This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
File: 8HH00RnQt0-2bjen74eNRJ1U3cg.mft (raw, json)
Hash identifier: dpogDRF9xfMWgEuWHifu+Oh0VrXsU0vUUVkMuNwTf30=
Subject key identifier: 22:EC:FA:FD:AA:34:7D:25:DC:E3:06:E8:3D:DD:EC:C7:58:0D:9E:82
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial: 019BFB77A982C5561D0F80C679694E2250F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
Manifest number: 17ED
Signing time: Mon 26 Jan 2026 18:01:21 +0000
Manifest this update: Mon 26 Jan 2026 18:01:21 +0000
Manifest next update: Tue 27 Jan 2026 18:01:21 +0000
Files and hashes: 1: 8HH00RnQt0-2bjen74eNRJ1U3cg.crl (hash: S27gYdXpAz7FzWCtPBZ+AN/HuTAjQxcBMae0iyEpaxg=)
2: ndNKivh3eGWkwwwoBkB-DTBLeAk.roa (hash: 1Ul5VkOu4uH6nlTFxGEpna5ymLuVxA+ZTlonloh+hpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 27 Jan 2026 18:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fb:77:a9:82:c5:56:1d:0f:80:c6:79:69:4e:22:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Validity
Not Before: Jan 26 18:01:21 2026 GMT
Not After : Jan 27 18:01:21 2026 GMT
Subject: CN=22ecfafdaa347d25dce306e83dddecc7580d9e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:ef:59:8d:38:04:3a:c9:89:29:dd:1e:88:
35:fc:76:73:0f:da:6c:17:2e:51:98:23:54:ad:7a:
7c:b3:46:92:80:a0:b5:f2:8f:0e:df:32:2a:e7:6e:
73:e2:15:e7:94:68:ad:2b:81:ce:d5:d5:ae:84:3b:
37:d4:7f:05:92:48:f2:80:83:90:5d:ef:4d:11:00:
b4:c7:53:f8:b6:6d:d9:8a:e8:62:a4:7a:d2:00:4a:
af:76:93:e5:92:22:3c:67:b7:a5:a5:7b:e8:72:e1:
44:0c:e2:ff:bd:06:54:d9:51:a7:a5:dd:64:15:3c:
37:e5:0d:f0:9b:66:7f:db:58:c0:48:9b:a8:b8:bd:
0f:ae:97:05:6e:97:a6:4b:2d:b4:c0:6a:f9:5e:fa:
7d:6d:27:19:f2:38:93:0b:41:e2:63:0b:f2:d2:9c:
34:7f:bc:bb:fd:f0:b5:7b:5f:71:50:f8:01:0b:c5:
e5:7d:61:ae:34:02:54:3b:d7:8d:89:71:6e:71:78:
b0:71:66:3a:ba:a6:c0:b6:88:9f:14:19:9e:6c:0e:
dd:7b:30:6b:4b:a7:ab:f0:34:78:43:cb:6d:40:79:
df:58:a1:95:5e:fb:d3:18:a1:c7:c2:d3:18:11:f9:
d7:cb:44:a8:2a:3e:32:7c:96:58:57:3e:03:8c:2a:
82:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EC:FA:FD:AA:34:7D:25:DC:E3:06:E8:3D:DD:EC:C7:58:0D:9E:82
X509v3 Authority Key Identifier:
keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:df:6e:6c:f8:fc:de:6e:94:ae:92:11:f1:c6:09:c6:93:6c:
29:af:75:0e:17:6d:1e:1f:a6:2d:3d:50:52:8d:fa:b9:13:98:
11:b0:5e:75:9c:18:b3:e4:4d:41:ee:b6:dd:8c:c4:f5:93:65:
fe:e1:ef:9a:ff:08:72:70:07:fd:d1:14:7d:8c:4b:2e:05:34:
d5:b2:f9:6e:f1:61:eb:e5:d9:38:a3:3e:5d:58:32:a3:10:80:
2b:32:47:9a:7c:66:c9:99:74:30:59:2c:39:51:20:70:91:a8:
8f:94:4e:da:b6:f9:a7:80:df:89:35:12:3a:31:66:62:a9:7d:
5b:71:97:23:19:aa:00:c0:32:85:9a:da:a7:5d:37:5a:8b:ea:
d8:ac:94:e0:db:59:e8:f1:9a:3b:84:5f:08:c8:32:4b:a1:2b:
70:93:f2:4a:9f:d4:30:05:85:a9:3f:ef:9b:f3:8c:75:f0:09:
20:2d:6e:50:cf:05:cb:ac:fb:e1:5d:8f:51:41:39:15:ca:6c:
3f:53:91:a1:90:02:77:13:b2:18:09:b5:ec:63:1c:6a:b4:59:
de:ab:9f:c2:fa:2d:38:c6:4b:e5:40:f1:6f:eb:22:96:fe:ca:
c0:82:e2:ca:9d:f6:b0:c9:37:39:5e:04:9b:8d:92:b3:9f:65:
a3:16:99:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv7d6mCxVYdD4DGeWlOIlD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjYwMTI2MTgwMTIxWhcNMjYwMTI3MTgwMTIxWjAzMTEwLwYDVQQD
EygyMmVjZmFmZGFhMzQ3ZDI1ZGNlMzA2ZTgzZGRkZWNjNzU4MGQ5ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnnvWY04BDrJiSndHog1/HZzD9ps
Fy5RmCNUrXp8s0aSgKC18o8O3zIq525z4hXnlGitK4HO1dWuhDs31H8FkkjygIOQ
Xe9NEQC0x1P4tm3ZiuhipHrSAEqvdpPlkiI8Z7elpXvocuFEDOL/vQZU2VGnpd1k
FTw35Q3wm2Z/21jASJuouL0PrpcFbpemSy20wGr5Xvp9bScZ8jiTC0HiYwvy0pw0
f7y7/fC1e19xUPgBC8XlfWGuNAJUO9eNiXFucXiwcWY6uqbAtoifFBmebA7dezBr
S6er8DR4Q8ttQHnfWKGVXvvTGKHHwtMYEfnXy0SoKj4yfJZYVz4DjCqCowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLs+v2qNH0l3OMG6D3d7MdYDZ6CMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGt9ubPj8
3m6UrpIR8cYJxpNsKa91DhdtHh+mLT1QUo36uROYEbBedZwYs+RNQe623YzE9ZNl
/uHvmv8IcnAH/dEUfYxLLgU01bL5bvFh6+XZOKM+XVgyoxCAKzJHmnxmyZl0MFks
OVEgcJGoj5RO2rb5p4DfiTUSOjFmYql9W3GXIxmqAMAyhZrap103Wovq2KyU4NtZ
6PGaO4RfCMgyS6ErcJPySp/UMAWFqT/vm/OMdfAJIC1uUM8Fy6z74V2PUUE5Fcps
P1ORoZACdxOyGAm17GMcarRZ3qufwvotOMZL5UDxb+silv7KwILiyp32sMk3OV4E
m42Ss59loxaZ0g==
-----END CERTIFICATE-----
Generated at Tue Jan 27 03:55:57 2026 by rpki-client