This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.mft File: he1PzEWWTU6nL8RJLE15VxMyEMM.mft (raw, json) Hash identifier: WHcGYeWwyaGsrcPGHz1dJpnM8Yawoi84VmoVIGYiNuQ= Subject key identifier: 36:A7:03:E0:F2:CC:FE:D0:A9:32:AF:06:D0:F8:58:19:8C:63:6A:1F Authority key identifier: 85:ED:4F:CC:45:96:4D:4E:A7:2F:C4:49:2C:4D:79:57:13:32:10:C3 Certificate issuer: /CN=85ed4fcc45964d4ea72fc4492c4d7957133210c3 Certificate serial: 019C1EDFACD2C978954D3F4F216BCF4BC757 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/he1PzEWWTU6nL8RJLE15VxMyEMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.mft Manifest number: 17FD Signing time: Mon 02 Feb 2026 15:01:41 +0000 Manifest this update: Mon 02 Feb 2026 15:01:41 +0000 Manifest next update: Tue 03 Feb 2026 15:01:41 +0000 Files and hashes: 1: HmUomsPgXy_ichPpqzKABnF-f1Q.roa (hash: Bx6E3+408hVB6DPUkC1/WmqYHNWX0Umjmfc5LiZnxMs=) 2: he1PzEWWTU6nL8RJLE15VxMyEMM.crl (hash: +NOMlOmgPa1IqDeQBsfFyoMp8fgge5Qy3KtsR10D3Ss=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.crl rsync://rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.mft rsync://rpki.ripe.net/repository/DEFAULT/he1PzEWWTU6nL8RJLE15VxMyEMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 15:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1e:df:ac:d2:c9:78:95:4d:3f:4f:21:6b:cf:4b:c7:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85ed4fcc45964d4ea72fc4492c4d7957133210c3 Validity Not Before: Feb 2 15:01:41 2026 GMT Not After : Feb 3 15:01:41 2026 GMT Subject: CN=36a703e0f2ccfed0a932af06d0f858198c636a1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c0:33:fa:f0:64:60:10:14:8e:f9:f5:59:e9: e7:65:04:a4:90:5d:72:64:5a:ba:ad:d6:e5:74:5b: 39:16:b3:15:73:6c:c2:39:ec:85:93:36:6a:eb:09: 7a:79:f7:a6:93:12:70:7e:18:92:2a:2b:ce:49:80: 95:85:79:1d:8a:37:97:d8:2f:ae:b9:d6:ee:ab:5e: 59:d1:9f:10:e1:20:fe:96:b9:d6:fd:95:dc:0b:c0: cd:b7:bc:de:df:f9:b0:91:ec:03:5d:cf:cb:5a:9b: cf:7c:3f:40:59:ed:e4:27:1f:77:aa:e1:6c:d7:f8: 1c:10:36:ee:b4:9c:95:17:c6:09:bc:17:37:00:d0: 72:07:fd:77:c5:19:6d:9d:54:69:2e:6c:63:10:cb: f1:ea:fb:03:d8:08:ba:52:67:7f:42:b2:4d:d7:56: f5:c0:0c:6f:99:c1:a2:54:ec:6b:fe:a0:2d:a9:60: 11:a8:a2:77:fb:52:cd:56:0a:1b:94:a2:98:ed:a4: 99:64:39:60:bf:56:1a:49:1d:88:8b:cd:93:d9:3c: ab:eb:59:b5:7f:ef:52:c8:a7:88:2d:2f:da:6f:95: dc:af:eb:4c:d2:35:7a:12:b6:15:d1:09:7d:9b:5c: 7d:81:4c:7f:00:1a:93:ad:25:8e:f8:58:e5:cb:a4: dc:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:A7:03:E0:F2:CC:FE:D0:A9:32:AF:06:D0:F8:58:19:8C:63:6A:1F X509v3 Authority Key Identifier: