This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json) Hash identifier: ajvGDdQMABopq8ioR3UPos2M/mm7jiQXWL4QlYqINNY= Subject key identifier: D2:85:2D:43:21:E7:60:67:6F:05:D2:64:41:49:8C:FF:3D:EF:B3:51 Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Certificate serial: 019BFC89A340CCA71D29DB6D443BE2E25E40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft Manifest number: 0678 Signing time: Mon 26 Jan 2026 23:00:37 +0000 Manifest this update: Mon 26 Jan 2026 23:00:37 +0000 Manifest next update: Tue 27 Jan 2026 23:00:37 +0000 Files and hashes: 1: 2MeX37cZHGHHuxJtj1E28ddzIsI.roa (hash: LZd2fssCxVZOERqVCoqkBsBn4xYtLG5cKZGv8FiTdNw=) 2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: rrbln8/GNsnhdfxjqIzztHSHx+7wETeIuflyAcYnHjE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:89:a3:40:cc:a7:1d:29:db:6d:44:3b:e2:e2:5e:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Validity Not Before: Jan 26 23:00:37 2026 GMT Not After : Jan 27 23:00:37 2026 GMT Subject: CN=d2852d4321e760676f05d26441498cff3defb351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a9:c1:46:ef:e9:0d:89:4b:17:6b:cb:3f:5a: ba:75:2a:3e:17:e5:2f:b2:a4:f5:ac:d8:88:87:eb: c6:2a:2e:43:48:7b:ba:a3:51:42:93:c8:80:36:b0: 24:d1:9c:1f:e7:64:ef:a5:eb:2b:7c:79:f2:90:79: 2d:9e:e0:11:39:fa:1a:1b:f0:53:cb:cb:b1:d0:2c: 15:b5:30:24:7d:7d:4f:9b:f4:6e:9f:b3:48:fa:83: d0:22:4e:f9:9c:63:ff:91:a9:a8:ca:82:c0:ec:cc: a8:6b:bc:95:d5:6e:54:cb:24:0d:b5:bd:7f:cc:5c: ce:e3:e0:fb:6b:a1:a5:1b:0c:c5:31:e3:83:07:95: b0:d1:f8:83:c3:13:dd:61:cc:33:70:df:b0:16:66: aa:6a:e8:6c:c8:b6:ae:82:ce:24:64:aa:15:dd:d4: 7f:d0:7c:f8:25:98:46:41:9e:c3:f7:cb:70:c0:09: 3b:4f:a9:28:f9:c2:ff:9b:a3:2e:f5:d6:ed:c9:8f: 1b:90:d3:7e:b3:50:97:0b:97:bf:53:98:7d:a1:6e: 3c:fc:b5:8d:93:80:e7:ab:75:4b:0b:e6:65:c1:c1: e4:c0:78:7b:35:d2:95:54:39:84:79:4b:fe:f9:2c: 72:c2:5e:db:ba:d5:1b:4b:37:91:63:a5:a9:3d:8c: 02:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:85:2D:43:21:E7:60:67:6F:05:D2:64:41:49:8C:FF:3D:EF:B3:51 X509v3 Authority Key Identifier: keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:50:6c:15:90:0d:06:63:2d:6c:f1:a7:7c:ab:ed:f9:34:be: 5b:a9:89:a4:95:9f:93:06:33:87:01:ff:56:a3:8d:bc:b6:55: 36:14:6f:d9:ea:40:73:9d:97:77:9a:07:d3:81:88:15:07:25: 48:a2:b6:ac:38:2b:ac:68:e6:53:39:5f:4f:e1:87:04:ce:10: 87:ea:1a:90:39:97:e3:28:12:cc:cf:cc:4e:9f:ef:18:10:4c: 90:87:fd:e4:59:33:e9:6a:48:6b:f3:e0:e0:51:99:d3:bf:28: b0:47:1c:28:3b:0c:b5:93:b2:e6:90:61:84:f0:a6:7a:6f:8d: 7d:a6:3a:85:1d:a9:16:b4:7c:f1:4d:5b:79:b0:c6:8b:8a:53: 88:ab:e3:14:4f:07:49:c5:25:ad:c1:70:76:12:03:8c:7b:9c: 32:6b:41:b6:c0:d3:af:8e:e6:85:1b:92:d3:b5:ad:76:0e:3f: 18:10:54:7e:ef:f5:9d:c5:31:24:4e:2e:59:cd:36:ba:17:21: 9c:7f:39:6b:1e:37:db:79:67:75:74:03:36:b1:09:07:bf:c8: a8:2a:0a:22:56:5e:12:b2:0c:0a:6c:86:42:95:a7:61:62:cf: 21:d9:83:6e:ec:57:fb:b9:41:61:87:28:e7:c1:93:08:2e:8b: 05:c8:ce:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8iaNAzKcdKdttRDvi4l5AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx ZWY1MTAwHhcNMjYwMTI2MjMwMDM3WhcNMjYwMTI3MjMwMDM3WjAzMTEwLwYDVQQD EyhkMjg1MmQ0MzIxZTc2MDY3NmYwNWQyNjQ0MTQ5OGNmZjNkZWZiMzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqnBRu/pDYlLF2vLP1q6dSo+F+Uv sqT1rNiIh+vGKi5DSHu6o1FCk8iANrAk0Zwf52TvpesrfHnykHktnuAROfoaG/BT y8ux0CwVtTAkfX1Pm/Run7NI+oPQIk75nGP/kamoyoLA7Myoa7yV1W5UyyQNtb1/ zFzO4+D7a6GlGwzFMeODB5Ww0fiDwxPdYcwzcN+wFmaqauhsyLaugs4kZKoV3dR/ 0Hz4JZhGQZ7D98twwAk7T6ko+cL/m6Mu9dbtyY8bkNN+s1CXC5e/U5h9oW48/LWN k4Dnq3VLC+ZlwcHkwHh7NdKVVDmEeUv++Sxywl7butUbSzeRY6WpPYwC1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNKFLUMh52BnbwXSZEFJjP8977NRMB8GA1UdIwQY MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADlBsFZAN BmMtbPGnfKvt+TS+W6mJpJWfkwYzhwH/VqONvLZVNhRv2epAc52Xd5oH04GIFQcl SKK2rDgrrGjmUzlfT+GHBM4Qh+oakDmX4ygSzM/MTp/vGBBMkIf95Fkz6WpIa/Pg 4FGZ078osEccKDsMtZOy5pBhhPCmem+NfaY6hR2pFrR88U1bebDGi4pTiKvjFE8H ScUlrcFwdhIDjHucMmtBtsDTr47mhRuS07Wtdg4/GBBUfu/1ncUxJE4uWc02uhch nH85ax4323lndXQDNrEJB7/IqCoKIlZeErIMCmyGQpWnYWLPIdmDbuxX+7lBYYco 58GTCC6LBcjOPA== -----END CERTIFICATE-----Generated at Tue Jan 27 06:08:07 2026 by rpki-client