This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.mft File: IwbLbMzQnnXtGfwG-1kkzyejmMM.mft (raw, json) Hash identifier: B3fFH0FnCf9+8ka9VOUjDYs1thwPrV13vw80eeJM4Rc= Subject key identifier: 7C:E2:DD:47:B2:94:04:0A:90:66:0D:5B:66:80:FF:3C:DB:C1:6D:16 Authority key identifier: 23:06:CB:6C:CC:D0:9E:75:ED:19:FC:06:FB:59:24:CF:27:A3:98:C3 Certificate issuer: /CN=2306cb6cccd09e75ed19fc06fb5924cf27a398c3 Certificate serial: 019BFC1C375356F47D44508F145BBF9E4C2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwbLbMzQnnXtGfwG-1kkzyejmMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.mft Manifest number: 0567 Signing time: Mon 26 Jan 2026 21:01:06 +0000 Manifest this update: Mon 26 Jan 2026 21:01:06 +0000 Manifest next update: Tue 27 Jan 2026 21:01:06 +0000 Files and hashes: 1: IwbLbMzQnnXtGfwG-1kkzyejmMM.crl (hash: wQjBoc2t1xNP1dMDzgGjhlcfpI/wDsNC4oOO95x10aA=) 2: _ZmWi_4A68mliCVRNTlWAPhsl0g.roa (hash: 2jnimjwEDqLE8neS9dfpFX+zSMTp/IcCZCBA5fy0w8g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.crl rsync://rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.mft rsync://rpki.ripe.net/repository/DEFAULT/IwbLbMzQnnXtGfwG-1kkzyejmMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:1c:37:53:56:f4:7d:44:50:8f:14:5b:bf:9e:4c:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2306cb6cccd09e75ed19fc06fb5924cf27a398c3 Validity Not Before: Jan 26 21:01:06 2026 GMT Not After : Jan 27 21:01:06 2026 GMT Subject: CN=7ce2dd47b294040a90660d5b6680ff3cdbc16d16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:3b:c1:22:b5:9e:21:23:6e:6a:e3:5b:64:08: 42:83:5c:33:f2:79:09:73:85:a5:86:7c:f5:1e:52: 2e:4f:64:98:13:2b:65:2d:84:90:a7:f0:c5:da:02: 7d:97:2a:ab:ec:16:3b:ba:16:57:77:96:79:0b:50: 97:8f:72:48:fd:95:f5:92:8e:50:f6:6f:72:c9:4a: 9f:b5:66:a1:b4:b2:09:04:61:d4:02:aa:8f:3b:91: fb:05:ba:77:0c:7c:28:00:34:b8:32:d7:5a:d3:9d: 6f:75:0c:a9:81:fb:9f:a6:b0:5d:e6:c2:bd:82:a4: b6:82:ec:da:54:56:f1:05:56:3d:e4:64:8d:83:84: df:4d:27:65:b2:f2:1d:2f:99:a7:96:dc:c6:83:1b: 72:4d:d1:08:5d:e0:ce:28:fb:fd:4d:81:97:58:85: be:bd:77:aa:f4:c9:45:bd:e1:5e:7d:8c:31:06:c2: 9b:42:2d:0b:d5:f0:0d:d7:3d:9d:3c:8c:ab:44:0f: 6f:6b:dc:ea:43:da:93:68:f2:80:e7:4d:fb:91:5b: 6b:9e:9f:a5:11:17:97:c5:0f:cf:91:ae:d6:5e:42: 30:a8:e3:e2:d7:e6:ff:15:4c:9c:e7:31:ec:81:32: 26:ee:ab:62:26:ee:9a:70:e2:74:2f:e8:99:75:31: d2:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:E2:DD:47:B2:94:04:0A:90:66:0D:5B:66:80:FF:3C:DB:C1:6D:16 X509v3 Authority Key Identifier: keyid:23:06:CB:6C:CC:D0:9E:75:ED:19:FC:06:FB:59:24:CF:27:A3:98:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwbLbMzQnnXtGfwG-1kkzyejmMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d9dd82-9bb9-484c-81cb-83bdcad02047/1/IwbLbMzQnnXtGfwG-1kkzyejmMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:55:a1:21:6f:e4:d1:01:17:b3:45:3e:d7:13:d9:a5:f8:d5: 63:dd:fb:90:e0:8c:d9:26:9a:77:9b:9b:d0:27:5e:a9:0f:a6: ba:2d:03:8c:47:85:e9:25:fc:90:6c:d6:a1:1e:7b:6a:99:81: 54:0f:43:26:63:15:66:08:43:15:8c:17:fd:a0:6f:c0:d1:ac: 30:b7:6d:7d:6c:2c:bb:71:78:03:9f:fd:d5:3c:50:8a:de:e2: 84:70:ec:10:69:46:4c:6a:83:e2:85:96:19:df:78:b4:2e:db: e6:25:c5:1e:c1:dc:e0:5d:ca:f7:f7:19:0a:76:a3:3c:f2:23: 4a:d7:1a:b1:79:79:1f:fb:0b:2a:07:86:81:f4:8a:20:c0:e9: a8:94:ca:15:30:e2:f3:34:80:84:4e:ba:9c:5d:69:e0:83:3d: 1d:27:da:76:38:51:fb:ab:99:44:88:70:a4:27:79:5f:0b:ed: 3d:b3:ee:2f:39:b3:64:99:34:6e:8a:b4:79:9d:73:9d:d7:47: 0a:9e:66:1a:95:2d:72:88:62:1a:d1:45:1c:8e:1d:f6:38:12: ce:c7:e2:5d:db:1a:8d:04:7c:0c:0c:8d:2f:c3:07:3d:2c:67: 6c:8c:38:fe:2f:7f:af:b1:2f:2d:4b:ab:a5:7c:0d:39:7e:35: 60:76:18:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8HDdTVvR9RFCPFFu/nkwqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMDZjYjZjY2NkMDllNzVlZDE5ZmMwNmZiNTkyNGNmMjdh Mzk4YzMwHhcNMjYwMTI2MjEwMTA2WhcNMjYwMTI3MjEwMTA2WjAzMTEwLwYDVQQD Eyg3Y2UyZGQ0N2IyOTQwNDBhOTA2NjBkNWI2NjgwZmYzY2RiYzE2ZDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DvBIrWeISNuauNbZAhCg1wz8nkJ c4Wlhnz1HlIuT2SYEytlLYSQp/DF2gJ9lyqr7BY7uhZXd5Z5C1CXj3JI/ZX1ko5Q 9m9yyUqftWahtLIJBGHUAqqPO5H7Bbp3DHwoADS4Mtda051vdQypgfufprBd5sK9 gqS2guzaVFbxBVY95GSNg4TfTSdlsvIdL5mnltzGgxtyTdEIXeDOKPv9TYGXWIW+ vXeq9MlFveFefYwxBsKbQi0L1fAN1z2dPIyrRA9va9zqQ9qTaPKA5037kVtrnp+l EReXxQ/Pka7WXkIwqOPi1+b/FUyc5zHsgTIm7qtiJu6acOJ0L+iZdTHSxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzi3UeylAQKkGYNW2aA/zzbwW0WMB8GA1UdIwQY MBaAFCMGy2zM0J517Rn8BvtZJM8no5jDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXdiTGJNelFublh0R2Z3Ry0xa2t6eWVqbU1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kOWRkODItOWJiOS00ODRjLTgxY2It ODNiZGNhZDAyMDQ3LzEvSXdiTGJNelFublh0R2Z3Ry0xa2t6eWVqbU1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC9kOWRkODItOWJiOS00ODRjLTgxY2ItODNiZGNhZDAyMDQ3 LzEvSXdiTGJNelFublh0R2Z3Ry0xa2t6eWVqbU1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPVWhIW/k 0QEXs0U+1xPZpfjVY937kOCM2Saad5ub0CdeqQ+mui0DjEeF6SX8kGzWoR57apmB VA9DJmMVZghDFYwX/aBvwNGsMLdtfWwsu3F4A5/91TxQit7ihHDsEGlGTGqD4oWW Gd94tC7b5iXFHsHc4F3K9/cZCnajPPIjStcasXl5H/sLKgeGgfSKIMDpqJTKFTDi 8zSAhE66nF1p4IM9HSfadjhR+6uZRIhwpCd5XwvtPbPuLzmzZJk0boq0eZ1znddH Cp5mGpUtcohiGtFFHI4d9jgSzsfiXdsajQR8DAyNL8MHPSxnbIw4/i9/r7EvLUur pXwNOX41YHYYEQ== -----END CERTIFICATE-----Generated at Tue Jan 27 01:18:55 2026 by rpki-client