keyid:85:ED:4F:CC:45:96:4D:4E:A7:2F:C4:49:2C:4D:79:57:13:32:10:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/he1PzEWWTU6nL8RJLE15VxMyEMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ca460e-6635-481b-b6e9-f85a7cb1d192/1/he1PzEWWTU6nL8RJLE15VxMyEMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:7c:10:9b:cf:25:d5:a0:30:47:a1:80:0d:23:17:34:83:a2: 74:ae:7c:f8:b2:2b:61:5b:80:2f:fa:69:0b:eb:4d:2c:4c:40: 36:a7:65:bc:9d:bf:39:5d:e2:7d:a2:af:62:de:88:5b:85:87: de:e3:31:92:78:bd:32:a3:24:42:f7:7b:9a:f6:b5:1a:99:3a: f0:fe:86:3b:f2:75:85:dd:82:59:44:4c:ef:27:b1:c9:72:27: 0a:f0:1c:24:a9:2e:f1:27:01:8d:9d:bd:35:4f:b3:26:cb:11: 93:86:2b:97:43:33:ec:7b:cb:26:03:2f:f3:a8:e1:13:fe:dd: 29:74:1c:d3:b6:48:f6:0c:b0:f6:15:5d:9d:01:5d:94:ef:12: 00:44:25:9e:09:2c:6e:8b:35:30:8f:2d:86:2a:00:5b:25:c7: 35:c1:82:5c:e3:54:56:5d:51:01:97:1f:c8:d7:e6:d4:91:dc: ef:90:77:0b:e1:2f:4b:1b:26:42:ce:57:60:79:94:a1:2e:5d: 8d:56:68:65:aa:35:7c:41:4e:ff:e6:9e:49:cc:aa:3c:de:f2: 20:36:4c:cc:67:c4:e5:75:3d:aa:a7:73:fc:31:39:f6:31:79: 75:c0:46:43:73:52:f6:39:3e:0c:5b:93:92:7d:86:6f:27:93: 59:6a:ca:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwe36zSyXiVTT9PIWvPS8dXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZWQ0ZmNjNDU5NjRkNGVhNzJmYzQ0OTJjNGQ3OTU3MTMz MjEwYzMwHhcNMjYwMjAyMTUwMTQxWhcNMjYwMjAzMTUwMTQxWjAzMTEwLwYDVQQD EygzNmE3MDNlMGYyY2NmZWQwYTkzMmFmMDZkMGY4NTgxOThjNjM2YTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMAz+vBkYBAUjvn1WennZQSkkF1y ZFq6rdbldFs5FrMVc2zCOeyFkzZq6wl6efemkxJwfhiSKivOSYCVhXkdijeX2C+u udbuq15Z0Z8Q4SD+lrnW/ZXcC8DNt7ze3/mwkewDXc/LWpvPfD9AWe3kJx93quFs 1/gcEDbutJyVF8YJvBc3ANByB/13xRltnVRpLmxjEMvx6vsD2Ai6Umd/QrJN11b1 wAxvmcGiVOxr/qAtqWARqKJ3+1LNVgoblKKY7aSZZDlgv1YaSR2Ii82T2Tyr61m1 f+9SyKeILS/ab5Xcr+tM0jV6ErYV0Ql9m1x9gUx/ABqTrSWO+Fjly6TcNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDanA+DyzP7QqTKvBtD4WBmMY2ofMB8GA1UdIwQY MBaAFIXtT8xFlk1Opy/ESSxNeVcTMhDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGUxUHpFV1dUVTZuTDhSSkxFMTVWeE15RU1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYTQ2MGUtNjYzNS00ODFiLWI2ZTkt Zjg1YTdjYjFkMTkyLzEvaGUxUHpFV1dUVTZuTDhSSkxFMTVWeE15RU1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC9jYTQ2MGUtNjYzNS00ODFiLWI2ZTktZjg1YTdjYjFkMTky LzEvaGUxUHpFV1dUVTZuTDhSSkxFMTVWeE15RU1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3wQm88l 1aAwR6GADSMXNIOidK58+LIrYVuAL/ppC+tNLExANqdlvJ2/OV3ifaKvYt6IW4WH 3uMxkni9MqMkQvd7mva1Gpk68P6GO/J1hd2CWURM7yexyXInCvAcJKku8ScBjZ29 NU+zJssRk4Yrl0Mz7HvLJgMv86jhE/7dKXQc07ZI9gyw9hVdnQFdlO8SAEQlngks bos1MI8thioAWyXHNcGCXONUVl1RAZcfyNfm1JHc75B3C+EvSxsmQs5XYHmUoS5d jVZoZao1fEFO/+aeScyqPN7yIDZMzGfE5XU9qqdz/DE59jF5dcBGQ3NS9jk+DFuT kn2GbyeTWWrK4w== -----END CERTIFICATE-----Generated at Mon Feb 2 20:55:26 2026 by rpki-client