This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft File: raXVKzyodFRXW2W3IO74GiYqXzo.mft (raw, json) Hash identifier: u7HP5xkG9CsY+33aJNOkSVVzFfY5qc5prrSIRLSkPgc= Subject key identifier: 79:D9:25:BF:F0:B4:B1:FC:22:4F:AA:19:52:52:D6:B1:8D:29:DC:51 Authority key identifier: AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A Certificate issuer: /CN=ada5d52b3ca87454575b65b720eef81a262a5f3a Certificate serial: 019BE0A51DD649C3A19ED5B0D26106E3A0D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft Manifest number: 111C Signing time: Wed 21 Jan 2026 13:01:16 +0000 Manifest this update: Wed 21 Jan 2026 13:01:16 +0000 Manifest next update: Thu 22 Jan 2026 13:01:16 +0000 Files and hashes: 1: rFQ04GqSU9DTULqn8_NPkqKbWSc.roa (hash: 8XgwklO153GBrJc2s4PKkyGugWT/fq0MyA5r4Aq8lKY=) 2: raXVKzyodFRXW2W3IO74GiYqXzo.crl (hash: 7oDM3O737aawGZ26i4RsDfsyVkF4dd5GHdy18LJ3HJo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 13:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:a5:1d:d6:49:c3:a1:9e:d5:b0:d2:61:06:e3:a0:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ada5d52b3ca87454575b65b720eef81a262a5f3a Validity Not Before: Jan 21 13:01:16 2026 GMT Not After : Jan 22 13:01:16 2026 GMT Subject: CN=79d925bff0b4b1fc224faa195252d6b18d29dc51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4c:ff:18:a6:2f:34:f4:fc:79:30:ca:b9:0a: 78:0f:fa:46:6e:e3:4e:8b:73:05:4e:81:95:2e:67: b7:f0:0c:71:80:38:8d:87:46:ff:78:b4:c6:7b:5d: cc:42:88:d4:53:0b:81:1f:35:ae:ba:ee:87:e7:dd: c5:aa:d5:15:38:77:5f:c2:38:44:5c:d2:d7:7f:9a: 5f:e1:a9:28:cf:3a:de:a8:bf:11:21:c3:82:ec:91: 77:b0:e8:19:ad:01:38:76:ab:79:c8:55:53:61:b3: d0:8b:c2:71:16:7c:f2:f3:5a:0c:36:77:4c:6b:1b: aa:ca:a1:d2:73:fd:ae:34:50:5d:b2:68:2f:d1:08: d3:e5:80:a3:df:27:7c:0a:8d:4f:30:f8:62:fd:d5: 70:43:71:4d:3c:94:c5:04:33:04:1a:20:28:4d:d0: e9:a1:02:5a:8e:b7:d9:6b:eb:fb:9d:f2:22:a4:6a: e1:23:85:4a:74:44:29:94:eb:f4:88:d7:0f:8c:f0: b8:3c:ef:6c:ec:6e:ad:7f:d0:2c:e9:e0:ed:1a:35: ad:c3:9a:04:85:f4:e2:0e:41:0f:70:af:ef:b5:32: 57:e4:65:bf:bf:6c:76:90:54:e9:a8:a3:80:fc:17: aa:76:21:a6:1c:f3:ac:18:54:55:80:55:ed:25:2a: 27:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:D9:25:BF:F0:B4:B1:FC:22:4F:AA:19:52:52:D6:B1:8D:29:DC:51 X509v3 Authority Key Identifier: keyid:AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:ee:79:60:23:e6:05:09:e6:e0:df:20:08:3e:da:4f:78:f9: ee:9e:bb:a0:53:e4:04:35:a4:23:55:d7:4c:fb:ae:50:26:50: 43:de:0f:17:eb:33:f4:5c:08:90:7c:78:5e:31:ed:d1:ba:49: a9:6b:5e:30:06:e2:47:57:4f:e5:04:7e:5b:4a:e2:94:06:0e: 1e:64:64:13:ca:26:99:da:80:8d:29:fc:dd:45:34:23:c3:7c: df:c1:ab:92:10:bc:c8:8f:08:a3:cb:96:fc:fe:67:f9:c7:96: a0:68:c0:ed:74:c7:71:06:82:04:02:44:dc:98:e0:98:44:62: 3a:3c:a2:71:82:cb:63:3f:4b:08:bf:f5:1b:7a:1a:d8:99:eb: 71:ce:9c:ee:7f:c0:0a:b5:e6:c5:d1:3d:4f:7b:32:56:84:1f: db:4f:14:b5:ed:cc:d5:16:52:21:59:b5:ce:18:e9:d9:a6:72: 83:fd:12:95:22:bc:5f:d9:6a:91:d5:36:aa:ec:ee:c0:82:aa: 1f:7a:7e:2d:aa:83:5b:b7:e4:94:17:03:9e:82:a4:53:b4:ff: 59:f7:0a:1a:d6:a4:9b:d3:b4:87:63:f9:f4:10:55:7b:93:a4: 55:40:29:66:8f:65:1c:5f:68:0a:e3:ba:2a:20:a9:6e:93:55: bf:62:16:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvgpR3WScOhntWw0mEG46DQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkYTVkNTJiM2NhODc0NTQ1NzViNjViNzIwZWVmODFhMjYy YTVmM2EwHhcNMjYwMTIxMTMwMTE2WhcNMjYwMTIyMTMwMTE2WjAzMTEwLwYDVQQD Eyg3OWQ5MjViZmYwYjRiMWZjMjI0ZmFhMTk1MjUyZDZiMThkMjlkYzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkz/GKYvNPT8eTDKuQp4D/pGbuNO i3MFToGVLme38AxxgDiNh0b/eLTGe13MQojUUwuBHzWuuu6H593FqtUVOHdfwjhE XNLXf5pf4akozzreqL8RIcOC7JF3sOgZrQE4dqt5yFVTYbPQi8JxFnzy81oMNndM axuqyqHSc/2uNFBdsmgv0QjT5YCj3yd8Co1PMPhi/dVwQ3FNPJTFBDMEGiAoTdDp oQJajrfZa+v7nfIipGrhI4VKdEQplOv0iNcPjPC4PO9s7G6tf9As6eDtGjWtw5oE hfTiDkEPcK/vtTJX5GW/v2x2kFTpqKOA/BeqdiGmHPOsGFRVgFXtJSonKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHnZJb/wtLH8Ik+qGVJS1rGNKdxRMB8GA1UdIwQY MBaAFK2l1Ss8qHRUV1tltyDu+BomKl86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMt ZDE4YWI0ZjdmNWRmLzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMtZDE4YWI0ZjdmNWRm LzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOO55YCPm BQnm4N8gCD7aT3j57p67oFPkBDWkI1XXTPuuUCZQQ94PF+sz9FwIkHx4XjHt0bpJ qWteMAbiR1dP5QR+W0rilAYOHmRkE8ommdqAjSn83UU0I8N838GrkhC8yI8Io8uW /P5n+ceWoGjA7XTHcQaCBAJE3JjgmERiOjyicYLLYz9LCL/1G3oa2Jnrcc6c7n/A CrXmxdE9T3syVoQf208Ute3M1RZSIVm1zhjp2aZyg/0SlSK8X9lqkdU2quzuwIKq H3p+LaqDW7fklBcDnoKkU7T/WfcKGtakm9O0h2P59BBVe5OkVUApZo9lHF9oCuO6 KiCpbpNVv2IW6A== -----END CERTIFICATE-----Generated at Wed Jan 21 18:47:59 2026 by rpki-client