This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft File: Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft (raw, json) Hash identifier: IUwc4+X36Z1DjlsHkIzXWE/pa3FJ+1I8NtOTUiM0MGc= Subject key identifier: 71:9F:7D:9C:CE:15:7B:78:12:78:68:6B:22:8A:5D:4D:CF:55:BC:35 Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e Certificate serial: 019BFAD29A45992FE5386BA48916180D660B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft Manifest number: 17EE Signing time: Mon 26 Jan 2026 15:01:04 +0000 Manifest this update: Mon 26 Jan 2026 15:01:04 +0000 Manifest next update: Tue 27 Jan 2026 15:01:04 +0000 Files and hashes: 1: Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl (hash: eDUD3fiWZFyyQIsrXOxijI20iEIoX5HdNY/eWwJDQow=) 2: SdYBPf9hyZeCBZ0CXzRVluMGnGU.roa (hash: hgdsfyjTVsGnv4VajpzC0ZJUGOBghoLM7l+xd5EQZGI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:d2:9a:45:99:2f:e5:38:6b:a4:89:16:18:0d:66:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e Validity Not Before: Jan 26 15:01:04 2026 GMT Not After : Jan 27 15:01:04 2026 GMT Subject: CN=719f7d9cce157b781278686b228a5d4dcf55bc35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b9:b1:77:bb:0b:5c:84:ed:f2:52:fe:e8:11: f5:0a:15:f1:26:d1:95:e4:61:49:64:87:39:cc:84: a3:7e:ea:2f:7b:46:b9:40:8d:a5:9d:cc:78:21:a0: a2:7f:56:11:b2:58:6b:58:a9:36:1a:12:fa:95:88: e5:d6:0a:8e:6b:cb:da:30:a5:ad:de:66:ac:a2:2e: 01:c7:bd:d4:7a:78:43:f0:11:cf:fb:29:b7:7a:47: 08:c3:e7:6a:6c:e9:f5:39:a9:10:2b:74:cf:ec:c5: 67:63:96:6a:8a:e4:a6:c7:90:34:2c:50:df:99:3f: 48:b0:fa:42:dd:c2:b1:ac:95:af:47:06:e1:20:18: c5:8e:15:e4:a8:e3:50:40:85:4a:97:41:8f:33:62: ed:64:4f:b6:ac:d1:01:a1:84:58:b5:76:a4:c3:b7: 9a:34:78:db:93:3f:5a:05:3f:fa:b2:73:e2:8f:97: f4:d3:11:81:f5:75:3d:7b:8c:7b:d2:ef:77:94:4f: 54:eb:12:c2:8d:7d:19:3e:08:02:12:1b:8e:f4:a1: 3a:c9:f4:7c:fa:b3:06:00:4e:5f:21:dc:be:fd:61: f2:2b:b9:73:46:15:8e:40:66:d7:aa:5e:84:36:a3: ff:bd:25:f2:7e:34:dd:18:64:50:5c:8f:d5:32:17: c2:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:9F:7D:9C:CE:15:7B:78:12:78:68:6B:22:8A:5D:4D:CF:55:BC:35 X509v3 Authority Key Identifier: keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:27:5a:2d:a0:4f:fd:6a:97:b1:01:66:ab:a8:ba:fc:5a:9e: e3:12:04:98:54:33:01:f1:d5:c2:e2:10:3d:42:99:60:db:40: 96:70:5c:d7:d9:8e:6d:b1:32:5b:4c:ec:5c:69:34:b5:64:ed: d4:ea:c4:78:a0:63:b7:92:10:54:db:10:26:a6:13:bc:9d:1d: 3c:6c:6e:12:37:b2:20:65:25:4d:e5:f6:8f:86:2f:f4:82:81: b3:57:52:e4:49:9c:02:a6:d9:2e:e2:b7:77:8b:96:52:71:8d: a4:73:b2:a9:cd:7f:e6:9f:f6:ce:e8:0a:01:12:75:91:3c:7e: 99:dd:06:73:96:57:8a:f1:c8:60:ff:0b:bb:6e:04:a7:e7:54: 60:aa:e7:cf:65:c6:d4:7f:98:9c:c8:03:c2:c9:d0:2b:f5:8e: 35:af:cc:ab:4f:0c:1c:99:94:40:4a:dc:f8:6e:04:d4:96:56: 25:ed:7b:aa:ab:b2:49:2e:3f:82:06:8b:87:71:00:03:86:d3: fd:41:3e:39:bb:05:f1:e1:95:3d:de:25:38:3e:4e:f3:8f:d7: d4:d5:b8:6f:95:8f:9e:a9:43:4c:2e:15:27:62:be:a9:c8:77: 5a:a3:5c:6c:59:c2:c0:07:a9:74:f4:4a:6e:37:33:e9:70:ae: df:18:d5:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv60ppFmS/lOGukiRYYDWYLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk ODIwNGUwHhcNMjYwMTI2MTUwMTA0WhcNMjYwMTI3MTUwMTA0WjAzMTEwLwYDVQQD Eyg3MTlmN2Q5Y2NlMTU3Yjc4MTI3ODY4NmIyMjhhNWQ0ZGNmNTViYzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27mxd7sLXITt8lL+6BH1ChXxJtGV 5GFJZIc5zISjfuove0a5QI2lncx4IaCif1YRslhrWKk2GhL6lYjl1gqOa8vaMKWt 3masoi4Bx73UenhD8BHP+ym3ekcIw+dqbOn1OakQK3TP7MVnY5ZqiuSmx5A0LFDf mT9IsPpC3cKxrJWvRwbhIBjFjhXkqONQQIVKl0GPM2LtZE+2rNEBoYRYtXakw7ea NHjbkz9aBT/6snPij5f00xGB9XU9e4x70u93lE9U6xLCjX0ZPggCEhuO9KE6yfR8 +rMGAE5fIdy+/WHyK7lzRhWOQGbXql6ENqP/vSXyfjTdGGRQXI/VMhfC5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHGffZzOFXt4EnhoayKKXU3PVbw1MB8GA1UdIwQY MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct ZTJhZTA1NWVjZWQxLzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzSdaLaBP /WqXsQFmq6i6/Fqe4xIEmFQzAfHVwuIQPUKZYNtAlnBc19mObbEyW0zsXGk0tWTt 1OrEeKBjt5IQVNsQJqYTvJ0dPGxuEjeyIGUlTeX2j4Yv9IKBs1dS5EmcAqbZLuK3 d4uWUnGNpHOyqc1/5p/2zugKARJ1kTx+md0Gc5ZXivHIYP8Lu24Ep+dUYKrnz2XG 1H+YnMgDwsnQK/WONa/Mq08MHJmUQErc+G4E1JZWJe17qquySS4/ggaLh3EAA4bT /UE+ObsF8eGVPd4lOD5O84/X1NW4b5WPnqlDTC4VJ2K+qch3WqNcbFnCwAepdPRK bjcz6XCu3xjVCA== -----END CERTIFICATE-----Generated at Mon Jan 26 18:46:30 2026 by rpki-client