This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft File: ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft (raw, json) Hash identifier: YDMbXAwLXkzBSg7kSK5nVQGvyVHYsNBRguhx9680rCY= Subject key identifier: 29:B6:62:45:DA:FC:33:40:3C:7D:A8:47:35:9E:0D:F8:88:07:DA:60 Authority key identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB Certificate issuer: /CN=6431e960cd061039b3b27fd25d4160771c498bab Certificate serial: 019BFA9B5ADD4E6FDA22B89C48D35AE3CBC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft Manifest number: 143E Signing time: Mon 26 Jan 2026 14:00:43 +0000 Manifest this update: Mon 26 Jan 2026 14:00:43 +0000 Manifest next update: Tue 27 Jan 2026 14:00:43 +0000 Files and hashes: 1: XTmvlmaqkM6whHSwQf7BQPGiplA.roa (hash: Nf/8r39zOVnhoPLQElZaNoaDoUFyf9MQSIS344w93fg=) 2: ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl (hash: zbvYSwpF+VSPFuIdek1RD+nQDaYLUXKlDB+MPoYjiO4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:9b:5a:dd:4e:6f:da:22:b8:9c:48:d3:5a:e3:cb:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6431e960cd061039b3b27fd25d4160771c498bab Validity Not Before: Jan 26 14:00:43 2026 GMT Not After : Jan 27 14:00:43 2026 GMT Subject: CN=29b66245dafc33403c7da847359e0df88807da60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:79:c0:b5:be:da:04:a4:d9:99:c7:62:dd:74: 60:86:e6:d1:ff:b0:c8:45:d7:74:74:16:17:65:35: e2:d0:e3:2d:0c:30:b7:b3:7a:49:d4:53:bb:9a:bd: 5a:48:44:ec:79:6a:55:cf:66:67:c9:55:9d:c5:20: 7a:3b:b4:5a:fa:99:38:e9:23:16:75:e6:e2:b1:eb: e5:dc:15:3b:dd:18:85:23:90:f7:db:81:3a:32:3a: 02:6a:e7:96:9d:23:12:75:f0:df:a9:ce:96:39:92: ed:90:f6:3b:8e:1e:2b:b7:49:a7:fb:12:53:21:70: 89:4e:13:fc:b1:17:f7:79:f6:0a:7d:b5:61:53:31: a6:3d:2d:68:9d:ab:5f:c2:27:0c:6a:54:d3:25:ea: 5a:1b:31:91:27:20:9a:2e:4c:95:7d:af:29:31:75: 12:a0:14:65:33:98:e8:e8:e6:41:19:91:40:2a:4e: b5:c6:57:ed:6c:ba:6a:e9:33:e6:6d:b3:95:c0:56: d9:bc:f2:fa:1d:8e:bf:6e:df:3e:c7:1e:ba:ba:90: 67:2b:f3:25:5c:c6:84:6a:dc:06:cf:01:f5:4b:cc: f6:fd:3f:eb:1f:5d:49:7b:8b:b8:dc:f8:2d:35:22: c0:ea:1d:90:fe:13:34:89:ac:52:eb:a2:34:d8:ee: 00:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B6:62:45:DA:FC:33:40:3C:7D:A8:47:35:9E:0D:F8:88:07:DA:60 X509v3 Authority Key Identifier: keyid:64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:da:02:89:94:e8:aa:1c:2b:2c:32:8d:00:7e:e3:d8:41:d9: 12:5f:f6:45:63:95:b0:dc:3e:62:5a:98:bc:d0:21:cb:b6:d0: 14:a3:61:7c:39:ed:ee:62:0f:6f:56:73:30:a4:2c:2c:fa:15: 16:a2:64:97:b9:21:66:f8:11:e6:93:0c:81:13:12:68:ae:49: 30:48:47:e8:71:5c:e7:68:7a:44:15:2d:4e:a8:10:8f:74:59: 29:c2:fe:c1:f7:bb:c6:f5:5e:59:96:02:72:a7:dd:34:19:19: cf:19:79:3e:70:20:d4:8f:a8:35:77:3d:08:47:57:5d:cf:cf: 78:62:b4:2f:a2:84:0c:f7:77:b2:58:f1:41:30:ea:db:28:04: a4:a3:5e:7a:86:31:4f:26:7c:d6:63:72:ea:43:83:4a:79:e3: e9:65:8b:9c:c0:c6:45:d5:fc:f2:3a:b2:24:2c:91:0f:82:84: fb:2a:c1:75:82:13:9d:57:01:56:54:d3:d2:fc:6a:7a:14:96: d6:4d:12:32:c0:fa:03:62:e0:c8:90:77:b5:76:c8:dc:bd:0b: 81:18:04:41:3d:6b:62:9c:aa:c1:de:6e:0f:f6:1f:37:26:49: c9:31:42:be:f5:06:7e:67:a9:c6:f1:24:68:76:75:77:81:0c: 4e:f6:56:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6m1rdTm/aIricSNNa48vIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MzFlOTYwY2QwNjEwMzliM2IyN2ZkMjVkNDE2MDc3MWM0 OThiYWIwHhcNMjYwMTI2MTQwMDQzWhcNMjYwMTI3MTQwMDQzWjAzMTEwLwYDVQQD EygyOWI2NjI0NWRhZmMzMzQwM2M3ZGE4NDczNTllMGRmODg4MDdkYTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3nAtb7aBKTZmcdi3XRghubR/7DI Rdd0dBYXZTXi0OMtDDC3s3pJ1FO7mr1aSETseWpVz2ZnyVWdxSB6O7Ra+pk46SMW debisevl3BU73RiFI5D324E6MjoCaueWnSMSdfDfqc6WOZLtkPY7jh4rt0mn+xJT IXCJThP8sRf3efYKfbVhUzGmPS1onatfwicMalTTJepaGzGRJyCaLkyVfa8pMXUS oBRlM5jo6OZBGZFAKk61xlftbLpq6TPmbbOVwFbZvPL6HY6/bt8+xx66upBnK/Ml XMaEatwGzwH1S8z2/T/rH11Je4u43PgtNSLA6h2Q/hM0iaxS66I02O4AfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCm2YkXa/DNAPH2oRzWeDfiIB9pgMB8GA1UdIwQY MBaAFGQx6WDNBhA5s7J/0l1BYHccSYurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTct ZTlkYWY3OWViNzVlLzEvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTctZTlkYWY3OWViNzVl LzEvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNoCiZTo qhwrLDKNAH7j2EHZEl/2RWOVsNw+YlqYvNAhy7bQFKNhfDnt7mIPb1ZzMKQsLPoV FqJkl7khZvgR5pMMgRMSaK5JMEhH6HFc52h6RBUtTqgQj3RZKcL+wfe7xvVeWZYC cqfdNBkZzxl5PnAg1I+oNXc9CEdXXc/PeGK0L6KEDPd3sljxQTDq2ygEpKNeeoYx TyZ81mNy6kODSnnj6WWLnMDGRdX88jqyJCyRD4KE+yrBdYITnVcBVlTT0vxqehSW 1k0SMsD6A2LgyJB3tXbI3L0LgRgEQT1rYpyqwd5uD/YfNyZJyTFCvvUGfmepxvEk aHZ1d4EMTvZWLw== -----END CERTIFICATE-----Generated at Mon Jan 26 20:29:38 2026 by rpki-client