This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft File: nSAoCNH5FFVeG9WcFncof_mztZA.mft (raw, json) Hash identifier: HkTdk04bdIw4CzZ35kQ6a5fWUFAudyTGHSkGpzfmbcc= Subject key identifier: 2D:AB:26:A5:D3:13:07:C2:ED:BB:68:43:71:13:1C:AC:69:17:04:62 Authority key identifier: 9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 Certificate issuer: /CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Certificate serial: 019BFCF7702E847B9BE10EA39D966EF2869A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft Manifest number: 11F6 Signing time: Tue 27 Jan 2026 01:00:33 +0000 Manifest this update: Tue 27 Jan 2026 01:00:33 +0000 Manifest next update: Wed 28 Jan 2026 01:00:33 +0000 Files and hashes: 1: 8hQk0KTYs3g5ZR66-EC5Vv0X6G8.roa (hash: xP2My60JlMvvPw+zYTcbdyBWhfmdlTseIN2HIlpIMRY=) 2: nSAoCNH5FFVeG9WcFncof_mztZA.crl (hash: sJ/NuFrj6OR01xFWelHyplxnMOZssU3Dk8VMhezlGYU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:f7:70:2e:84:7b:9b:e1:0e:a3:9d:96:6e:f2:86:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d202808d1f914555e1bd59c1677287ff9b3b590 Validity Not Before: Jan 27 01:00:33 2026 GMT Not After : Jan 28 01:00:33 2026 GMT Subject: CN=2dab26a5d31307c2edbb684371131cac69170462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8d:3e:21:62:97:85:b2:89:16:73:3f:7e:f6: b5:2c:e2:e3:38:66:0c:06:c1:d1:c1:09:83:23:eb: 0d:08:ba:97:ce:0e:60:e0:8a:33:15:22:d3:90:5f: cc:ae:99:a2:7d:b1:f8:ea:ef:b3:73:57:1a:71:42: 1d:f3:d9:15:23:55:f2:ed:b4:dc:b7:52:33:3e:1f: 99:04:0b:7a:09:45:29:1b:f1:62:5d:1b:71:88:5d: 92:31:0a:0a:bc:32:00:70:2b:89:e7:8d:c5:50:79: f1:2d:2d:5a:7c:b3:a9:e0:3b:aa:44:ef:b2:48:a0: 94:5f:db:49:32:da:e1:7c:34:7e:98:70:3b:d1:d4: fb:e2:91:5b:b6:bf:d7:5f:7c:65:d2:38:4e:39:0b: 53:d0:ae:c8:81:b7:8d:a8:bb:9d:56:69:e7:9f:0d: 49:fc:3d:6e:22:38:2e:8e:ec:b4:ef:cd:a2:1c:ff: 0a:07:ef:ba:a3:d5:96:1d:c5:ee:df:43:70:bc:c7: ee:e4:06:c7:03:c1:27:b6:5b:bf:c7:e0:a5:43:d8: f1:bf:3f:ff:08:55:fd:66:54:cd:3b:16:76:90:f9: e2:b6:fe:f0:31:f2:49:e0:97:27:e1:d9:57:c1:9a: b9:44:f8:49:99:cf:f4:3d:98:63:ea:79:3d:86:5a: cf:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:AB:26:A5:D3:13:07:C2:ED:BB:68:43:71:13:1C:AC:69:17:04:62 X509v3 Authority Key Identifier: keyid:9D:20:28:08:D1:F9:14:55:5E:1B:D5:9C:16:77:28:7F:F9:B3:B5:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSAoCNH5FFVeG9WcFncof_mztZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a5c069-8061-4dee-9568-880b2df57f25/1/nSAoCNH5FFVeG9WcFncof_mztZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:7a:9f:68:1e:bd:d3:7e:76:6e:5a:67:c1:e6:ce:60:2e:a1: 