This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.mft File: 21m85hup0qDjVb4B8TQbjfdq69s.mft (raw, json) Hash identifier: xNrBoau0V/BLVL9/U+VnwTt5APDfup7CuRPXpzIkFU0= Subject key identifier: 1B:F8:24:9C:07:96:52:EB:81:9D:C5:36:09:58:C2:C3:67:0B:B3:FC Authority key identifier: DB:59:BC:E6:1B:A9:D2:A0:E3:55:BE:01:F1:34:1B:8D:F7:6A:EB:DB Certificate issuer: /CN=db59bce61ba9d2a0e355be01f1341b8df76aebdb Certificate serial: 019BFB76F9EAEC90D66059884942E5FFABF3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.mft Manifest number: 17EC Signing time: Mon 26 Jan 2026 18:00:36 +0000 Manifest this update: Mon 26 Jan 2026 18:00:36 +0000 Manifest next update: Tue 27 Jan 2026 18:00:36 +0000 Files and hashes: 1: 21m85hup0qDjVb4B8TQbjfdq69s.crl (hash: u+uUiS/yykG2kkzuWrV7b9kGcJbuiik64GxpLfVGw5Y=) 2: 61huzXEr5q5M8J__iIN7IjunhKg.roa (hash: cj477SS4T7qNzSNkI+8mGSK4iNQUtTpYpphXIshKx+8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.crl rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.mft rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:76:f9:ea:ec:90:d6:60:59:88:49:42:e5:ff:ab:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db59bce61ba9d2a0e355be01f1341b8df76aebdb Validity Not Before: Jan 26 18:00:36 2026 GMT Not After : Jan 27 18:00:36 2026 GMT Subject: CN=1bf8249c079652eb819dc5360958c2c3670bb3fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5d:68:df:52:01:de:b6:ef:ca:3d:55:b2:bc: 14:85:c1:22:bd:71:60:2b:d5:1c:a3:68:db:d4:56: 86:b9:9c:e6:f8:52:00:c8:2e:2f:57:a5:e9:a5:96: bd:03:62:f1:5e:b6:25:16:67:ff:ae:0f:b7:a1:48: 60:fa:a3:c3:b8:fe:46:b0:4d:f0:c8:8f:9e:a7:3f: 03:53:e0:71:b4:e8:54:de:83:92:e6:4e:f6:84:ab: a1:e3:40:d2:78:78:e2:60:db:76:78:13:52:38:50: 0e:b7:b9:43:8a:6a:96:4d:90:28:34:a2:84:41:eb: 70:42:0a:b8:05:03:61:7d:84:8d:57:34:d8:68:fd: ba:b4:e6:d0:ff:3e:d4:f5:1b:23:a0:78:c3:ea:f1: f5:b6:bb:71:6c:03:cb:a2:83:f8:e7:fa:a6:67:5a: 41:cc:05:ae:b4:6f:42:8a:d7:77:5a:3e:03:7d:da: a7:37:aa:af:2b:dd:59:ea:45:a0:7a:3a:6e:c3:d9: 75:29:27:26:48:7a:5c:6d:0c:da:c7:2d:5c:73:2e: 8a:25:39:7a:be:58:e1:d8:a4:3e:e1:ed:19:c1:be: df:e2:2b:47:66:66:72:b8:db:04:0a:aa:18:3e:e3: 63:2c:8c:f4:db:fc:bf:05:75:53:53:36:52:1f:29: 5e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:F8:24:9C:07:96:52:EB:81:9D:C5:36:09:58:C2:C3:67:0B:B3:FC X509v3 Authority Key Identifier: keyid:DB:59:BC:E6:1B:A9:D2:A0:E3:55:BE:01:F1:34:1B:8D:F7:6A:EB:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:5b:cf:86:99:8e:0b:c9:44:3c:41:d5:79:79:96:6d:96:e5: 