This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json) Hash identifier: 80PJIXztGoWMy5BSQPnJQFcnd7RRGA1zdMDvdQGCHuQ= Subject key identifier: 82:8D:31:CF:EE:07:9B:5E:AF:C4:30:8D:1A:0F:36:28:39:9B:B1:D1 Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990 Certificate serial: 019BFB407167557F2A132225ACFF171F18FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft Manifest number: 16A8 Signing time: Mon 26 Jan 2026 17:01:03 +0000 Manifest this update: Mon 26 Jan 2026 17:01:03 +0000 Manifest next update: Tue 27 Jan 2026 17:01:03 +0000 Files and hashes: 1: 46krBMuMgQRTOnYjjiwz0jZnP9g.roa (hash: i+WuevI3Tnw5jBTEqmKxgeqDkLLDwvFZgvTXSU8JdlE=) 2: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: UhFBZ17s93+MYxdHFINwhWoAmiC5e1cO9Z2rmjd0VDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:40:71:67:55:7f:2a:13:22:25:ac:ff:17:1f:18:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=059f516802c261309a61048772e6eafd5867a990 Validity Not Before: Jan 26 17:01:03 2026 GMT Not After : Jan 27 17:01:03 2026 GMT Subject: CN=828d31cfee079b5eafc4308d1a0f3628399bb1d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:6c:25:8e:d8:08:dc:dd:00:25:73:63:55:4c: 59:f4:fc:d2:d9:ce:9f:b2:b9:f1:4d:67:60:15:b0: 3c:d8:82:54:7e:07:c8:74:42:73:3f:c2:96:8c:2c: 11:f1:0c:95:b9:3f:dd:55:4f:5c:f8:e7:5a:14:6c: c0:63:79:d5:a7:3a:ec:fe:92:64:db:3a:d5:8a:33: 6c:b4:27:e5:db:11:00:46:eb:9e:6f:cf:60:97:4d: 3e:09:84:98:7f:34:78:fd:86:85:43:02:ed:86:80: 5c:97:bf:b6:25:12:b2:d6:15:db:fe:f5:ff:a7:49: d9:a3:d8:dd:f9:ea:1d:f5:db:df:b9:1d:d1:30:82: 9a:48:3b:6f:5c:56:af:52:65:ed:61:39:1b:34:0e: 6c:6d:44:4a:31:21:1c:06:85:a3:1e:ef:29:12:df: 3d:6f:90:3b:2a:64:92:bd:a0:fb:63:df:16:17:0f: d3:ba:82:53:c5:c5:06:a7:fc:25:4b:01:c7:18:6a: 57:34:d8:52:bc:4b:05:5a:a2:79:e5:b6:7b:63:89: 46:0c:5e:f8:86:59:84:4b:26:e2:1d:bd:32:00:06: ee:0b:ec:9d:7a:a4:48:28:99:d6:84:ca:64:72:02: a5:0c:87:74:ec:3d:39:dd:60:b5:81:bc:8f:59:57: f8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:8D:31:CF:EE:07:9B:5E:AF:C4:30:8D:1A:0F:36:28:39:9B:B1:D1 X509v3 Authority Key Identifier: keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:34:41:86:41:f1:73:a3:f8:d2:4c:45:ff:82:45:19:1d:6f: ff:ca:fa:c1:b2:bb:f1:60:29:e5:91:7e:17:a3:22:73:64:b7: 1c:84:0e:4b:27:5c:3c:20:d7:6d:47:12:f3:e2:18:86:ed:1c: 8b:c1:fa:44:98:85:ba:20:5a:20:24:00:2b:d9:7b:ee:5b:98: 74:a3:93:dd:c8:e1:91:f1:a5:3e:45:e3:00:5c:25:9b:38:dd: 9f:af:cc:a7:b5:d5:e8:7c:f7:83:e2:12:6b:fd:7c:d7:e9:40: 24:c4:a9:e4:43:64:04:b6:bf:ce:e1:ad:b5:12:7c:b1:56:c2: 3a:48:a7:d8:85:9e:11:bc:2c:ca:e4:97:75:78:40:3a:84:56: ca:93:18:b5:35:35:41:38:ca:42:a9:5a:d6:60:e9:68:01:fa: da:d7:8f:99:c6:b4:49:9a:93:03:90:7b:65:26:b4:5e:8e:89: 7f:84:5e:60:68:98:5a:0c:55:51:dd:53:1a:80:dc:b4:7b:c4: 87:43:97:3a:e9:01:09:c4:78:05:92:83:a4:65:b5:51:8f:99: 43:80:41:ac:54:71:ff:2d:80:56:e9:59:03:cb:0d:b6:6f:de: 9f:0c:65:f6:d8:d7:99:b8:48:63:55:8e:9d:6e:54:39:d3:6d: 37:a4:76:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7QHFnVX8qEyIlrP8XHxj8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2 N2E5OTAwHhcNMjYwMTI2MTcwMTAzWhcNMjYwMTI3MTcwMTAzWjAzMTEwLwYDVQQD Eyg4MjhkMzFjZmVlMDc5YjVlYWZjNDMwOGQxYTBmMzYyODM5OWJiMWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGwljtgI3N0AJXNjVUxZ9PzS2c6f srnxTWdgFbA82IJUfgfIdEJzP8KWjCwR8QyVuT/dVU9c+OdaFGzAY3nVpzrs/pJk 2zrVijNstCfl2xEARuueb89gl00+CYSYfzR4/YaFQwLthoBcl7+2JRKy1hXb/vX/ p0nZo9jd+eod9dvfuR3RMIKaSDtvXFavUmXtYTkbNA5sbURKMSEcBoWjHu8pEt89 b5A7KmSSvaD7Y98WFw/TuoJTxcUGp/wlSwHHGGpXNNhSvEsFWqJ55bZ7Y4lGDF74 hlmESybiHb0yAAbuC+ydeqRIKJnWhMpkcgKlDId07D053WC1gbyPWVf4xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIKNMc/uB5ter8QwjRoPNig5m7HRMB8GA1UdIwQY MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzRBhkHx c6P40kxF/4JFGR1v/8r6wbK78WAp5ZF+F6Mic2S3HIQOSydcPCDXbUcS8+IYhu0c i8H6RJiFuiBaICQAK9l77luYdKOT3cjhkfGlPkXjAFwlmzjdn6/Mp7XV6Hz3g+IS a/181+lAJMSp5ENkBLa/zuGttRJ8sVbCOkin2IWeEbwsyuSXdXhAOoRWypMYtTU1 QTjKQqla1mDpaAH62tePmca0SZqTA5B7ZSa0Xo6Jf4ReYGiYWgxVUd1TGoDctHvE h0OXOukBCcR4BZKDpGW1UY+ZQ4BBrFRx/y2AVulZA8sNtm/enwxl9tjXmbhIY1WO nW5UOdNtN6R2ng== -----END CERTIFICATE-----Generated at Mon Jan 26 22:11:57 2026 by rpki-client