This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft File: 1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft (raw, json) Hash identifier: 8PuS3bo+BNg8UBeyxCIsjyZx1QoAMg/mTzPQprxJ/Os= Subject key identifier: 40:42:7E:95:CE:54:24:FC:D8:EC:6B:9B:BC:72:A7:E8:AB:D4:D1:7C Authority key identifier: D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA Certificate issuer: /CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa Certificate serial: 019BFD65E28242AD2D92F3A297A540F5ABC2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft Manifest number: 17EC Signing time: Tue 27 Jan 2026 03:01:11 +0000 Manifest this update: Tue 27 Jan 2026 03:01:11 +0000 Manifest next update: Wed 28 Jan 2026 03:01:11 +0000 Files and hashes: 1: 1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl (hash: l665JxAscbl/OF0QiTwB25j8BH2Cq8ullyzQLXhjlFM=) 2: b15waVmeZUiAPXdSgALdQ8K_I1k.roa (hash: 8OOWK/04HtqvAlybr5ZST2AvUlB+dJIHZXLz3leFYTg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fd:65:e2:82:42:ad:2d:92:f3:a2:97:a5:40:f5:ab:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa Validity Not Before: Jan 27 03:01:11 2026 GMT Not After : Jan 28 03:01:11 2026 GMT Subject: CN=40427e95ce5424fcd8ec6b9bbc72a7e8abd4d17c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:4f:1f:7e:67:2c:6e:bf:ff:12:2b:bf:db:25: 19:74:dc:7f:f9:2e:48:de:83:00:e8:3d:1c:72:99: 3a:45:b3:63:13:0c:f4:3b:fa:27:c4:39:8a:75:9a: f6:64:62:4c:f4:42:05:b4:a1:8c:ad:fe:21:b7:fc: d2:82:0b:c4:71:18:5a:99:8d:be:05:22:69:bd:fa: da:da:4d:19:16:4c:a3:65:72:7b:1b:a7:43:c7:d4: d6:76:7d:db:1f:c8:50:c6:ec:2e:4d:c9:17:01:5f: c7:0c:db:05:ec:c8:cc:a3:88:a7:67:17:56:c3:eb: 17:08:a5:c7:a2:80:20:19:67:dd:2f:c3:aa:22:70: f4:92:03:d0:d7:5a:25:86:71:4d:d8:f8:d1:a8:ac: 9c:fa:bf:05:cb:cd:58:df:11:27:62:34:39:1d:9a: a1:9e:ec:a8:cb:70:a2:4b:94:23:6a:1f:77:92:52: 9f:51:51:7f:20:cf:21:5b:ef:d9:c8:74:c8:4e:ce: eb:0f:a4:9e:e0:7c:36:04:d8:ae:98:17:37:8a:2b: f5:f7:6b:e3:6f:f2:7d:ee:dd:ad:67:7d:dc:d6:ff: 9e:9e:35:65:2c:01:0c:84:83:c6:98:99:bd:d3:79: 50:10:30:54:95:2d:ca:3f:13:19:60:db:e9:14:dc: 5d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:42:7E:95:CE:54:24:FC:D8:EC:6B:9B:BC:72:A7:E8:AB:D4:D1:7C X509v3 Authority Key Identifier: keyid:D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:3c:e6:08:23:d4:1e:59:01:4d:0c:2f:48:83:c5:24:11:c4: b8:da:45:1a:cc:5b:c6:10:51:63:7c:d7:fa:a0:53:ad:0b:51: b8:3b:03:17:bd:00:f4:af:d3:1b:79:7d:0f:b6:fd:7f:d5:73: 94:66:8a:7b:f9:11:23:33:77:c3:9e:5d:f6:f0:0b:f4:8c:6b: b6:f5:c1:40:e8:91:b9:fa:d5:d0:00:1f:c5:85:95:00:f2:28: 39:2a:d1:f6:5f:6d:d3:1c:a7:bb:1d:9e:d9:1c:29:1b:51:11: 71:ff:3f:c9:b7:b4:c4:55:27:40:68:50:4e:35:bd:a9:20:c4: 86:73:19:67:54:8f:91:37:d7:ef:e4:ce:27:d8:e5:a6:95:8d: 17:06:9f:ff:4d:65:2c:de:ac:29:4f:48:be:f6:e4:ee:14:da: 22:8c:22:ba:7c:a7:9f:5a:68:26:e5:11:fa:a8:36:5c:38:08: 56:06:a7:0c:97:11:5d:3a:95:5a:13:a3:55:13:25:de:07:bc: d0:be:b7:8a:6e:f6:bf:da:85:31:a8:10:9d:10:c1:b3:20:ed: 15:00:72:5a:30:bc:8c:ca:6a:3e:64:a7:9c:c9:5b:b3:73:7e: e6:23:03:25:e0:11:93:96:4f:69:ec:ac:0b:d3:7d:df:95:6b: 49:35:1b:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv9ZeKCQq0tkvOil6VA9avCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MzY3ZmMyNGQwMDRmNzFkZDJhZWYwM2Y5Y2I0ZjJlM2Y5 MDg2YWEwHhcNMjYwMTI3MDMwMTExWhcNMjYwMTI4MDMwMTExWjAzMTEwLwYDVQQD Eyg0MDQyN2U5NWNlNTQyNGZjZDhlYzZiOWJiYzcyYTdlOGFiZDRkMTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA808ffmcsbr//Eiu/2yUZdNx/+S5I 3oMA6D0ccpk6RbNjEwz0O/onxDmKdZr2ZGJM9EIFtKGMrf4ht/zSggvEcRhamY2+ BSJpvfra2k0ZFkyjZXJ7G6dDx9TWdn3bH8hQxuwuTckXAV/HDNsF7MjMo4inZxdW w+sXCKXHooAgGWfdL8OqInD0kgPQ11olhnFN2PjRqKyc+r8Fy81Y3xEnYjQ5HZqh nuyoy3CiS5Qjah93klKfUVF/IM8hW+/ZyHTITs7rD6Se4Hw2BNiumBc3iiv192vj b/J97t2tZ33c1v+enjVlLAEMhIPGmJm903lQEDBUlS3KPxMZYNvpFNxdVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEBCfpXOVCT82Oxrm7xyp+ir1NF8MB8GA1UdIwQY MBaAFNc2f8JNAE9x3SrvA/nLTy4/kIaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQt YjljNzk0ZTAzY2JhLzEvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQtYjljNzk0ZTAzY2Jh LzEvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDzmCCPU HlkBTQwvSIPFJBHEuNpFGsxbxhBRY3zX+qBTrQtRuDsDF70A9K/TG3l9D7b9f9Vz lGaKe/kRIzN3w55d9vAL9IxrtvXBQOiRufrV0AAfxYWVAPIoOSrR9l9t0xynux2e 2RwpG1ERcf8/ybe0xFUnQGhQTjW9qSDEhnMZZ1SPkTfX7+TOJ9jlppWNFwaf/01l LN6sKU9Ivvbk7hTaIowiunynn1poJuUR+qg2XDgIVganDJcRXTqVWhOjVRMl3ge8 0L63im72v9qFMagQnRDBsyDtFQByWjC8jMpqPmSnnMlbs3N+5iMDJeARk5ZPaeys C9N935VrSTUbpw== -----END CERTIFICATE-----Generated at Tue Jan 27 06:08:03 2026 by rpki-client