This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json) Hash identifier: ofN1fyF7hxLMhhWYGVgvp9HlTd5ouw7xG9XcYsIlfrM= Subject key identifier: 5C:42:D4:5A:CE:E9:0F:B2:72:F6:36:25:10:20:3F:13:6D:C3:0C:8C Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85 Certificate serial: 019C04B241EEC1BE5CFF7AE6815E275C5774 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft Manifest number: 0648 Signing time: Wed 28 Jan 2026 13:01:56 +0000 Manifest this update: Wed 28 Jan 2026 13:01:56 +0000 Manifest next update: Thu 29 Jan 2026 13:01:56 +0000 Files and hashes: 1: TADovInnVhImIAMNLhy833dYeyU.roa (hash: f/dalF6vRD8VNn9XqvAc5SALl8hYeWv1uoN4z7iWDuo=) 2: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: JepQ2Zuoz8pD/bF8/lezmqHvl9CPNNEdtZxMJDVEb+0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:04:b2:41:ee:c1:be:5c:ff:7a:e6:81:5e:27:5c:57:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85 Validity Not Before: Jan 28 13:01:56 2026 GMT Not After : Jan 29 13:01:56 2026 GMT Subject: CN=5c42d45acee90fb272f6362510203f136dc30c8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0f:e5:d5:c0:53:f0:a7:9f:04:46:4c:8a:3d: 29:b7:60:14:8e:2d:18:66:ad:08:fb:6c:32:3d:af: 49:5d:2d:e0:4c:a0:24:de:8a:40:32:7c:12:cd:e6: f1:e4:96:1a:bd:05:24:e4:15:e8:8d:98:48:28:3d: 5d:44:84:43:74:f3:98:bb:2f:4c:6d:05:8a:68:94: aa:72:45:f2:4e:b3:06:16:16:d6:e5:f2:71:cb:d9: ea:f0:7f:04:dd:5e:e7:85:30:d0:f8:f5:43:3e:fc: 0b:ff:d9:03:48:c9:f7:25:fb:96:b1:90:d6:58:39: 5b:93:b5:31:c8:27:ea:1b:5d:85:ab:6c:a2:98:b4: 20:ad:e7:6f:05:61:84:91:cb:40:da:94:15:99:1f: c1:20:57:01:d8:57:fc:51:2a:8d:c9:48:73:dc:94: 1e:f9:f1:3a:8d:76:ce:ee:6e:01:8d:b7:23:20:35: 3e:3b:a0:4a:db:f4:4e:3c:45:98:82:51:c8:e1:2d: 38:81:2c:be:31:e8:50:93:a1:60:72:1c:3e:8b:39: df:b1:c9:e6:de:cf:42:63:de:59:19:7a:3f:0d:0d: a1:2b:ad:3f:20:42:a4:79:2a:78:90:ee:05:d4:a1: 77:21:6b:d3:e2:2c:83:be:9e:2c:15:6e:eb:b2:bd: 6f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:42:D4:5A:CE:E9:0F:B2:72:F6:36:25:10:20:3F:13:6D:C3:0C:8C X509v3 Authority Key Identifier: keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:62:49:cb:6d:d0:c1:a2:10:26:9b:cc:69:08:30:91:05:e6: e0:6a:76:03:71:d7:83:56:22:ff:34:1f:7c:7e:32:e9:b8:ba: a7:40:88:ab:fe:d8:04:80:30:21:95:fa:66:3a:ac:b4:6a:44: cb:32:4a:0c:ea:f9:78:00:90:c4:02:b0:4d:fe:64:34:69:54: 2f:1c:b3:fd:42:a0:c4:7f:91:dc:29:09:59:cd:f1:27:b3:77: 13:ec:55:b0:3f:b5:32:14:1c:c4:1a:5c:d4:73:87:d6:56:79: c2:9c:bd:65:64:f6:37:d7:89:b4:a5:f6:32:45:ea:6d:24:a3: 71:cc:25:3d:fe:48:89:95:76:41:28:9e:a7:51:e3:de:ae:ec: cb:de:ed:93:36:ab:01:36:66:a3:66:cb:18:66:03:a3:02:1c: 65:ed:8a:92:a4:68:71:1b:f4:10:54:35:af:ea:60:60:c6:a8: 65:e7:eb:41:f0:0d:24:56:79:58:0b:fe:4a:d8:2f:5d:d8:e6: 81:e8:d4:2c:c2:29:f1:d8:8f:94:5f:1f:67:eb:f8:2f:b1:b9: 66:4e:f1:46:de:0f:b2:b2:12:0e:ea:77:9b:58:1b:bc:ba:3d: 95:d0:58:d3:33:d8:14:ca:8e:4f:a7:d0:65:31:5e:01:e9:f9: 1c:c0:b7:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwEskHuwb5c/3rmgV4nXFd0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk MDZhODUwHhcNMjYwMTI4MTMwMTU2WhcNMjYwMTI5MTMwMTU2WjAzMTEwLwYDVQQD Eyg1YzQyZDQ1YWNlZTkwZmIyNzJmNjM2MjUxMDIwM2YxMzZkYzMwYzhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ/l1cBT8KefBEZMij0pt2AUji0Y Zq0I+2wyPa9JXS3gTKAk3opAMnwSzebx5JYavQUk5BXojZhIKD1dRIRDdPOYuy9M bQWKaJSqckXyTrMGFhbW5fJxy9nq8H8E3V7nhTDQ+PVDPvwL/9kDSMn3JfuWsZDW WDlbk7UxyCfqG12Fq2yimLQgredvBWGEkctA2pQVmR/BIFcB2Ff8USqNyUhz3JQe +fE6jXbO7m4BjbcjIDU+O6BK2/ROPEWYglHI4S04gSy+MehQk6Fgchw+iznfscnm 3s9CY95ZGXo/DQ2hK60/IEKkeSp4kO4F1KF3IWvT4iyDvp4sFW7rsr1vcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFxC1FrO6Q+ycvY2JRAgPxNtwwyMMB8GA1UdIwQY MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGGJJy23Q waIQJpvMaQgwkQXm4Gp2A3HXg1Yi/zQffH4y6bi6p0CIq/7YBIAwIZX6ZjqstGpE yzJKDOr5eACQxAKwTf5kNGlULxyz/UKgxH+R3CkJWc3xJ7N3E+xVsD+1MhQcxBpc 1HOH1lZ5wpy9ZWT2N9eJtKX2MkXqbSSjccwlPf5IiZV2QSiep1Hj3q7sy97tkzar ATZmo2bLGGYDowIcZe2KkqRocRv0EFQ1r+pgYMaoZefrQfANJFZ5WAv+StgvXdjm gejULMIp8diPlF8fZ+v4L7G5Zk7xRt4PsrISDup3m1gbvLo9ldBY0zPYFMqOT6fQ ZTFeAen5HMC3Kw== -----END CERTIFICATE-----Generated at Wed Jan 28 17:55:51 2026 by rpki-client