This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft File: 3XGhKciwiZWUIZnqbRsigmU1DQs.mft (raw, json) Hash identifier: adQbYiQiqnHPkTuS5KZODChpZh3hQI0TH6ncmubfQUQ= Subject key identifier: BA:58:C5:AF:7F:DE:66:5A:C6:54:D9:54:F1:79:B1:4E:42:8C:D3:85 Authority key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B Certificate issuer: /CN=dd71a129c8b08995942199ea6d1b228265350d0b Certificate serial: 019BFD2EEA417D9C63D90DA8747EAFE9AF16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft Manifest number: 17EB Signing time: Tue 27 Jan 2026 02:01:08 +0000 Manifest this update: Tue 27 Jan 2026 02:01:08 +0000 Manifest next update: Wed 28 Jan 2026 02:01:08 +0000 Files and hashes: 1: 3XGhKciwiZWUIZnqbRsigmU1DQs.crl (hash: O1z36SeIZUDNS/s980TAaDWiZNi+jBWiYXwN2EM8yRo=) 2: BVmlLvTO3TnwU-WykyLWkZijiEQ.roa (hash: GjheiEWnUhL3hO3K8TeuKDirKE8ozbAnofhtWixZIn0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fd:2e:ea:41:7d:9c:63:d9:0d:a8:74:7e:af:e9:af:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd71a129c8b08995942199ea6d1b228265350d0b Validity Not Before: Jan 27 02:01:08 2026 GMT Not After : Jan 28 02:01:08 2026 GMT Subject: CN=ba58c5af7fde665ac654d954f179b14e428cd385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1d:42:42:57:f6:84:88:7e:44:68:0a:3f:5e: ee:7a:08:3b:26:d6:0a:44:bb:bb:9f:8f:43:67:d6: 78:de:1e:c2:85:da:b2:ed:21:62:2f:39:0d:6d:df: 54:14:51:1c:af:6a:0e:a4:ce:43:8b:bf:fb:42:cd: a4:e6:cc:94:16:84:bf:6c:63:a3:80:fc:65:f4:60: 0d:f7:b7:c5:01:ec:fa:fd:b3:7f:2f:d8:a8:ba:5d: 9a:1b:00:52:30:8a:04:6c:37:77:ac:87:f9:2a:63: 96:80:eb:f3:22:64:46:a3:a9:d8:04:a8:64:b4:fd: 42:c9:22:68:be:6b:1b:86:dd:bb:9a:32:57:b2:26: 76:e7:cb:5b:0f:e0:12:d2:a2:29:0e:a3:34:9d:74: 54:40:d1:5d:8e:34:bf:4f:1a:ea:72:f1:1e:f8:47: 93:ef:fb:c3:6c:28:3d:b4:56:ea:97:f9:e1:8b:c2: b6:3b:26:22:20:37:e0:45:bd:94:df:37:51:98:4e: 01:f1:7a:c4:96:ca:45:1a:fe:47:29:82:df:01:83: 96:6e:d4:ec:8d:1d:f7:1a:fb:23:53:49:d8:a6:94: 43:81:12:63:cd:7c:77:4a:f6:fe:bb:62:73:04:19: d1:a8:f8:e2:75:5e:51:82:94:13:3f:40:2f:a2:ef: 8c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:58:C5:AF:7F:DE:66:5A:C6:54:D9:54:F1:79:B1:4E:42:8C:D3:85 X509v3 Authority Key Identifier: keyid:DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:18:f9:c6:f8:f4:e7:9e:42:cb:7a:37:f0:a0:85:0b:05:ad: df:82:d2:f5:60:e5:f1:33:17:57:d6:ee:a5:d4:5a:73:8f:35: df:4c:5d:18:f4:f6:5e:e6:e6:0f:cf:17:20:13:d8:54:1f:8b: c2:c3:91:a1:af:f8:5d:3f:55:03:a7:1b:a4:17:42:3c:5b:6b: 03:7c:62:27:f1:8e:2a:69:8e:c8:7d:1d:bc:82:62:ec:eb:cc: 80:3c:c0:05:bd:1d:08:4d:96:a5:14:80:e2:cb:33:32:db:6e: 54:3a:13:a5:63:8f:58:b9:21:21:55:01:9f:c8:50:83:9d:cd: 12:06:71:06:39:ac:a8:0e:97:76:4a:cb:b6:8f:c2:ec:a6:43: e1:a6:c1:bd:f0:c9:8b:cd:1b:3f:12:18:c2:52:ee:e4:ef:4c: 7c:ec:38:7d:3f:7c:ba:ab:f5:49:af:2a:d3:0c:5e:a6:6c:39: 43:88:6e:16:6e:fe:aa:a7:08:ce:0d:7c:d4:4e:07:bd:05:19: d4:de:3b:5a:0c:48:86:5a:7b:1f:91:84:77:03:1d:3e:ed:86: f6:6f:f2:84:2a:86:73:9b:9c:8c:77:9e:75:a1:d5:48:67:a7: ac:37:84:11:01:fb:58:8b:52:0a:ca:14:a6:98:b0:50:8c:ee: b5:31:3f:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv9LupBfZxj2Q2odH6v6a8WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNzFhMTI5YzhiMDg5OTU5NDIxOTllYTZkMWIyMjgyNjUz NTBkMGIwHhcNMjYwMTI3MDIwMTA4WhcNMjYwMTI4MDIwMTA4WjAzMTEwLwYDVQQD EyhiYTU4YzVhZjdmZGU2NjVhYzY1NGQ5NTRmMTc5YjE0ZTQyOGNkMzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh1CQlf2hIh+RGgKP17uegg7JtYK RLu7n49DZ9Z43h7Chdqy7SFiLzkNbd9UFFEcr2oOpM5Di7/7Qs2k5syUFoS/bGOj gPxl9GAN97fFAez6/bN/L9ioul2aGwBSMIoEbDd3rIf5KmOWgOvzImRGo6nYBKhk tP1CySJovmsbht27mjJXsiZ258tbD+AS0qIpDqM0nXRUQNFdjjS/TxrqcvEe+EeT 7/vDbCg9tFbql/nhi8K2OyYiIDfgRb2U3zdRmE4B8XrElspFGv5HKYLfAYOWbtTs jR33GvsjU0nYppRDgRJjzXx3Svb+u2JzBBnRqPjidV5RgpQTP0Avou+MPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLpYxa9/3mZaxlTZVPF5sU5CjNOFMB8GA1UdIwQY MBaAFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYt YzBkOGM4NjY4OTNmLzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYtYzBkOGM4NjY4OTNm LzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBj5xvj0 555Cy3o38KCFCwWt34LS9WDl8TMXV9bupdRac48130xdGPT2XubmD88XIBPYVB+L wsORoa/4XT9VA6cbpBdCPFtrA3xiJ/GOKmmOyH0dvIJi7OvMgDzABb0dCE2WpRSA 4sszMttuVDoTpWOPWLkhIVUBn8hQg53NEgZxBjmsqA6XdkrLto/C7KZD4abBvfDJ i80bPxIYwlLu5O9MfOw4fT98uqv1Sa8q0wxepmw5Q4huFm7+qqcIzg181E4HvQUZ 1N47WgxIhlp7H5GEdwMdPu2G9m/yhCqGc5ucjHeedaHVSGenrDeEEQH7WItSCsoU ppiwUIzutTE/xw== -----END CERTIFICATE-----Generated at Tue Jan 27 04:16:05 2026 by rpki-client