This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft File: hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft (raw, json) Hash identifier: MJw4lwCaiYm2XrScMLTdPSu/55h5nb+mkFqo5yyq1hM= Subject key identifier: 8F:0D:C2:16:56:52:02:5A:90:E1:26:AD:BB:28:42:7F:C5:DD:B0:97 Authority key identifier: 85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80 Certificate issuer: /CN=854e103aaec432fc191d49819bd1ab71fe1cfa80 Certificate serial: 019BD87D73ADCAA31EAC082FAB1C45E53564 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft Manifest number: 17DC Signing time: Mon 19 Jan 2026 23:00:58 +0000 Manifest this update: Mon 19 Jan 2026 23:00:58 +0000 Manifest next update: Tue 20 Jan 2026 23:00:58 +0000 Files and hashes: 1: Bgb4R3FK8PY34Yz-lvynRT-9XWQ.roa (hash: St6uFsBRyQsJnyTTYPZwyzlv1Byj/hyZ5kqADUUKKnM=) 2: hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl (hash: PxHViNuoIluwCr44za1E7OzAw0Rpz6y4h8V5guyAmlY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d8:7d:73:ad:ca:a3:1e:ac:08:2f:ab:1c:45:e5:35:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=854e103aaec432fc191d49819bd1ab71fe1cfa80 Validity Not Before: Jan 19 23:00:58 2026 GMT Not After : Jan 20 23:00:58 2026 GMT Subject: CN=8f0dc2165652025a90e126adbb28427fc5ddb097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:88:2e:f5:6b:ea:24:80:92:b1:12:3b:16:8b: ac:ee:e8:a3:af:99:a2:f2:85:a1:01:9f:8c:0d:cc: da:6b:69:c4:2e:2e:59:c8:bb:8a:55:7d:b0:3f:e5: 1b:c2:61:85:74:09:07:86:b6:8a:ac:5f:69:53:dc: a0:51:4c:25:2d:e6:05:7d:9a:52:9d:3c:32:78:cc: 30:f7:0d:a0:26:67:64:71:0e:3f:e1:a6:f5:ca:a3: 8d:da:ef:31:1f:50:3f:57:62:03:c9:b7:f7:2e:aa: 90:0d:de:95:c6:3a:06:02:2a:1f:49:17:af:10:f0: fe:d2:9a:28:9c:f5:45:fd:73:b5:7e:d4:03:a7:56: 89:99:46:da:94:b8:04:ce:36:a3:57:3e:2b:a7:61: 18:e8:56:62:a1:a6:ad:54:5b:7f:9f:da:eb:b3:25: af:7f:a6:61:62:80:b6:65:63:66:0a:6d:73:04:10: cc:6e:d5:54:06:f2:8b:50:e2:e4:06:aa:f2:0a:8d: a0:9f:bf:ab:eb:a0:4c:55:6c:d4:e1:3e:9c:a6:ba: a6:40:9c:e4:2b:8d:90:99:62:79:99:16:53:62:9d: b4:1c:f1:f7:b2:91:81:55:73:d3:13:a8:88:0a:d0: 6f:2b:e1:75:78:f3:b2:af:82:12:33:47:5f:40:27: bb:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:0D:C2:16:56:52:02:5A:90:E1:26:AD:BB:28:42:7F:C5:DD:B0:97 X509v3 Authority Key Identifier: keyid:85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:e9:53:e6:92:d2:ae:ab:82:96:dc:bd:76:ed:db:f9:18:21: fd:24:86:9d:89:de:ad:0e:b0:c4:f2:0a:ab:99:e4:5a:b1:63: bc:6b:ab:16:ab:93:ee:1c:98:47:f8:b8:f1:7d:b7:9b:75:c2: 21:e5:66:8b:d4:27:3b:54:36:31:14:81:ca:02:c8:0c:c3:a7: 79:22:1e:2c:1c:a0:85:36:b2:1d:8f:c6:0d:25:59:a1:16:f2: df:b1:ed:3f:87:41:80:af:a4:76:ef:56:58:f0:c6:0d:ae:fe: 00:66:9f:7c:53:af:3f:ae:eb:89:cf:51:61:6d:f8:15:88:45: 27:65:c6:25:55:65:44:b9:3e:52:03:4e:92:d1:41:71:32:77: b4:80:1a:d2:77:75:23:ac:a0:30:0f:1e:59:7f:2d:fa:89:a2: e5:68:b0:6a:98:77:f6:7a:12:18:44:2a:3f:6e:83:08:11:7e: 37:1f:ad:20:cb:91:c6:4b:b1:00:c8:8c:17:6d:54:a6:ed:24: 71:b3:07:c6:43:b2:6c:42:ae:2f:d9:42:b6:90:d0:81:73:be: eb:b7:d5:2d:50:37:a5:8e:d2:2e:4c:a0:b3:28:c7:01:5f:c5: e3:1e:a3:9c:13:f2:6b:06:7c:51:75:6e:68:cf:cb:7d:bc:dc: 8e:57:33:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvYfXOtyqMerAgvqxxF5TVkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NGUxMDNhYWVjNDMyZmMxOTFkNDk4MTliZDFhYjcxZmUx Y2ZhODAwHhcNMjYwMTE5MjMwMDU4WhcNMjYwMTIwMjMwMDU4WjAzMTEwLwYDVQQD Eyg4ZjBkYzIxNjU2NTIwMjVhOTBlMTI2YWRiYjI4NDI3ZmM1ZGRiMDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArogu9WvqJICSsRI7Fous7uijr5mi 8oWhAZ+MDczaa2nELi5ZyLuKVX2wP+UbwmGFdAkHhraKrF9pU9ygUUwlLeYFfZpS nTwyeMww9w2gJmdkcQ4/4ab1yqON2u8xH1A/V2IDybf3LqqQDd6VxjoGAiofSRev EPD+0poonPVF/XO1ftQDp1aJmUbalLgEzjajVz4rp2EY6FZioaatVFt/n9rrsyWv f6ZhYoC2ZWNmCm1zBBDMbtVUBvKLUOLkBqryCo2gn7+r66BMVWzU4T6cprqmQJzk K42QmWJ5mRZTYp20HPH3spGBVXPTE6iICtBvK+F1ePOyr4ISM0dfQCe78wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI8NwhZWUgJakOEmrbsoQn/F3bCXMB8GA1UdIwQY MBaAFIVOEDquxDL8GR1JgZvRq3H+HPqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEt OWMwMWRmN2I5ZTY2LzEvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEtOWMwMWRmN2I5ZTY2 LzEvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+lT5pLS rquClty9du3b+Rgh/SSGnYnerQ6wxPIKq5nkWrFjvGurFquT7hyYR/i48X23m3XC IeVmi9QnO1Q2MRSBygLIDMOneSIeLByghTayHY/GDSVZoRby37HtP4dBgK+kdu9W WPDGDa7+AGaffFOvP67ric9RYW34FYhFJ2XGJVVlRLk+UgNOktFBcTJ3tIAa0nd1 I6ygMA8eWX8t+omi5Wiwaph39noSGEQqP26DCBF+Nx+tIMuRxkuxAMiMF21Upu0k cbMHxkOybEKuL9lCtpDQgXO+67fVLVA3pY7SLkygsyjHAV/F4x6jnBPyawZ8UXVu aM/Lfbzcjlczog== -----END CERTIFICATE-----Generated at Tue Jan 20 01:38:21 2026 by rpki-client