This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft File: Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft (raw, json) Hash identifier: LHl7kH/rgEA0yPgI1gI14YGexDg/42TW/16HWWAJAas= Subject key identifier: 3B:86:13:10:3D:90:C0:43:C9:83:2F:3C:63:7C:AC:54:B7:5C:36:20 Authority key identifier: 67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2 Certificate issuer: /CN=670ec53068393d90db601ec295e42908525e10c2 Certificate serial: 019BF91BA13CF5AFE9B7AC13374F09414989 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft Manifest number: 0ED4 Signing time: Mon 26 Jan 2026 07:01:36 +0000 Manifest this update: Mon 26 Jan 2026 07:01:36 +0000 Manifest next update: Tue 27 Jan 2026 07:01:36 +0000 Files and hashes: 1: Nh6TGiZWo0EOxhMqHLoTd_RYjgw.roa (hash: jvTmWCCcSLAGtI/9GquGJ7vRIPsivGfTGeyKsvphVGk=) 2: Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl (hash: VwnAebs0UygGWquykRPFPYDgFBRrJwYBT2uxbNWZ1tg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:1b:a1:3c:f5:af:e9:b7:ac:13:37:4f:09:41:49:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=670ec53068393d90db601ec295e42908525e10c2 Validity Not Before: Jan 26 07:01:36 2026 GMT Not After : Jan 27 07:01:36 2026 GMT Subject: CN=3b8613103d90c043c9832f3c637cac54b75c3620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a1:38:20:ba:c6:40:6e:15:67:e3:f0:e3:84: e2:a6:e5:3d:47:bc:d6:79:d0:4e:e3:9b:09:31:2f: 71:a8:a8:fe:0f:e0:e0:4b:04:bc:71:86:0c:61:ae: af:07:3a:c8:81:08:9c:86:c9:a3:54:df:10:db:34: 87:12:59:ae:75:e3:92:17:23:3b:21:27:a0:35:6d: fe:d8:d0:d5:e5:43:3a:57:f2:30:27:39:13:0d:f3: 12:81:3e:bc:53:7e:9c:e7:84:5d:99:cd:3e:c1:bb: 29:88:87:dd:c4:c7:13:0b:1d:be:0e:0d:e6:b2:c3: da:78:e6:d6:29:f3:fc:2f:bd:f1:b8:20:01:7f:13: 67:d2:f5:ca:ae:72:85:90:53:10:ae:88:eb:03:65: f2:81:0b:ea:93:ae:d4:d3:4d:d1:c2:a2:66:b2:ce: f0:ba:e8:03:a0:8d:56:29:d5:41:99:d5:17:bf:12: a8:44:44:41:39:4f:c6:52:44:55:8b:22:1b:a5:70: 44:ab:85:d0:37:fc:3b:cb:4f:5e:9c:f8:d8:20:4a: c0:7c:be:2f:6f:8c:96:96:b6:54:8d:84:d4:6d:d7: 51:29:d1:a3:e2:bf:d9:98:5f:b2:64:6d:59:22:98: db:ba:89:40:6d:f4:b4:45:3e:8b:50:26:d8:e0:44: b7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:86:13:10:3D:90:C0:43:C9:83:2F:3C:63:7C:AC:54:B7:5C:36:20 X509v3 Authority Key Identifier: keyid:67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:12:a4:67:ee:60:f1:c3:64:40:32:7b:b0:5d:b3:a9:5f:de: bc:42:86:8b:d0:cf:45:df:e6:a8:5e:1d:1e:d8:18:f2:09:53: 3b:87:1f:26:21:23:31:8c:a6:ee:29:a8:11:d8:8f:87:b1:3c: 39:df:63:19:ee:75:59:4c:5c:08:39:91:65:3a:e1:df:3f:b0: 14:92:f1:e2:ee:16:35:f8:65:fc:67:76:7c:89:65:7a:02:eb: db:89:18:e1:19:50:f6:eb:ac:c4:30:43:15:25:5c:a8:2f:6a: 47:a9:b1:07:f0:76:90:32:97:8b:96:ff:2f:e1:46:38:8f:60: d8:5a:02:02:a6:6b:d4:5e:b3:6a:47:79:82:2f:57:13:6f:02: a1:87:82:31:f2:cb:b5:05:30:e0:5c:93:12:d2:e8:5a:e7:bc: e4:90:d4:fb:b3:42:f4:fc:4f:99:bf:30:1a:ed:e4:c2:75:f4: 77:7e:9e:24:2f:d7:b9:4a:cd:ef:69:89:a8:61:f2:7a:91:c9: 8d:41:46:d0:8b:5d:bd:b6:64:3c:28:45:7c:b9:cc:0f:10:aa: 24:1b:d6:ad:26:c4:30:9a:6c:46:e8:0f:de:a8:b2:61:73:d7: 37:a5:67:55:cc:1c:d8:7b:58:75:05:ae:94:eb:8a:bb:62:de: d0:49:d2:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5G6E89a/pt6wTN08JQUmJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3MGVjNTMwNjgzOTNkOTBkYjYwMWVjMjk1ZTQyOTA4NTI1 ZTEwYzIwHhcNMjYwMTI2MDcwMTM2WhcNMjYwMTI3MDcwMTM2WjAzMTEwLwYDVQQD EygzYjg2MTMxMDNkOTBjMDQzYzk4MzJmM2M2MzdjYWM1NGI3NWMzNjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqE4ILrGQG4VZ+Pw44TipuU9R7zW edBO45sJMS9xqKj+D+DgSwS8cYYMYa6vBzrIgQichsmjVN8Q2zSHElmudeOSFyM7 ISegNW3+2NDV5UM6V/IwJzkTDfMSgT68U36c54Rdmc0+wbspiIfdxMcTCx2+Dg3m ssPaeObWKfP8L73xuCABfxNn0vXKrnKFkFMQrojrA2XygQvqk67U003RwqJmss7w uugDoI1WKdVBmdUXvxKoRERBOU/GUkRViyIbpXBEq4XQN/w7y09enPjYIErAfL4v b4yWlrZUjYTUbddRKdGj4r/ZmF+yZG1ZIpjbuolAbfS0RT6LUCbY4ES3bQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDuGExA9kMBDyYMvPGN8rFS3XDYgMB8GA1UdIwQY MBaAFGcOxTBoOT2Q22AewpXkKQhSXhDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEt NzNkMjE4YTQ5MDNlLzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEtNzNkMjE4YTQ5MDNl LzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJxKkZ+5g 8cNkQDJ7sF2zqV/evEKGi9DPRd/mqF4dHtgY8glTO4cfJiEjMYym7imoEdiPh7E8 Od9jGe51WUxcCDmRZTrh3z+wFJLx4u4WNfhl/Gd2fIllegLr24kY4RlQ9uusxDBD FSVcqC9qR6mxB/B2kDKXi5b/L+FGOI9g2FoCAqZr1F6zakd5gi9XE28CoYeCMfLL tQUw4FyTEtLoWue85JDU+7NC9PxPmb8wGu3kwnX0d36eJC/XuUrN72mJqGHyepHJ jUFG0ItdvbZkPChFfLnMDxCqJBvWrSbEMJpsRugP3qiyYXPXN6VnVcwc2HtYdQWu lOuKu2Le0EnSrQ== -----END CERTIFICATE-----Generated at Mon Jan 26 13:30:33 2026 by rpki-client