:21: 17:ea:fc:7e:47:7c:54:81:58:aa:91:50:db:3e:24:9e:47:f7: 30:20:c8:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8UukSOxyGyFZGCxZIBXsZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjFhYjRhNmRmOWJiOTVjZmRlOGFmMDc2NjY4YTU5NWIz NDFkZTEwHhcNMjYwMTI2MjIwMDUwWhcNMjYwMTI3MjIwMDUwWjAzMTEwLwYDVQQD EyhiNzRlYTEyZDlmMTRlZDE5MjNhNTQ4OGIxZmQ5M2VkNjAwYzgwNTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEZ27cObaYqElQQUFADoV+r6mIGK yoZqoNoCBIlhHdl7dVeem/NVWaM/81zcFwvJlNJyJ0AQYhgqPo2HOCeMFwqiF8sj 3QwxD5U0LZ9ZekDBVIHHaISij9WgEu3xSJlx4yypaHhMXAUHjqF6e92bIXsPwADt RraIr7/YgijyhsuJ5ger9qoMShHbnhenGE0yIStxTaOe05AGSEAaDLVfX8J3zRDa 352xqkUkdxlAW4bm0uQXudtBydwrHGx3aX2vD0tZsLmiYrcOdFMImMRPuLYOhlqm 41w/zzWB92YBxS60OvHkHzvhGapiny1Agg1+RgTDOtzISaoLJ/vFWpJTwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLdOoS2fFO0ZI6VIix/ZPtYAyAV0MB8GA1UdIwQY MBaAFFxhq0pt+buVz96K8HZmillbNB3hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQt NmZhODY4OTIxZGZiLzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mZDVhOTgtMjcyZi00MDc4LTk0OGQtNmZhODY4OTIxZGZi LzEvWEdHclNtMzV1NVhQM29yd2RtYUtXVnMwSGVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWFZHUlFX x20Y+l2LpO4XN8kjrc+9c/2NBKV1ausAFGBug/M9V/cSIWxMWYnM9wOtcllKF17P 9b3GSbSV8OeMuW14VppldLDImPTIVc1zAc2rcFLyj9Cz1s/JyDbuCY0VVVEKLlTz GlFDyEsRd/FueIicsuwK5FWQGjvnRA9V3wWwsP1bly6bQTC6WPctNnu5daWDD/xt PMUgLf0cj5CZRETy+dLswVbP+2ywvSAUA47wTZtjNAOPuO51poze+aIe/kTxSqT8 ebdKtN+FRIV2gzeYN8FMY1axu5gM68huTdmyG/IhO+vRp70hF+r8fkd8VIFYqpFQ 2z4knkf3MCDIiQ== -----END CERTIFICATE-----Generated at Tue Jan 27 08:29:40 2026 by rpki-client