This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.mft File: R-XTM9rZ1i1TKNEleKMd70KvjzQ.mft (raw, json) Hash identifier: dbfFcz1LmF79KAZkvnLvqztbo/gDSKmkTFmFw+JxMLA= Subject key identifier: BC:CF:01:E8:87:DD:4F:1B:09:02:B7:F6:D8:2F:62:E4:6F:F6:34:E8 Authority key identifier: 47:E5:D3:33:DA:D9:D6:2D:53:28:D1:25:78:A3:1D:EF:42:AF:8F:34 Certificate issuer: /CN=47e5d333dad9d62d5328d12578a31def42af8f34 Certificate serial: 019BFC52EB35B37D3F18BECE07B78E1CD350 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-XTM9rZ1i1TKNEleKMd70KvjzQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.mft Manifest number: 0A6C Signing time: Mon 26 Jan 2026 22:00:51 +0000 Manifest this update: Mon 26 Jan 2026 22:00:51 +0000 Manifest next update: Tue 27 Jan 2026 22:00:51 +0000 Files and hashes: 1: R-XTM9rZ1i1TKNEleKMd70KvjzQ.crl (hash: svB+fiM5ui2vAHnjkuTW5KYIhomJKT3GgcqWTXdXDnU=) 2: lDMKh21Wt4FbbKS1OgeKAWJLOUA.roa (hash: 3L7WTrIU7aPDIrcLzqUSb6E2nzrLgIJ/FaZM9uhhyxA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.crl rsync://rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.mft rsync://rpki.ripe.net/repository/DEFAULT/R-XTM9rZ1i1TKNEleKMd70KvjzQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 22:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:52:eb:35:b3:7d:3f:18:be:ce:07:b7:8e:1c:d3:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47e5d333dad9d62d5328d12578a31def42af8f34 Validity Not Before: Jan 26 22:00:51 2026 GMT Not After : Jan 27 22:00:51 2026 GMT Subject: CN=bccf01e887dd4f1b0902b7f6d82f62e46ff634e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6e:db:14:0b:fe:4c:1d:ee:e2:40:c9:a1:94: ae:37:5d:4f:47:ec:93:fc:7a:8f:45:e9:f1:07:96: 3d:42:f8:49:d3:77:a0:55:55:8e:a4:68:2b:b5:95: ef:73:9f:e8:59:77:18:42:1a:2d:54:ca:7b:26:ea: e1:5d:c8:8d:48:53:d5:48:b6:be:a9:0e:4c:d6:9a: 87:cf:15:c2:d8:da:0a:27:4f:aa:8c:22:d7:80:2c: be:b1:84:3f:60:bb:a6:cb:6a:3f:f4:c9:b5:20:bf: 61:fb:a0:7c:69:41:b7:98:11:37:8a:86:75:08:3e: 9c:26:71:21:15:8c:9c:0b:d8:6f:a4:88:ea:80:04: 24:16:d9:89:30:1a:b1:2e:25:cb:1e:41:1c:4e:69: 07:ea:3d:b5:60:55:62:f6:e7:90:8b:3b:69:0a:61: fd:2b:57:04:a7:10:5d:75:df:5b:64:24:69:3f:f0: 10:09:8d:32:7c:f6:c6:19:6a:8d:f1:d3:1b:78:7e: eb:91:b9:b8:5c:be:be:6c:7a:81:8c:3a:04:7b:47: 8b:c1:59:2a:ff:8b:bd:51:a1:02:2b:87:92:bb:f1: 84:45:1c:c3:11:8f:ec:d2:6e:e0:ce:f9:8b:54:ca: 1a:5b:d6:55:e3:ec:d0:24:90:f7:a4:bb:d8:08:a3: 90:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:CF:01:E8:87:DD:4F:1B:09:02:B7:F6:D8:2F:62:E4:6F:F6:34:E8 X509v3 Authority Key Identifier: