This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft File: NYzSZ8VKP8IovKHe43LZbGA3PCc.mft (raw, json) Hash identifier: J84gNGn7FFFHHIW82kLDqbkTL5FnA0OksHWj7P9uAho= Subject key identifier: E1:AB:FF:9C:8D:92:D3:BF:C6:0B:67:85:C0:40:D2:A6:DA:78:8B:13 Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27 Certificate serial: 019BCFE80A564274C8813EB83581CD2DCA3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft Manifest number: B5 Signing time: Sun 18 Jan 2026 07:00:49 +0000 Manifest this update: Sun 18 Jan 2026 07:00:49 +0000 Manifest next update: Mon 19 Jan 2026 07:00:49 +0000 Files and hashes: 1: 5AyUcUP8UFa03d6jQItDEbWXyi0.roa (hash: ZjaIy+ybGhKGWcrRG6dw/kl40YV5Z1/+6QWlVZn1AoA=) 2: NYzSZ8VKP8IovKHe43LZbGA3PCc.crl (hash: BxdmF35nsUaP0AgUaNyadAzrnZ7bATUA/0tKvpRm19w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:cf:e8:0a:56:42:74:c8:81:3e:b8:35:81:cd:2d:ca:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27 Validity Not Before: Jan 18 07:00:49 2026 GMT Not After : Jan 19 07:00:49 2026 GMT Subject: CN=e1abff9c8d92d3bfc60b6785c040d2a6da788b13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:68:ea:c6:8b:85:af:7a:d1:56:bc:1f:df:c3: 04:1f:2b:33:70:8c:da:df:98:55:51:18:51:8c:39: 24:bc:da:1a:68:c4:0d:ea:47:f5:c2:50:56:30:91: 25:b4:b7:ea:b6:ec:61:ee:93:2f:9d:72:fa:c9:7b: 40:f4:1c:40:1a:5f:b4:8d:4d:4b:8d:d4:42:a1:01: 3f:36:50:88:ab:a0:09:3a:fc:59:da:b2:f1:7c:9c: fe:ac:44:25:51:db:80:bb:37:ea:20:0f:b4:58:fe: 61:a3:27:a2:b6:cc:6a:ec:28:b6:9e:de:20:00:b5: 6d:7e:8a:d4:3f:8c:22:77:93:36:80:5b:45:44:fc: a2:e4:a0:42:e8:47:70:66:f0:10:2c:be:f1:9f:c0: 83:39:9a:8e:2a:59:a7:80:80:ca:1a:47:47:55:b2: d0:6d:37:6e:02:c6:ad:f4:48:dc:4a:3b:fd:a9:e8: 0c:55:43:d5:5f:22:c1:5a:43:58:bc:0f:c3:4a:45: b1:4f:99:dc:f6:29:b7:7f:62:97:3c:0a:c6:ae:29: a7:45:e2:f4:7b:6a:e5:23:08:fc:35:ca:2c:b6:e7: 26:19:b9:85:29:e6:82:21:14:8d:9c:67:a2:53:8d: 51:78:12:f8:83:fa:1b:06:f2:07:ca:65:c8:45:61: 20:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:AB:FF:9C:8D:92:D3:BF:C6:0B:67:85:C0:40:D2:A6:DA:78:8B:13 X509v3 Authority Key Identifier: keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:7d:58:df:b1:da:06:33:ba:de:c4:97:df:cd:d8:c2:54:e7: 36:46:f1:89:8c:cb:31:76:14:3e:12:71:9d:76:3a:4b:ed:f2: 52:cc:6a:26:e0:97:03:b3:d0:a9:44:6c:80:26:55:ca:38:ef: 0c:50:e9:a1:a9:24:98:3a:6d:52:9c:e6:0f:b6:7b:5a:8a:6d: a6:6c:70:7c:3e:32:42:47:25:53:66:bd:31:b1:4a:60:25:2b: 72:30:14:82:5f:12:48:2f:b9:17:4c:20:48:30:53:86:4a:9c: 79:a6:c2:fd:d1:55:86:dc:81:fa:bd:ae:be:54:28:e9:a8:2f: 00:5a:bd:e2:8e:7b:ca:bf:45:4e:4f:29:2f:40:e8:5a:1c:0e: 86:50:2b:19:25:40:16:f4:de:1d:05:76:52:97:7b:83:f4:73: 3b:9c:60:98:99:f4:dd:ff:4d:9c:5d:0b:eb:58:93:ac:da:e4: 0d:7d:90:05:3c:ec:30:c5:a7:e2:c1:0a:37:07:08:2a:a5:07: 01:39:20:15:a2:b3:e0:9a:59:14:44:37:99:5d:ec:a9:cd:56: f5:8e:45:1f:4e:24:ce:b7:47:a2:52:21:b2:d4:01:dd:75:96: 42:70:0d:61:8b:36:80:f5:3b:38:40:0f:67:13:f9:1e:6e:46: a1:fb:00:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvP6ApWQnTIgT64NYHNLco+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz NzNjMjcwHhcNMjYwMTE4MDcwMDQ5WhcNMjYwMTE5MDcwMDQ5WjAzMTEwLwYDVQQD EyhlMWFiZmY5YzhkOTJkM2JmYzYwYjY3ODVjMDQwZDJhNmRhNzg4YjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGjqxouFr3rRVrwf38MEHyszcIza 35hVURhRjDkkvNoaaMQN6kf1wlBWMJEltLfqtuxh7pMvnXL6yXtA9BxAGl+0jU1L jdRCoQE/NlCIq6AJOvxZ2rLxfJz+rEQlUduAuzfqIA+0WP5hoyeitsxq7Ci2nt4g ALVtforUP4wid5M2gFtFRPyi5KBC6EdwZvAQLL7xn8CDOZqOKlmngIDKGkdHVbLQ bTduAsat9EjcSjv9qegMVUPVXyLBWkNYvA/DSkWxT5nc9im3f2KXPArGrimnReL0 e2rlIwj8NcostucmGbmFKeaCIRSNnGeiU41ReBL4g/obBvIHymXIRWEg/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOGr/5yNktO/xgtnhcBA0qbaeIsTMB8GA1UdIwQY MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt OGEyZTlhNDY4MTliLzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtX1Y37Ha BjO63sSX383YwlTnNkbxiYzLMXYUPhJxnXY6S+3yUsxqJuCXA7PQqURsgCZVyjjv DFDpoakkmDptUpzmD7Z7WoptpmxwfD4yQkclU2a9MbFKYCUrcjAUgl8SSC+5F0wg SDBThkqceabC/dFVhtyB+r2uvlQo6agvAFq94o57yr9FTk8pL0DoWhwOhlArGSVA FvTeHQV2Upd7g/RzO5xgmJn03f9NnF0L61iTrNrkDX2QBTzsMMWn4sEKNwcIKqUH ATkgFaKz4JpZFEQ3mV3sqc1W9Y5FH04kzrdHolIhstQB3XWWQnANYYs2gPU7OEAP ZxP5Hm5GofsAGQ== -----END CERTIFICATE-----Generated at Sun Jan 18 14:17:47 2026 by rpki-client