This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft File: 3KLzDk5paSsbT-zrrpH9VgS97JM.mft (raw, json) Hash identifier: Z17udeygVYN9Pmp8LArXOwLZU+XDupm5/zY/o4gjjsA= Subject key identifier: 3B:82:94:6E:6F:57:33:B6:CE:DC:AD:79:A5:49:D1:55:25:FB:72:68 Authority key identifier: DC:A2:F3:0E:4E:69:69:2B:1B:4F:EC:EB:AE:91:FD:56:04:BD:EC:93 Certificate issuer: /CN=dca2f30e4e69692b1b4fecebae91fd5604bdec93 Certificate serial: 019BFF1D6926C8C136C36B42E77F44B5D2F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft Manifest number: 07A6 Signing time: Tue 27 Jan 2026 11:01:16 +0000 Manifest this update: Tue 27 Jan 2026 11:01:16 +0000 Manifest next update: Wed 28 Jan 2026 11:01:16 +0000 Files and hashes: 1: 3KLzDk5paSsbT-zrrpH9VgS97JM.crl (hash: yBV+x1j14XDNI/0c1zV6RxcsAo5GVgSV8tdGOZLZbQ4=) 2: xSDhChXyrgpPczPrq9N_lmr5FEw.roa (hash: f8x2Ffld+Joqpjyz5VMQ9d3wfsE4pU4+FNaMK65q5CE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.crl rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ff:1d:69:26:c8:c1:36:c3:6b:42:e7:7f:44:b5:d2:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dca2f30e4e69692b1b4fecebae91fd5604bdec93 Validity Not Before: Jan 27 11:01:16 2026 GMT Not After : Jan 28 11:01:16 2026 GMT Subject: CN=3b82946e6f5733b6cedcad79a549d15525fb7268 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:ad:01:72:58:5d:6a:fd:8e:1c:7d:4b:55:e3: e4:da:dd:2c:3f:c9:e7:5f:98:04:20:0d:45:99:74: fa:c8:a3:94:43:3c:56:75:f9:65:f8:d3:6b:1a:69: d0:81:28:b3:6c:bb:5c:f0:00:27:45:87:53:ec:09: 19:39:6a:6c:1c:e7:e4:30:06:21:17:85:c8:e1:10: 4f:15:a2:88:09:db:78:cb:12:d2:7d:ac:9d:57:9c: c1:0e:90:6d:71:84:69:74:c3:42:62:02:1e:3d:7c: 93:55:d1:b1:e1:cf:01:8e:b7:c8:a8:0a:64:2b:59: ca:df:9c:16:54:b6:9b:c2:81:b2:16:16:f2:ee:0f: c1:57:4c:52:ff:42:84:17:3e:10:92:39:7c:27:c2: 86:1d:5f:10:e4:76:8a:b6:27:e1:31:5a:7e:86:9e: 8f:91:c9:30:90:cf:29:95:c5:f4:4d:45:f6:cc:13: 31:1b:5c:d9:be:96:08:6f:c8:22:07:5f:fd:2c:84: f7:e2:12:4e:f8:78:27:47:f3:53:60:f2:35:66:c5: 78:26:cb:7d:1b:18:7e:54:c6:ef:8e:29:1b:6a:60: ae:4e:41:a1:5d:a2:aa:86:65:50:37:c3:a8:8a:6c: 8a:30:c4:01:e9:1f:03:d0:72:d1:af:c7:07:d1:b4: bb:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:82:94:6E:6F:57:33:B6:CE:DC:AD:79:A5:49:D1:55:25:FB:72:68 X509v3 Authority Key Identifier: