This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft File: zahD6BKxbexgu3CYykEzEX24R00.mft (raw, json) Hash identifier: /bKIoQethnO1ww2491DHs7XVcYVnB9pJYfcYYirUQBg= Subject key identifier: 5A:6B:BE:9C:1A:7A:D1:4C:25:BA:E6:1F:08:E4:AC:4E:4D:1A:7B:3E Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d Certificate serial: 019BD6C6466D9E9635FE9EE74A045BD39110 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft Manifest number: 17D9 Signing time: Mon 19 Jan 2026 15:01:16 +0000 Manifest this update: Mon 19 Jan 2026 15:01:16 +0000 Manifest next update: Tue 20 Jan 2026 15:01:16 +0000 Files and hashes: 1: xAJAqKl5Srwo2ARzZhLG6xPoMEY.roa (hash: zXin4xfG6I9ng2fyOSNQGYSR3toHXgB+MkkZOtI6MnY=) 2: zahD6BKxbexgu3CYykEzEX24R00.crl (hash: jLOs3ua/QLAWuLiyr9wt0WhZ328uWnpCge+O1q8u4G0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d6:c6:46:6d:9e:96:35:fe:9e:e7:4a:04:5b:d3:91:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d Validity Not Before: Jan 19 15:01:16 2026 GMT Not After : Jan 20 15:01:16 2026 GMT Subject: CN=5a6bbe9c1a7ad14c25bae61f08e4ac4e4d1a7b3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:7d:24:5b:1a:f2:66:47:85:3a:21:14:4f:50: 93:bf:2e:a8:56:ce:86:4a:77:e2:bc:fd:7a:b9:bf: 8d:44:de:77:8d:4c:27:d7:4e:82:c7:26:ef:28:be: 95:b1:2f:11:0e:d7:ea:0c:f3:71:d2:1d:44:58:f0: ee:cb:00:18:72:0d:6e:4f:fd:cb:e3:78:b3:12:78: 52:81:b7:6c:0b:6e:75:d3:d2:45:a0:56:c9:1f:35: 73:6d:00:6a:24:34:57:33:2e:1d:6a:3f:8a:53:eb: e7:33:f0:55:c7:1d:f8:df:88:6c:8a:92:4f:4c:66: fa:20:40:8e:0b:f5:8d:66:a2:51:e9:d8:98:1e:76: ab:da:5b:cc:dd:12:d5:99:9c:db:1b:40:db:a2:f0: 97:db:d5:49:de:f0:32:2a:2f:4e:4f:bf:2c:70:72: 29:24:44:ab:0a:6d:cd:99:23:1c:2b:ad:79:75:21: 32:b2:87:c7:e9:31:b6:3a:35:87:e8:6c:96:7f:b0: cd:98:2e:6a:69:51:32:5c:83:ab:92:f8:5a:a5:4f: 6c:f4:a5:0d:04:5e:78:cd:a8:5d:9c:ed:09:6e:2a: fa:f5:fe:f0:3f:61:33:53:fb:5c:35:c3:46:c8:a7: 16:f4:1a:19:03:81:6b:4c:a2:6f:51:0b:60:dc:d0: 4d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:6B:BE:9C:1A:7A:D1:4C:25:BA:E6:1F:08:E4:AC:4E:4D:1A:7B:3E X509v3 Authority Key Identifier: keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:f8:d6:44:fd:85:2a:23:bd:f7:f4:0b:c8:cd:74:24:b1:a7: 77:aa:65:0e:ca:9a:bb:69:a9:d3:df:c3:e5:1a:62:7c:1a:65: b0:02:4e:b6:4c:46:61:ef:18:28:4d:fa:a2:db:c6:74:81:5d: bc:0c:83:85:3f:81:64:d1:a8:00:08:47:2b:02:77:49:6e:7f: 1b:17:65:15:cb:6b:57:06:c6:0f:eb:b2:13:08:d4:16:51:08: 1b:64:cf:c0:e7:26:21:a5:6f:41:87:91:fe:f7:54:b9:7d:3a: 63:5a:15:d0:1f:5c:2b:14:e8:ae:2d:e0:73:9b:31:e8:ca:3d: e2:4b:9b:a7:1c:08:67:5b:1e:7b:d0:ae:42:18:a2:db:47:6d: 28:fc:f1:8b:81:3e:15:94:d7:e2:79:7d:b6:d8:7a:b5:c4:3a: d4:bc:ee:0b:1b:0e:8c:ec:a0:8e:ca:5f:5d:6e:bf:62:e2:61: 33:35:81:20:9a:87:97:6d:6e:59:97:ab:fa:fc:64:ad:67:fe: 4d:14:64:b1:35:06:6d:2d:05:f2:67:43:6f:c5:ee:69:a8:a1: b8:f9:1b:a3:8d:e0:7b:d2:a4:20:e1:0b:a3:b0:c2:31:9a:e0: 5b:21:74:37:d8:0e:ee:6c:70:b5:99:28:1c:37:fc:16:ac:03: c3:f6:e6:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvWxkZtnpY1/p7nSgRb05EQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri ODQ3NGQwHhcNMjYwMTE5MTUwMTE2WhcNMjYwMTIwMTUwMTE2WjAzMTEwLwYDVQQD Eyg1YTZiYmU5YzFhN2FkMTRjMjViYWU2MWYwOGU0YWM0ZTRkMWE3YjNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4X0kWxryZkeFOiEUT1CTvy6oVs6G SnfivP16ub+NRN53jUwn106CxybvKL6VsS8RDtfqDPNx0h1EWPDuywAYcg1uT/3L 43izEnhSgbdsC25109JFoFbJHzVzbQBqJDRXMy4daj+KU+vnM/BVxx3434hsipJP TGb6IECOC/WNZqJR6diYHnar2lvM3RLVmZzbG0DbovCX29VJ3vAyKi9OT78scHIp JESrCm3NmSMcK615dSEysofH6TG2OjWH6GyWf7DNmC5qaVEyXIOrkvhapU9s9KUN BF54zahdnO0Jbir69f7wP2EzU/tcNcNGyKcW9BoZA4FrTKJvUQtg3NBNPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFprvpwaetFMJbrmHwjkrE5NGns+MB8GA1UdIwQY MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt ODQyMWQ3ODFiMDNiLzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvjWRP2F KiO99/QLyM10JLGnd6plDsqau2mp09/D5RpifBplsAJOtkxGYe8YKE36otvGdIFd vAyDhT+BZNGoAAhHKwJ3SW5/GxdlFctrVwbGD+uyEwjUFlEIG2TPwOcmIaVvQYeR /vdUuX06Y1oV0B9cKxTori3gc5sx6Mo94kubpxwIZ1see9CuQhii20dtKPzxi4E+ FZTX4nl9tth6tcQ61LzuCxsOjOygjspfXW6/YuJhMzWBIJqHl21uWZer+vxkrWf+ TRRksTUGbS0F8mdDb8XuaaihuPkbo43ge9KkIOELo7DCMZrgWyF0N9gO7mxwtZko HDf8FqwDw/bmzQ== -----END CERTIFICATE-----Generated at Mon Jan 19 20:03:10 2026 by rpki-client