This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft File: 39D7xN6B7icnq6PpEK_NKlOmZAw.mft (raw, json) Hash identifier: qPGKqOrDU7+cw7IsAxvVAWRcCfn2McXSBKKo1S7xT7Q= Subject key identifier: A2:93:20:40:96:54:07:4D:7E:83:AB:7D:15:89:57:84:5F:35:51:6C Authority key identifier: DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C Certificate issuer: /CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c Certificate serial: 019C0255D5FE6679845C14CFB966C831B9FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft Manifest number: EE Signing time: Wed 28 Jan 2026 02:01:45 +0000 Manifest this update: Wed 28 Jan 2026 02:01:45 +0000 Manifest next update: Thu 29 Jan 2026 02:01:45 +0000 Files and hashes: 1: 39D7xN6B7icnq6PpEK_NKlOmZAw.crl (hash: 1nfzPDG6ysY6zHh/0mZdqZGYemMdrJn0y0rCuvEqHCQ=) 2: G1iJHYXZZbAs4A1MhgUftxUGaws.roa (hash: 7QifEDFoU7RkmJKkZqgcMn81wo0EKV/iY/tFPszpQk0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:02:55:d5:fe:66:79:84:5c:14:cf:b9:66:c8:31:b9:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c Validity Not Before: Jan 28 02:01:45 2026 GMT Not After : Jan 29 02:01:45 2026 GMT Subject: CN=a29320409654074d7e83ab7d158957845f35516c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4a:a0:b5:fd:de:bf:82:1b:2f:d1:f7:c8:8e: 51:ae:77:1c:29:6e:d2:8d:fe:4b:92:3a:40:41:d3: ae:00:73:95:28:f4:e7:00:99:e3:04:06:31:11:2c: 6c:00:2c:ad:51:8f:f7:cb:4b:73:57:b7:df:00:8b: 84:fa:75:55:ea:32:60:fd:12:bb:e7:03:c0:b4:a4: d6:eb:16:ec:08:1e:ea:2d:b7:94:37:5e:1e:c7:17: 02:7d:f3:b8:42:cd:71:f5:42:56:53:c4:2a:dd:af: 11:2e:86:6e:d9:7d:21:d3:61:cf:3e:07:8f:c9:97: af:2e:36:e8:aa:c7:c0:2d:6c:e0:26:7e:c9:7c:f6: 18:fc:d9:1f:f9:46:9c:c5:85:37:7d:ac:7f:bb:43: d7:5e:23:8c:e7:8a:53:34:68:f4:35:76:34:25:05: 3c:a6:f3:42:eb:0b:6b:81:65:73:e6:1f:32:a2:af: 66:e0:f8:6a:eb:9c:57:35:69:d1:a1:92:41:e8:88: 55:f7:46:27:30:3a:1d:85:7e:03:d1:5a:cd:6f:01: 1c:95:da:2f:05:1f:ca:b8:a1:ec:e9:8b:13:5f:0b: ea:8d:9a:59:84:4c:31:42:3e:66:b3:0e:9b:10:e8: 59:09:65:d4:47:93:12:e5:06:c5:47:79:5a:91:c9: 99:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:93:20:40:96:54:07:4D:7E:83:AB:7D:15:89:57:84:5F:35:51:6C X509v3 Authority Key Identifier: keyid:DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:3b:5c:7d:a8:21:2a:07:78:6e:ef:c0:7a:f2:e7:4a:63:9f: a3:b2:f4:0a:c5:ba:88:3c:6a:40:99:d9:f9:37:21:53:f9:96: 22:46:92:6f:84:e4:81:90:46:b6:e9:e1:8d:0c:95:c3:87:48: 7a:62:e0:c7:5b:5c:0a:88:6f:c9:8d:9a:11:04:23:3e:25:b5: 04:9a:15:92:86:77:d3:f5:d6:b5:64:06:48:3c:4b:b0:5a:8e: 84:2f:f0:98:bc:f3:29:f1:6e:d2:3c:8d:66:86:a9:27:03:26: b6:5f:b3:59:ef:3e:f2:74:bc:99:6a:49:f9:81:b7:73:7e:a6: 22:27:fc:33:76:09:23:72:e8:f6:95:5f:4b:f0:1e:0d:a0:45: c4:55:57:e2:f3:27:6f:67:35:49:68:3c:3f:12:87:1e:b4:86: 41:06:ed:be:89:80:e7:d7:ac:cd:28:85:4a:26:71:81:69:96: cf:ce:68:93:59:98:40:cd:b1:bf:cf:b7:c7:03:27:16:24:7c: 79:fc:ef:9f:8a:22:ce:9c:20:d3:32:7f:9e:59:2e:10:55:d9: 21:37:66:b8:c5:9a:ad:07:c4:20:c3:92:bc:62:b1:6b:48:65: 05:0d:2d:c8:4e:cb:21:5e:11:28:ed:e0:d0:3d:fa:f4:e4:59: f1:56:ab:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwCVdX+ZnmEXBTPuWbIMbn9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZDBmYmM0ZGU4MWVlMjcyN2FiYTNlOTEwYWZjZDJhNTNh NjY0MGMwHhcNMjYwMTI4MDIwMTQ1WhcNMjYwMTI5MDIwMTQ1WjAzMTEwLwYDVQQD EyhhMjkzMjA0MDk2NTQwNzRkN2U4M2FiN2QxNTg5NTc4NDVmMzU1MTZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0qgtf3ev4IbL9H3yI5RrnccKW7S jf5LkjpAQdOuAHOVKPTnAJnjBAYxESxsACytUY/3y0tzV7ffAIuE+nVV6jJg/RK7 5wPAtKTW6xbsCB7qLbeUN14exxcCffO4Qs1x9UJWU8Qq3a8RLoZu2X0h02HPPgeP yZevLjboqsfALWzgJn7JfPYY/Nkf+UacxYU3fax/u0PXXiOM54pTNGj0NXY0JQU8 pvNC6wtrgWVz5h8yoq9m4Phq65xXNWnRoZJB6IhV90YnMDodhX4D0VrNbwEcldov BR/KuKHs6YsTXwvqjZpZhEwxQj5msw6bEOhZCWXUR5MS5QbFR3lakcmZdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKKTIECWVAdNfoOrfRWJV4RfNVFsMB8GA1UdIwQY MBaAFN/Q+8Tege4nJ6uj6RCvzSpTpmQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAt ZWRiMDQxOGNhYzRkLzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAtZWRiMDQxOGNhYzRk LzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDtcfagh Kgd4bu/AevLnSmOfo7L0CsW6iDxqQJnZ+TchU/mWIkaSb4TkgZBGtunhjQyVw4dI emLgx1tcCohvyY2aEQQjPiW1BJoVkoZ30/XWtWQGSDxLsFqOhC/wmLzzKfFu0jyN ZoapJwMmtl+zWe8+8nS8mWpJ+YG3c36mIif8M3YJI3Lo9pVfS/AeDaBFxFVX4vMn b2c1SWg8PxKHHrSGQQbtvomA59eszSiFSiZxgWmWz85ok1mYQM2xv8+3xwMnFiR8 efzvn4oizpwg0zJ/nlkuEFXZITdmuMWarQfEIMOSvGKxa0hlBQ0tyE7LIV4RKO3g 0D369ORZ8VarAg== -----END CERTIFICATE-----Generated at Wed Jan 28 06:25:30 2026 by rpki-client