keyid:DC:A2:F3:0E:4E:69:69:2B:1B:4F:EC:EB:AE:91:FD:56:04:BD:EC:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:c9:79:27:9d:ae:f2:b5:8a:64:4c:1d:32:4b:0e:de:94:fe: 39:16:4b:96:5d:59:ac:5d:8c:af:a7:4e:bc:50:e9:73:e9:a6: 45:40:9a:6f:5b:2a:6c:2a:10:a4:47:55:39:80:24:da:31:88: 81:f5:77:5d:b5:94:dc:c0:60:bd:2f:09:c3:5d:e2:9e:a4:71: b6:9d:23:dd:84:d5:d7:39:e4:0c:9c:d1:17:11:43:f3:b5:0b: a6:f0:4b:ab:44:d4:29:b3:0c:76:ee:9f:a8:8c:12:0e:6c:22: 58:9a:79:dc:e7:55:6d:cb:b5:f5:50:3a:d1:e7:d9:71:1e:bc: 1c:4b:5f:ec:9e:73:f1:d2:c4:aa:c3:fc:bb:79:38:d8:1d:a9: bd:b8:e2:f0:9b:3c:db:9c:8f:d8:f9:7f:68:f5:3f:70:9d:d0: 07:b1:4b:ea:d0:43:4f:62:9c:cb:8a:8f:e5:1b:45:c7:72:69: 28:56:db:b5:95:40:8a:16:9c:da:3e:93:db:79:43:20:d2:94: 23:9f:66:ca:e9:f4:48:df:4f:05:f2:ad:1b:c9:6f:4a:3b:16: 61:69:2e:26:d6:19:54:13:d6:9b:79:57:07:77:18:df:31:7b: 9d:76:78:23:c7:83:80:79:3b:b8:28:4c:89:aa:ef:08:05:48: 9a:ef:86:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv/HWkmyME2w2tC539EtdLzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjYTJmMzBlNGU2OTY5MmIxYjRmZWNlYmFlOTFmZDU2MDRi ZGVjOTMwHhcNMjYwMTI3MTEwMTE2WhcNMjYwMTI4MTEwMTE2WjAzMTEwLwYDVQQD EygzYjgyOTQ2ZTZmNTczM2I2Y2VkY2FkNzlhNTQ5ZDE1NTI1ZmI3MjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9a0Bclhdav2OHH1LVePk2t0sP8nn X5gEIA1FmXT6yKOUQzxWdfll+NNrGmnQgSizbLtc8AAnRYdT7AkZOWpsHOfkMAYh F4XI4RBPFaKICdt4yxLSfaydV5zBDpBtcYRpdMNCYgIePXyTVdGx4c8BjrfIqApk K1nK35wWVLabwoGyFhby7g/BV0xS/0KEFz4Qkjl8J8KGHV8Q5HaKtifhMVp+hp6P kckwkM8plcX0TUX2zBMxG1zZvpYIb8giB1/9LIT34hJO+HgnR/NTYPI1ZsV4Jst9 Gxh+VMbvjikbamCuTkGhXaKqhmVQN8OoimyKMMQB6R8D0HLRr8cH0bS7NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDuClG5vVzO2ztyteaVJ0VUl+3JoMB8GA1UdIwQY MBaAFNyi8w5OaWkrG0/s666R/VYEveyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8wMzY1NDktNDVkMC00NTY1LTgyOGYt ZWIzZTc4NWQ5MDk3LzEvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8wMzY1NDktNDVkMC00NTY1LTgyOGYtZWIzZTc4NWQ5MDk3 LzEvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMMl5J52u 8rWKZEwdMksO3pT+ORZLll1ZrF2Mr6dOvFDpc+mmRUCab1sqbCoQpEdVOYAk2jGI gfV3XbWU3MBgvS8Jw13inqRxtp0j3YTV1znkDJzRFxFD87ULpvBLq0TUKbMMdu6f qIwSDmwiWJp53OdVbcu19VA60efZcR68HEtf7J5z8dLEqsP8u3k42B2pvbji8Js8 25yP2Pl/aPU/cJ3QB7FL6tBDT2Kcy4qP5RtFx3JpKFbbtZVAihac2j6T23lDINKU I59myun0SN9PBfKtG8lvSjsWYWkuJtYZVBPWm3lXB3cY3zF7nXZ4I8eDgHk7uChM iarvCAVImu+GCg== -----END CERTIFICATE-----Generated at Tue Jan 27 12:49:28 2026 by rpki-client