This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft File: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json) Hash identifier: 1XtVQW/0ahuPhuw6p9C6ykWjmDHUHo/ADdL0BaDnLKU= Subject key identifier: 40:94:22:E9:07:53:22:A6:29:3D:7D:66:60:D1:0C:5F:55:64:AB:C7 Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30 Certificate issuer: /CN=7224d6f072521ad6eb3d029b189f42d240a91530 Certificate serial: 019BFC52A5E1406FDEE25C2D5C8D36F2ABD5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft Manifest number: 17E7 Signing time: Mon 26 Jan 2026 22:00:33 +0000 Manifest this update: Mon 26 Jan 2026 22:00:33 +0000 Manifest next update: Tue 27 Jan 2026 22:00:33 +0000 Files and hashes: 1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: mllQiVR5V+7nHO+bKAjtzIVQdL35jWWGKxpSgF0Guf8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 22:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:52:a5:e1:40:6f:de:e2:5c:2d:5c:8d:36:f2:ab:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530 Validity Not Before: Jan 26 22:00:33 2026 GMT Not After : Jan 27 22:00:33 2026 GMT Subject: CN=409422e9075322a6293d7d6660d10c5f5564abc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:8d:fd:51:92:6a:bf:59:33:e8:d0:82:7f:9d: 22:92:da:2f:ff:41:fd:f9:ac:f8:c1:49:74:1b:4e: 38:e9:0a:01:1d:ce:d5:26:b0:0c:63:5d:b4:d1:0f: f5:04:5f:01:0c:b3:09:06:2c:77:37:26:f8:cd:a3: 9c:f3:9c:d0:2a:c3:ec:22:37:2b:12:bb:83:39:62: 61:90:fc:37:53:79:be:c2:2b:02:a3:5e:64:f4:41: 1a:d8:77:60:53:fa:9e:60:3b:d1:57:00:5c:45:5b: ff:de:c0:2d:26:b6:2a:af:63:7d:3f:bd:86:c6:fc: 0b:3d:67:9d:89:55:2a:25:b2:e2:5f:c6:da:e2:78: f0:e0:22:9f:e3:db:f3:65:03:e2:f2:da:99:45:13: a1:cd:59:58:6a:54:5e:f0:74:7d:90:61:ea:cd:60: 57:5c:cc:69:5d:c1:91:02:39:60:ca:de:85:8f:5d: 04:f2:77:8c:8b:f9:6f:51:ec:0c:90:07:c4:ac:18: a5:75:d5:04:f0:6a:e4:22:14:f4:ed:c5:ed:35:1c: 60:0c:68:e6:c6:c2:c6:55:d2:c3:aa:03:4a:4b:cf: 62:e1:35:b4:44:70:af:33:f9:44:fb:24:12:ce:5d: 03:f4:2f:cd:d5:8a:98:03:a9:7e:04:a1:6b:9c:75: be:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:94:22:E9:07:53:22:A6:29:3D:7D:66:60:D1:0C:5F:55:64:AB:C7 X509v3 Authority Key Identifier: keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:e1:15:9d:40:c4:8d:c1:52:96:16:9b:a4:06:c8:70:e8:6a: 3a:39:5e:b1:8d:66:f6:c9:e2:b9:0f:78:f9:4d:e4:e3:f3:80: a8:09:f2:5b:85:f0:7b:c2:9d:9a:bc:73:1d:a4:fe:a8:f2:03: 9b:06:14:4f:55:e1:e8:09:02:e3:46:36:10:37:a2:07:67:28: f6:8e:ba:14:4b:bd:ec:4d:5f:f7:9e:33:56:ef:7b:77:f3:39: 11:95:e4:5f:be:05:e9:cc:ab:d0:48:c8:4c:98:63:cb:3e:be: af:ff:c9:7f:07:8f:84:65:6a:1f:ff:52:72:35:bb:e9:ea:f9: 56:80:46:53:7b:3b:80:f9:62:7f:f7:89:a8:fd:01:05:9d:c7: e6:83:94:28:7d:fa:7a:11:59:40:e4:d7:d8:d2:74:fe:6f:ed: f5:a1:4b:75:6b:c1:7d:ec:93:18:93:79:dd:28:c6:50:83:84: 88:cf:de:48:4c:6e:6e:49:14:35:92:86:a8:4d:df:96:3f:ab: 73:10:f6:4e:e1:5c:00:92:99:06:21:c1:f9:13:3a:f3:11:b1: b2:d9:73:2b:38:cc:dd:c2:c9:c2:f8:6c:9a:9c:17:69:4c:65: 07:07:92:e5:de:d7:95:f4:83:0b:99:ff:c6:f4:d0:4e:81:02: 35:44:3e:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8UqXhQG/e4lwtXI028qvVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh OTE1MzAwHhcNMjYwMTI2MjIwMDMzWhcNMjYwMTI3MjIwMDMzWjAzMTEwLwYDVQQD Eyg0MDk0MjJlOTA3NTMyMmE2MjkzZDdkNjY2MGQxMGM1ZjU1NjRhYmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y39UZJqv1kz6NCCf50iktov/0H9 +az4wUl0G0446QoBHc7VJrAMY1200Q/1BF8BDLMJBix3Nyb4zaOc85zQKsPsIjcr EruDOWJhkPw3U3m+wisCo15k9EEa2HdgU/qeYDvRVwBcRVv/3sAtJrYqr2N9P72G xvwLPWediVUqJbLiX8ba4njw4CKf49vzZQPi8tqZRROhzVlYalRe8HR9kGHqzWBX XMxpXcGRAjlgyt6Fj10E8neMi/lvUewMkAfErBilddUE8GrkIhT07cXtNRxgDGjm xsLGVdLDqgNKS89i4TW0RHCvM/lE+yQSzl0D9C/N1YqYA6l+BKFrnHW+2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECUIukHUyKmKT19ZmDRDF9VZKvHMB8GA1UdIwQY MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+EVnUDE jcFSlhabpAbIcOhqOjlesY1m9sniuQ94+U3k4/OAqAnyW4Xwe8KdmrxzHaT+qPID mwYUT1Xh6AkC40Y2EDeiB2co9o66FEu97E1f954zVu97d/M5EZXkX74F6cyr0EjI TJhjyz6+r//JfwePhGVqH/9ScjW76er5VoBGU3s7gPlif/eJqP0BBZ3H5oOUKH36 ehFZQOTX2NJ0/m/t9aFLdWvBfeyTGJN53SjGUIOEiM/eSExubkkUNZKGqE3flj+r cxD2TuFcAJKZBiHB+RM68xGxstlzKzjM3cLJwvhsmpwXaUxlBweS5d7XlfSDC5n/ xvTQToECNUQ++g== -----END CERTIFICATE-----Generated at Tue Jan 27 08:33:30 2026 by rpki-client