This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft File: Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json) Hash identifier: sYgrAhY65ztVpg/IrKJ19nFY7RkQ5pVzSED755FjEz8= Subject key identifier: 15:C8:05:DC:D2:FE:4F:C9:E7:77:94:F8:FF:DC:01:02:66:71:F6:BB Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7 Certificate issuer: /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7 Certificate serial: 019BF7D2590FD6A32944703FA9765705CA60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft Manifest number: 0CC9 Signing time: Mon 26 Jan 2026 01:01:56 +0000 Manifest this update: Mon 26 Jan 2026 01:01:56 +0000 Manifest next update: Tue 27 Jan 2026 01:01:56 +0000 Files and hashes: 1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: rm75GyUea7MX828Of0cNOSZdzsJ8KXYZ0v0A8Ppz0y0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:d2:59:0f:d6:a3:29:44:70:3f:a9:76:57:05:ca:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7 Validity Not Before: Jan 26 01:01:56 2026 GMT Not After : Jan 27 01:01:56 2026 GMT Subject: CN=15c805dcd2fe4fc9e77794f8ffdc01026671f6bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:db:15:d9:d4:e4:66:ef:fa:04:23:42:24:12: 87:44:23:f8:da:3a:f1:ae:7b:48:c8:c2:4a:77:2c: c6:e7:6d:92:2a:39:18:c3:3f:c6:5c:91:e3:f2:be: 91:dd:d7:58:bf:9a:a7:f1:8d:de:9a:9c:f3:e1:8f: 77:ba:78:01:86:a5:13:4f:9b:a7:c1:24:b2:8c:72: b8:4a:d2:bf:94:fc:28:65:2a:33:82:06:55:5d:51: 29:6a:c8:27:75:d8:01:88:12:71:a1:4e:70:44:23: 73:a0:99:a3:ab:46:67:2c:68:89:3f:7c:08:20:cb: b1:70:8c:cd:4f:f4:35:1d:2b:71:1b:f2:1c:70:31: 15:b2:eb:68:54:2e:fc:fc:ab:6b:c7:09:d8:e7:e5: 02:90:de:76:b4:71:01:dd:5e:35:bd:33:30:48:e0: 35:fb:24:e5:09:b1:84:9c:77:93:c7:9a:a1:ee:ac: 05:9a:cd:04:7a:1b:6f:e8:99:b2:f9:ac:63:de:07: 8e:d7:01:a3:ef:87:49:f8:ce:bd:31:9e:87:26:64: 21:c9:45:10:99:9f:1e:68:e7:a9:c1:dd:9c:86:92: 9d:6f:6b:90:47:27:d5:44:a5:43:1f:34:14:ff:85: 25:e8:19:3b:7a:9e:f6:7a:82:90:ac:23:9e:52:2b: 92:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:C8:05:DC:D2:FE:4F:C9:E7:77:94:F8:FF:DC:01:02:66:71:F6:BB X509v3 Authority Key Identifier: keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:68:ad:00:d2:d7:6e:24:0d:4e:7a:65:78:f9:1c:a7:44:b4: e4:ed:7d:74:e4:ba:ae:c3:29:60:bf:ef:51:18:74:1d:7d:1d: d6:7c:be:72:12:78:c7:4e:ed:b2:45:dc:6b:77:a6:37:4c:58: 45:0d:cf:99:57:df:c0:48:4a:83:a1:03:a7:0a:98:f5:2b:bb: f3:3d:f8:ec:a2:63:57:b5:c0:b5:d9:6b:a9:60:c0:74:91:78: bd:fc:7e:b9:0e:c5:0d:26:d7:8c:40:fb:dd:be:11:23:54:7c: a3:44:3e:50:73:80:00:6f:14:5a:24:92:0b:7f:5b:56:15:2c: b4:dc:c7:9e:d7:65:9d:88:72:98:d1:c4:b0:4e:ca:01:7a:73: 40:c0:95:55:59:12:2f:0d:c7:53:00:1a:7c:83:62:78:a9:07: c6:9b:c1:11:9f:0e:89:b3:10:22:16:3f:eb:a4:01:51:36:b0: 8f:a1:d3:41:25:b5:f8:f8:67:62:a0:f6:13:a7:fa:e5:c2:0f: cd:15:17:90:41:94:da:12:1e:58:ca:34:84:cd:f6:5d:e0:2b: 68:69:8a:ba:a4:43:cf:13:f7:08:4d:69:b4:b4:f7:aa:32:3c: c2:1e:a8:b8:75:c1:a3:f7:28:46:78:fc:ec:6b:34:47:dd:6e: 80:6c:49:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv30lkP1qMpRHA/qXZXBcpgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm NGE2YzcwHhcNMjYwMTI2MDEwMTU2WhcNMjYwMTI3MDEwMTU2WjAzMTEwLwYDVQQD EygxNWM4MDVkY2QyZmU0ZmM5ZTc3Nzk0ZjhmZmRjMDEwMjY2NzFmNmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtsV2dTkZu/6BCNCJBKHRCP42jrx rntIyMJKdyzG522SKjkYwz/GXJHj8r6R3ddYv5qn8Y3empzz4Y93ungBhqUTT5un wSSyjHK4StK/lPwoZSozggZVXVEpasgnddgBiBJxoU5wRCNzoJmjq0ZnLGiJP3wI IMuxcIzNT/Q1HStxG/IccDEVsutoVC78/KtrxwnY5+UCkN52tHEB3V41vTMwSOA1 +yTlCbGEnHeTx5qh7qwFms0Eehtv6Jmy+axj3geO1wGj74dJ+M69MZ6HJmQhyUUQ mZ8eaOepwd2chpKdb2uQRyfVRKVDHzQU/4Ul6Bk7ep72eoKQrCOeUiuSoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBXIBdzS/k/J53eU+P/cAQJmcfa7MB8GA1UdIwQY MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5 LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWitANLX biQNTnplePkcp0S05O19dOS6rsMpYL/vURh0HX0d1ny+chJ4x07tskXca3emN0xY RQ3PmVffwEhKg6EDpwqY9Su78z347KJjV7XAtdlrqWDAdJF4vfx+uQ7FDSbXjED7 3b4RI1R8o0Q+UHOAAG8UWiSSC39bVhUstNzHntdlnYhymNHEsE7KAXpzQMCVVVkS Lw3HUwAafINieKkHxpvBEZ8OibMQIhY/66QBUTawj6HTQSW1+PhnYqD2E6f65cIP zRUXkEGU2hIeWMo0hM32XeAraGmKuqRDzxP3CE1ptLT3qjI8wh6ouHXBo/coRnj8 7Gs0R91ugGxJiQ== -----END CERTIFICATE-----Generated at Mon Jan 26 04:57:59 2026 by rpki-client