This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft File: raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json) Hash identifier: LB1zio9MgzDfJU2EeO6WxCZB880O3IDau0ME4ea4Z7s= Subject key identifier: 85:2E:29:4C:63:DB:CA:F7:4B:27:49:5D:11:A6:E2:D3:5B:1F:97:C6 Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E Certificate issuer: /CN=ada6af87b43694dd39994c0e3214306875519f2e Certificate serial: 019BFBAE5EC4923C76DFE8D20337285AB3B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft Manifest number: 0D47 Signing time: Mon 26 Jan 2026 19:01:07 +0000 Manifest this update: Mon 26 Jan 2026 19:01:07 +0000 Manifest next update: Tue 27 Jan 2026 19:01:07 +0000 Files and hashes: 1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: 3a73dhZecUW2m208A81MsBUhaZ2nHpKgNYYBvyGR+oQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 19:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:ae:5e:c4:92:3c:76:df:e8:d2:03:37:28:5a:b3:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e Validity Not Before: Jan 26 19:01:07 2026 GMT Not After : Jan 27 19:01:07 2026 GMT Subject: CN=852e294c63dbcaf74b27495d11a6e2d35b1f97c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0e:02:a8:30:dc:85:d0:76:45:f9:34:cc:df: da:66:24:df:f0:82:0f:0d:51:f3:65:b1:89:80:e6: f5:95:32:a9:26:71:0f:9c:bc:32:13:93:fb:e7:46: 05:63:f7:b4:bf:09:a8:f1:37:2a:a5:63:ce:fb:e9: 7b:f5:de:61:4a:34:be:56:f3:7b:95:58:4d:6e:fd: b1:bb:67:b6:3f:96:94:d5:a4:8f:99:e1:67:28:c0: 37:ec:89:75:57:8e:ca:39:85:f0:fa:7c:2c:4c:8f: d0:c2:b9:f6:67:45:be:43:de:0a:e2:bb:80:3e:21: 57:f4:17:e1:32:81:5e:78:0e:14:e5:27:e5:9d:35: 18:79:a2:e1:88:cd:f6:9b:40:4e:84:fb:d8:6e:ad: 99:dd:e8:af:fd:98:88:a4:e0:1c:2c:5c:d0:f7:31: f4:da:f2:0f:c7:11:ac:d1:20:56:6e:8d:24:a9:1a: 37:e1:eb:ab:2e:a6:ac:aa:0a:66:75:bd:d3:4a:a9: 16:00:c7:54:d6:f7:af:a3:bd:01:de:37:26:b3:be: dd:9c:47:0b:27:7a:fa:67:12:37:04:43:83:c9:e7: 82:b3:42:f7:be:e2:5a:06:06:a5:24:ad:aa:6a:bb: 3f:d6:56:3c:b2:2c:cb:d8:60:d0:70:82:46:47:bd: 93:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2E:29:4C:63:DB:CA:F7:4B:27:49:5D:11:A6:E2:D3:5B:1F:97:C6 X509v3 Authority Key Identifier: keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:7a:b6:6b:dc:f0:ed:de:6e:da:82:63:66:92:0f:9f:a0:61: eb:df:1f:cd:cf:21:50:42:44:b0:01:84:f7:ef:75:d1:fd:e2: 7b:cc:b5:16:a3:cc:89:b0:33:0d:dc:aa:4a:90:58:2c:ed:f2: ec:d3:4f:5a:37:ad:33:40:f3:87:1f:94:d7:5b:45:b5:3c:96: c8:c3:37:d7:7b:2c:17:e3:6a:7a:00:14:fa:51:22:6f:78:27: d9:c6:cd:64:01:25:2b:be:04:95:bb:d5:b0:94:8c:24:b5:c3: f2:b1:80:7c:df:e0:fb:51:a4:06:27:cc:8a:af:50:24:51:45: ea:32:85:d6:66:c9:d5:d4:d9:ad:50:57:d4:a6:da:22:86:14: 91:b5:0c:66:e8:c2:e7:46:0f:78:ec:38:84:3a:de:29:f8:3a: 2e:45:3b:df:66:b4:57:8d:fb:a8:35:bf:ee:ea:5f:e8:aa:18: 79:71:7e:5b:c5:02:2f:88:5f:c5:a6:4e:af:f2:cb:3c:6d:dc: 62:1e:39:66:10:f6:4b:81:5c:00:73:dd:4d:e3:5b:ea:2b:e7: 7e:9e:86:bb:f9:13:b2:e8:f6:1c:11:6a:df:3c:be:e1:c4:16: 1c:74:ff:00:30:0d:86:d1:46:a0:6f:bf:38:36:d2:00:52:09: 76:49:b6:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7rl7Ekjx23+jSAzcoWrO1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1 MTlmMmUwHhcNMjYwMTI2MTkwMTA3WhcNMjYwMTI3MTkwMTA3WjAzMTEwLwYDVQQD Eyg4NTJlMjk0YzYzZGJjYWY3NGIyNzQ5NWQxMWE2ZTJkMzViMWY5N2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA4CqDDchdB2Rfk0zN/aZiTf8IIP DVHzZbGJgOb1lTKpJnEPnLwyE5P750YFY/e0vwmo8TcqpWPO++l79d5hSjS+VvN7 lVhNbv2xu2e2P5aU1aSPmeFnKMA37Il1V47KOYXw+nwsTI/Qwrn2Z0W+Q94K4ruA PiFX9BfhMoFeeA4U5SflnTUYeaLhiM32m0BOhPvYbq2Z3eiv/ZiIpOAcLFzQ9zH0 2vIPxxGs0SBWbo0kqRo34eurLqasqgpmdb3TSqkWAMdU1vevo70B3jcms77dnEcL J3r6ZxI3BEODyeeCs0L3vuJaBgalJK2qars/1lY8sizL2GDQcIJGR72TXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIUuKUxj28r3SydJXRGm4tNbH5fGMB8GA1UdIwQY MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0 LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXq2a9zw 7d5u2oJjZpIPn6Bh698fzc8hUEJEsAGE9+910f3ie8y1FqPMibAzDdyqSpBYLO3y 7NNPWjetM0Dzhx+U11tFtTyWyMM313ssF+NqegAU+lEib3gn2cbNZAElK74ElbvV sJSMJLXD8rGAfN/g+1GkBifMiq9QJFFF6jKF1mbJ1dTZrVBX1KbaIoYUkbUMZujC 50YPeOw4hDreKfg6LkU732a0V437qDW/7upf6KoYeXF+W8UCL4hfxaZOr/LLPG3c Yh45ZhD2S4FcAHPdTeNb6ivnfp6Gu/kTsuj2HBFq3zy+4cQWHHT/ADANhtFGoG+/ ODbSAFIJdkm20g== -----END CERTIFICATE-----Generated at Tue Jan 27 02:23:13 2026 by rpki-client