This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft File: YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft (raw, json) Hash identifier: ODLCDy3kBuJkU88zecGe767wnM+zyO7FWPDSd8vn4l0= Subject key identifier: 04:3D:AF:95:FC:26:9B:C8:21:03:BF:A6:CD:E7:17:E5:BF:C6:24:DB Authority key identifier: 61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31 Certificate issuer: /CN=61041121ccc6e65d933961fd572d59e261f21a31 Certificate serial: 019BFB099F473A553063ADD395A5798C3E81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft Manifest number: 17EC Signing time: Mon 26 Jan 2026 16:01:10 +0000 Manifest this update: Mon 26 Jan 2026 16:01:10 +0000 Manifest next update: Tue 27 Jan 2026 16:01:10 +0000 Files and hashes: 1: 8x9EixpS_cTo1YUsFO5RBhE9yQg.roa (hash: H+557dvreWM3Tp/NNdorNLcHs2h/JJEHvmmY5yieUec=) 2: YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl (hash: pGSyBLbIeVt5zmuf/efcgniq504TaRxL/wwd+SlU/h8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 16:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:09:9f:47:3a:55:30:63:ad:d3:95:a5:79:8c:3e:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61041121ccc6e65d933961fd572d59e261f21a31 Validity Not Before: Jan 26 16:01:10 2026 GMT Not After : Jan 27 16:01:10 2026 GMT Subject: CN=043daf95fc269bc82103bfa6cde717e5bfc624db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2d:ea:73:c8:2a:68:f9:a7:f7:96:c7:53:60: c4:0b:4c:f8:08:b8:76:40:9a:16:7c:06:69:ce:47: 82:2a:53:0b:f0:72:b5:ae:2c:52:26:7c:9b:58:38: 7c:95:4a:26:9d:5c:8c:e9:0d:46:78:ae:45:99:bc: 5e:b6:07:24:03:eb:f0:1f:fc:18:85:b4:5f:03:da: fb:48:3a:e0:06:ed:cd:15:ef:44:47:1e:13:3f:41: ae:06:91:db:88:9b:d0:f4:3e:5b:65:c9:6e:a1:a2: 15:34:a1:a3:57:c9:91:18:6e:90:74:c3:55:29:8e: d5:8c:f6:02:af:8a:04:38:24:c5:71:07:49:e0:6e: 87:a7:4e:8e:e5:d0:48:f9:ca:5b:00:15:ef:08:a7: 9e:68:51:a9:51:1e:75:96:4e:02:13:03:61:e3:78: c6:e1:d7:71:cd:6a:0c:da:2b:cc:ee:e2:a9:6e:b9: ea:64:3e:73:fa:c9:70:13:41:f0:02:fa:90:f0:a0: 1a:8f:73:d2:da:9b:fa:c9:b9:d9:d8:79:ef:11:77: 49:3e:5f:43:86:b5:b3:7d:1a:1d:5e:cc:82:3c:d6: b6:9e:5c:07:aa:b2:ed:66:81:fa:3c:32:8d:45:32: a7:dc:e0:8b:a8:77:7b:4c:8b:83:e3:a4:bb:7a:79: 8d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:3D:AF:95:FC:26:9B:C8:21:03:BF:A6:CD:E7:17:E5:BF:C6:24:DB X509v3 Authority Key Identifier: keyid:61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:ce:9f:c9:2d:68:3d:b2:1e:c2:72:40:01:0c:3f:6e:da:55: 42:80:01:c8:d7:fc:fc:6c:57:b3:dc:08:17:57:43:80:a0:41: f6:b2:c4:67:71:c8:f5:46:e4:a9:36:ea:b0:65:43:85:4a:88: cd:32:b2:a1:c2:b8:3f:b2:18:1b:4a:38:54:8a:22:e6:bd:f2: d0:3a:06:93:0b:cf:fd:58:03:d2:bd:7a:1f:66:0c:28:61:ca: 21:e0:92:e4:7f:5f:b2:d8:da:db:62:af:10:c6:d6:49:00:52: 0d:9d:df:2e:cd:e5:5f:41:0b:4a:cf:37:09:15:7a:48:da:35: 7b:4e:c5:d3:36:c4:ce:72:b5:4c:ea:b5:4e:02:2f:50:5b:ae: e7:d8:c0:29:95:5a:1f:40:3a:f1:4a:dc:b3:eb:10:9b:0d:d9: 4f:87:d4:bb:9c:7f:17:b9:e8:db:a1:64:a2:e7:c8:de:21:f7: ff:5a:99:de:04:34:38:82:4a:88:9f:f2:c4:f9:3a:a3:a1:73: 02:36:2f:cd:ef:a5:e9:4d:c9:57:92:e1:79:72:2e:43:47:ad: 20:83:42:51:72:ce:48:39:48:12:67:f3:f9:43:6b:c2:13:07: 92:f6:cb:08:58:5f:52:71:91:49:65:e4:92:f0:66:48:f0:40: 19:a2:eb:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7CZ9HOlUwY63TlaV5jD6BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxMDQxMTIxY2NjNmU2NWQ5MzM5NjFmZDU3MmQ1OWUyNjFm MjFhMzEwHhcNMjYwMTI2MTYwMTEwWhcNMjYwMTI3MTYwMTEwWjAzMTEwLwYDVQQD EygwNDNkYWY5NWZjMjY5YmM4MjEwM2JmYTZjZGU3MTdlNWJmYzYyNGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy3qc8gqaPmn95bHU2DEC0z4CLh2 QJoWfAZpzkeCKlML8HK1rixSJnybWDh8lUomnVyM6Q1GeK5FmbxetgckA+vwH/wY hbRfA9r7SDrgBu3NFe9ERx4TP0GuBpHbiJvQ9D5bZcluoaIVNKGjV8mRGG6QdMNV KY7VjPYCr4oEOCTFcQdJ4G6Hp06O5dBI+cpbABXvCKeeaFGpUR51lk4CEwNh43jG 4ddxzWoM2ivM7uKpbrnqZD5z+slwE0HwAvqQ8KAaj3PS2pv6ybnZ2HnvEXdJPl9D hrWzfRodXsyCPNa2nlwHqrLtZoH6PDKNRTKn3OCLqHd7TIuD46S7enmNGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAQ9r5X8JpvIIQO/ps3nF+W/xiTbMB8GA1UdIwQY MBaAFGEEESHMxuZdkzlh/VctWeJh8hoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEt ZGJhNmQ3NTk0YzE5LzEvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEtZGJhNmQ3NTk0YzE5 LzEvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVs6fyS1o PbIewnJAAQw/btpVQoAByNf8/GxXs9wIF1dDgKBB9rLEZ3HI9UbkqTbqsGVDhUqI zTKyocK4P7IYG0o4VIoi5r3y0DoGkwvP/VgD0r16H2YMKGHKIeCS5H9fstja22Kv EMbWSQBSDZ3fLs3lX0ELSs83CRV6SNo1e07F0zbEznK1TOq1TgIvUFuu59jAKZVa H0A68Urcs+sQmw3ZT4fUu5x/F7no26FkoufI3iH3/1qZ3gQ0OIJKiJ/yxPk6o6Fz AjYvze+l6U3JV5LheXIuQ0etIINCUXLOSDlIEmfz+UNrwhMHkvbLCFhfUnGRSWXk kvBmSPBAGaLr0A== -----END CERTIFICATE-----Generated at Tue Jan 27 01:45:36 2026 by rpki-client