This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft File: U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json) Hash identifier: HlQBsOs3DrA4DPs646Cvp3huNMK4JnpRZfShNyuwbdU= Subject key identifier: B4:3B:D0:47:A8:A9:9E:99:80:83:F1:E8:3A:7A:AF:FC:14:B2:59:93 Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04 Certificate issuer: /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104 Certificate serial: 019BFBAE1BAA4243469C6C72438E59190EA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft Manifest number: 1152 Signing time: Mon 26 Jan 2026 19:00:49 +0000 Manifest this update: Mon 26 Jan 2026 19:00:49 +0000 Manifest next update: Tue 27 Jan 2026 19:00:49 +0000 Files and hashes: 1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: HfKQlPRDwv9XXd80ZakWtGtHB8j4vSO+lMjAFbbDq2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 19:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:ae:1b:aa:42:43:46:9c:6c:72:43:8e:59:19:0e:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104 Validity Not Before: Jan 26 19:00:49 2026 GMT Not After : Jan 27 19:00:49 2026 GMT Subject: CN=b43bd047a8a99e998083f1e83a7aaffc14b25993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:0c:03:88:af:7d:22:ee:bd:c1:12:25:6d:5b: 0d:d8:4d:19:5a:17:5d:88:3b:98:cd:8f:33:f7:a9: 32:59:94:d7:aa:4e:e1:e8:1d:a6:46:aa:c1:93:d9: 87:9f:73:98:7c:58:5f:93:db:36:33:71:06:7e:e5: 31:ad:3c:40:d5:d3:32:4e:43:26:9a:c9:74:4f:71: 1b:1b:f4:e2:42:89:35:bf:2b:23:80:ad:35:4c:1b: db:34:3f:e4:09:7a:fe:d7:57:2b:e5:43:37:d2:2f: e3:cc:3c:3b:37:f7:da:f5:e9:7d:3a:f4:d7:3d:0c: cc:9f:f2:69:1f:dc:fe:fb:fa:d4:ea:77:a7:c0:69: 95:51:24:0a:c1:e8:35:e0:cf:19:57:3c:d2:ab:ac: dc:05:3d:1c:73:c5:e7:7a:c6:af:fe:94:56:90:c4: c2:f0:60:09:9a:26:fb:1e:f4:92:35:d7:42:9a:d2: a9:a0:b1:fe:78:d5:b5:a7:ba:34:5a:72:e7:3f:1a: f5:ec:29:28:d3:b2:0e:a9:86:ca:fa:d2:d5:3b:6c: 88:2e:ff:b0:29:30:83:a9:e6:39:aa:7d:d9:c1:ff: e1:80:75:9e:26:96:a0:e2:e7:e2:3a:49:6a:85:80: 2b:10:99:35:ec:d6:0d:8b:c4:c1:2b:f9:82:11:81: e7:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:3B:D0:47:A8:A9:9E:99:80:83:F1:E8:3A:7A:AF:FC:14:B2:59:93 X509v3 Authority Key Identifier: keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:52:71:51:cf:67:34:87:d7:b0:99:0a:ce:e8:aa:82:fb:aa: 38:1e:2c:65:69:46:db:77:1d:ae:d8:88:50:5b:e9:d9:48:aa: 89:28:a7:94:36:46:be:67:0d:25:28:63:63:2d:c3:44:cc:08: f5:05:dd:ad:9b:d6:c0:fd:9f:5d:4d:55:07:ca:c0:89:a9:9a: ac:ab:88:1d:6d:98:f0:4a:63:1e:39:38:7d:1a:4f:6d:bc:c3: ea:cb:5e:80:8a:a8:47:b4:03:6d:c1:93:c3:52:0f:6d:2d:db: 52:3d:9b:d1:fb:82:20:90:05:f8:e6:21:c7:f9:a5:54:2a:0a: e5:7f:e4:d2:f9:23:0b:bb:39:b6:5a:b0:0d:5d:08:04:f2:4e: 6e:28:13:85:a0:7b:bb:80:ed:d8:9d:45:f2:10:e8:5b:91:52: 37:73:93:7e:e0:e4:0b:ec:68:b9:ee:41:3c:7d:17:b7:d5:95: 93:9b:be:31:bd:00:50:c9:cc:f4:bd:78:f0:cd:18:b0:98:56: 5b:e1:f1:df:d7:4c:66:b0:a2:9b:2c:09:e9:33:0b:06:bc:c5: 81:50:8a:77:bd:01:bb:5d:23:20:90:52:a3:61:f9:ae:69:38: 17:01:5f:15:a1:e0:aa:47:7b:14:b5:06:34:c6:dc:35:1f:95: d0:e4:4c:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7rhuqQkNGnGxyQ45ZGQ6pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl NTMxMDQwHhcNMjYwMTI2MTkwMDQ5WhcNMjYwMTI3MTkwMDQ5WjAzMTEwLwYDVQQD EyhiNDNiZDA0N2E4YTk5ZTk5ODA4M2YxZTgzYTdhYWZmYzE0YjI1OTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQwDiK99Iu69wRIlbVsN2E0ZWhdd iDuYzY8z96kyWZTXqk7h6B2mRqrBk9mHn3OYfFhfk9s2M3EGfuUxrTxA1dMyTkMm msl0T3EbG/TiQok1vysjgK01TBvbND/kCXr+11cr5UM30i/jzDw7N/fa9el9OvTX PQzMn/JpH9z++/rU6nenwGmVUSQKweg14M8ZVzzSq6zcBT0cc8Xnesav/pRWkMTC 8GAJmib7HvSSNddCmtKpoLH+eNW1p7o0WnLnPxr17Cko07IOqYbK+tLVO2yILv+w KTCDqeY5qn3Zwf/hgHWeJpag4ufiOklqhYArEJk17NYNi8TBK/mCEYHnAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLQ70EeoqZ6ZgIPx6Dp6r/wUslmTMB8GA1UdIwQY MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlJxUc9n NIfXsJkKzuiqgvuqOB4sZWlG23cdrtiIUFvp2UiqiSinlDZGvmcNJShjYy3DRMwI 9QXdrZvWwP2fXU1VB8rAiamarKuIHW2Y8EpjHjk4fRpPbbzD6stegIqoR7QDbcGT w1IPbS3bUj2b0fuCIJAF+OYhx/mlVCoK5X/k0vkjC7s5tlqwDV0IBPJObigThaB7 u4Dt2J1F8hDoW5FSN3OTfuDkC+xoue5BPH0Xt9WVk5u+Mb0AUMnM9L148M0YsJhW W+Hx39dMZrCimywJ6TMLBrzFgVCKd70Bu10jIJBSo2H5rmk4FwFfFaHgqkd7FLUG NMbcNR+V0ORMyw== -----END CERTIFICATE-----Generated at Tue Jan 27 04:16:07 2026 by rpki-client