64:2c:b3:6e:b7:e0:38:24:33:0b:a2:f9:1f:f1:a4:a3:3c:e2: db:2d:f6:9c:b2:07:7e:8b:72:d3:0e:e2:2b:64:ec:9b:2b:5a: 27:67:8d:16:00:0c:ef:91:66:77:c7:4f:4b:f8:ee:9a:cc:eb: a0:5b:f4:63:46:0d:52:b5:28:c6:69:2b:55:c0:75:c4:6f:5e: 9e:ad:76:d8:ff:23:4c:ed:ba:d5:14:09:6f:d8:30:5f:d4:fc: a8:68:27:de:c1:ac:09:18:62:f8:e2:54:37:e0:20:47:63:93: e5:88:ee:64:cd:17:a7:4b:22:7e:0d:69:ea:11:05:c5:58:6b: 95:52:3e:7a:54:86:f4:6b:06:e2:80:e8:2e:b0:e8:08:e9:87: c9:19:b7:20:78:5b:c5:86:15:61:2a:ac:3d:f4:bb:d5:26:98: ea:e0:a6:fa:7c:5e:4f:f1:86:45:bb:69:4d:4e:a0:1c:ef:0c: 8e:9e:2e:63:ab:f1:eb:ee:14:29:80:c8:ff:65:41:e0:04:f1: ad:f5:2d:ed:b1:e6:79:67:58:bf:37:d7:e6:f7:3d:e8:56:39: 13:f1:fe:4b:15:45:f8:9e:4f:35:d1:92:6b:10:1d:a1:1b:ab: 7d:03:5b:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7dvnq7JDWYFmISULl/6vzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNTliY2U2MWJhOWQyYTBlMzU1YmUwMWYxMzQxYjhkZjc2 YWViZGIwHhcNMjYwMTI2MTgwMDM2WhcNMjYwMTI3MTgwMDM2WjAzMTEwLwYDVQQD EygxYmY4MjQ5YzA3OTY1MmViODE5ZGM1MzYwOTU4YzJjMzY3MGJiM2ZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv11o31IB3rbvyj1VsrwUhcEivXFg K9Uco2jb1FaGuZzm+FIAyC4vV6XppZa9A2LxXrYlFmf/rg+3oUhg+qPDuP5GsE3w yI+epz8DU+BxtOhU3oOS5k72hKuh40DSeHjiYNt2eBNSOFAOt7lDimqWTZAoNKKE QetwQgq4BQNhfYSNVzTYaP26tObQ/z7U9RsjoHjD6vH1trtxbAPLooP45/qmZ1pB zAWutG9Citd3Wj4DfdqnN6qvK91Z6kWgejpuw9l1KScmSHpcbQzaxy1ccy6KJTl6 vljh2KQ+4e0Zwb7f4itHZmZyuNsECqoYPuNjLIz02/y/BXVTUzZSHyleWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBv4JJwHllLrgZ3FNglYwsNnC7P8MB8GA1UdIwQY MBaAFNtZvOYbqdKg41W+AfE0G433auvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjFtODVodXAwcURqVmI0QjhUUWJqZmRxNjlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85MjA5ZWQtNGI5OC00ODk3LThlOWIt M2EwNDJmNzdiNzM4LzEvMjFtODVodXAwcURqVmI0QjhUUWJqZmRxNjlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC85MjA5ZWQtNGI5OC00ODk3LThlOWItM2EwNDJmNzdiNzM4 LzEvMjFtODVodXAwcURqVmI0QjhUUWJqZmRxNjlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPVvPhpmO C8lEPEHVeXmWbZblZCyzbrfgOCQzC6L5H/Gkozzi2y32nLIHfoty0w7iK2Tsmyta J2eNFgAM75Fmd8dPS/jumszroFv0Y0YNUrUoxmkrVcB1xG9enq122P8jTO261RQJ b9gwX9T8qGgn3sGsCRhi+OJUN+AgR2OT5YjuZM0Xp0sifg1p6hEFxVhrlVI+elSG 9GsG4oDoLrDoCOmHyRm3IHhbxYYVYSqsPfS71SaY6uCm+nxeT/GGRbtpTU6gHO8M jp4uY6vx6+4UKYDI/2VB4ATxrfUt7bHmeWdYvzfX5vc96FY5E/H+SxVF+J5PNdGS axAdoRurfQNbiA== -----END CERTIFICATE-----Generated at Mon Jan 26 21:53:04 2026 by rpki-client