51:49:03:e6:4c:9a:36:3f:f1:25:75:b2:8f:17:34:2f:46:15: 4d:6f:ba:0c:fe:00:af:8c:e6:17:51:9d:34:22:88:99:23:35: ec:92:d5:3b:d5:eb:b0:e1:82:80:8d:d9:3f:40:3f:a9:ed:94: 6e:c4:4c:55:16:94:17:77:61:99:f7:9e:cd:90:ff:64:a8:be: 35:84:11:d0:bf:ba:e9:3b:66:c6:d2:84:3f:31:9b:a1:39:55: 74:d1:13:a7:3a:61:96:fe:d1:e4:c7:4b:36:89:92:e5:2d:c8: cc:9c:e2:53:e6:f9:09:67:13:07:a6:72:11:a0:ed:4b:44:e5: 5b:6a:b5:aa:46:bf:dc:70:7c:35:3a:25:9e:4e:a4:4b:53:9c: 21:c5:de:c3:6c:0d:64:98:bb:d1:ff:b5:bb:8b:67:66:b4:0a: 37:98:fa:6c:b1:cb:07:91:cd:ed:c8:15:09:d7:10:d7:15:7b: a4:8b:a8:13:60:0a:31:1a:59:bd:a2:f7:65:6a:4f:a9:07:18: 82:88:44:87:dc:db:7e:86:46:ed:c7:f7:df:d3:9f:fd:a6:08: b3:31:df:a5:f6:27:11:96:15:74:61:b9:7e:30:fb:b7:ab:7d: fa:c9:cd:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv893AuhHub4Q6jnZZu8oaaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjAyODA4ZDFmOTE0NTU1ZTFiZDU5YzE2NzcyODdmZjli M2I1OTAwHhcNMjYwMTI3MDEwMDMzWhcNMjYwMTI4MDEwMDMzWjAzMTEwLwYDVQQD EygyZGFiMjZhNWQzMTMwN2MyZWRiYjY4NDM3MTEzMWNhYzY5MTcwNDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso0+IWKXhbKJFnM/fva1LOLjOGYM BsHRwQmDI+sNCLqXzg5g4IozFSLTkF/MrpmifbH46u+zc1cacUId89kVI1Xy7bTc t1IzPh+ZBAt6CUUpG/FiXRtxiF2SMQoKvDIAcCuJ543FUHnxLS1afLOp4DuqRO+y SKCUX9tJMtrhfDR+mHA70dT74pFbtr/XX3xl0jhOOQtT0K7IgbeNqLudVmnnnw1J /D1uIjgujuy0782iHP8KB++6o9WWHcXu30NwvMfu5AbHA8Entlu/x+ClQ9jxvz// CFX9ZlTNOxZ2kPnitv7wMfJJ4Jcn4dlXwZq5RPhJmc/0PZhj6nk9hlrPgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC2rJqXTEwfC7btoQ3ETHKxpFwRiMB8GA1UdIwQY MBaAFJ0gKAjR+RRVXhvVnBZ3KH/5s7WQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1Njgt ODgwYjJkZjU3ZjI1LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9hNWMwNjktODA2MS00ZGVlLTk1NjgtODgwYjJkZjU3ZjI1 LzEvblNBb0NOSDVGRlZlRzlXY0ZuY29mX216dFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnqfaB69 0352blpnwebOYC6hUUkD5kyaNj/xJXWyjxc0L0YVTW+6DP4Ar4zmF1GdNCKImSM1 7JLVO9XrsOGCgI3ZP0A/qe2UbsRMVRaUF3dhmfeezZD/ZKi+NYQR0L+66TtmxtKE PzGboTlVdNETpzphlv7R5MdLNomS5S3IzJziU+b5CWcTB6ZyEaDtS0TlW2q1qka/ 3HB8NTolnk6kS1OcIcXew2wNZJi70f+1u4tnZrQKN5j6bLHLB5HN7cgVCdcQ1xV7 pIuoE2AKMRpZvaL3ZWpPqQcYgohEh9zbfoZG7cf339Of/aYIszHfpfYnEZYVdGG5 fjD7t6t9+snNig== -----END CERTIFICATE-----Generated at Tue Jan 27 06:07:39 2026 by rpki-client