keyid:47:E5:D3:33:DA:D9:D6:2D:53:28:D1:25:78:A3:1D:EF:42:AF:8F:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-XTM9rZ1i1TKNEleKMd70KvjzQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d661d4-c624-4a0c-9069-352cfc369ef3/1/R-XTM9rZ1i1TKNEleKMd70KvjzQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c7:c0:6c:0d:80:a5:52:37:9b:4a:f0:fb:27:62:cb:0a:c2:d4: d8:bc:40:9b:9a:99:29:5b:7f:a5:67:61:57:de:54:ae:7a:02: ac:c6:d1:5c:1d:61:a6:c9:a0:64:c9:5a:40:1f:1a:9b:5c:a9: 03:a0:f5:5f:f3:e4:a8:b3:68:1f:8f:92:c5:12:5e:49:17:74: 7e:81:d4:40:41:95:9e:cb:79:71:80:cd:1d:2d:65:3a:86:43: cb:d0:66:4e:7c:0b:d0:94:a0:74:ac:03:47:2f:37:54:e6:5c: 1b:3e:cc:33:5b:ca:e5:62:4b:78:ad:ac:86:f8:1d:ec:48:12: 90:dd:b7:66:e6:c6:f6:b5:26:fb:76:43:49:60:ac:bc:25:f0: d0:81:59:5d:e8:e4:4f:b1:f5:f3:fa:70:6a:74:99:ee:b7:97: 92:2a:13:cc:99:02:d8:7a:86:90:e3:89:2e:01:24:97:ae:bd: a6:96:44:1a:ae:2b:0d:e8:70:e3:ff:7e:fc:57:15:4e:c8:73: 08:19:6d:5c:bd:3c:0d:51:e0:a2:77:1d:a2:2b:8c:fe:ce:8c: e9:4f:d1:d5:e8:60:db:27:57:e2:8c:cf:42:3a:b1:dd:6a:c2: 7f:71:56:08:18:ad:13:61:6c:92:0e:38:a5:1b:3e:ee:8c:0c: 59:6c:96:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8Uus1s30/GL7OB7eOHNNQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3ZTVkMzMzZGFkOWQ2MmQ1MzI4ZDEyNTc4YTMxZGVmNDJh ZjhmMzQwHhcNMjYwMTI2MjIwMDUxWhcNMjYwMTI3MjIwMDUxWjAzMTEwLwYDVQQD EyhiY2NmMDFlODg3ZGQ0ZjFiMDkwMmI3ZjZkODJmNjJlNDZmZjYzNGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W7bFAv+TB3u4kDJoZSuN11PR+yT /HqPRenxB5Y9QvhJ03egVVWOpGgrtZXvc5/oWXcYQhotVMp7JurhXciNSFPVSLa+ qQ5M1pqHzxXC2NoKJ0+qjCLXgCy+sYQ/YLumy2o/9Mm1IL9h+6B8aUG3mBE3ioZ1 CD6cJnEhFYycC9hvpIjqgAQkFtmJMBqxLiXLHkEcTmkH6j21YFVi9ueQiztpCmH9 K1cEpxBddd9bZCRpP/AQCY0yfPbGGWqN8dMbeH7rkbm4XL6+bHqBjDoEe0eLwVkq /4u9UaECK4eSu/GERRzDEY/s0m7gzvmLVMoaW9ZV4+zQJJD3pLvYCKOQwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLzPAeiH3U8bCQK39tgvYuRv9jToMB8GA1UdIwQY MBaAFEfl0zPa2dYtUyjRJXijHe9Cr480MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUi1YVE05cloxaTFUS05FbGVLTWQ3MEt2anpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kNjYxZDQtYzYyNC00YTBjLTkwNjkt MzUyY2ZjMzY5ZWYzLzEvUi1YVE05cloxaTFUS05FbGVLTWQ3MEt2anpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9kNjYxZDQtYzYyNC00YTBjLTkwNjktMzUyY2ZjMzY5ZWYz LzEvUi1YVE05cloxaTFUS05FbGVLTWQ3MEt2anpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx8BsDYCl UjebSvD7J2LLCsLU2LxAm5qZKVt/pWdhV95UrnoCrMbRXB1hpsmgZMlaQB8am1yp A6D1X/PkqLNoH4+SxRJeSRd0foHUQEGVnst5cYDNHS1lOoZDy9BmTnwL0JSgdKwD Ry83VOZcGz7MM1vK5WJLeK2shvgd7EgSkN23ZubG9rUm+3ZDSWCsvCXw0IFZXejk T7H18/pwanSZ7reXkioTzJkC2HqGkOOJLgEkl669ppZEGq4rDehw4/9+/FcVTshz CBltXL08DVHgoncdoiuM/s6M6U/R1ehg2ydX4ozPQjqx3WrCf3FWCBitE2Fskg44 pRs+7owMWWyWJg== -----END CERTIFICATE-----Generated at Tue Jan 27 07:17:44 2026 by rpki-client