This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft File: h0HsF9wDCbE9iKZ-oi3Luyak46E.mft (raw, json) Hash identifier: 70aCjvWwZB85lQMeGorckfl+uN1g5qDkgTtwQ/6W3d4= Subject key identifier: 50:94:D8:3A:FC:35:30:E4:79:16:60:C0:C7:83:49:5F:A1:3A:B4:C5 Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1 Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1 Certificate serial: 019BFF8B95ACAFF96F48022C9437D41A9C87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft Manifest number: 0B1A Signing time: Tue 27 Jan 2026 13:01:36 +0000 Manifest this update: Tue 27 Jan 2026 13:01:36 +0000 Manifest next update: Wed 28 Jan 2026 13:01:36 +0000 Files and hashes: 1: EMcdw1Ph-JlhHvvHhVSjSxPxNSg.roa (hash: WLZZDdaT7EIhgSFh+wJhMvZeYoYBiu555dqxXusPvfs=) 2: h0HsF9wDCbE9iKZ-oi3Luyak46E.crl (hash: Iq5CMC5Ay5PpURsDF0JFkVwZ6ey0LMB18W+E/BT7ONY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ff:8b:95:ac:af:f9:6f:48:02:2c:94:37:d4:1a:9c:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1 Validity Not Before: Jan 27 13:01:36 2026 GMT Not After : Jan 28 13:01:36 2026 GMT Subject: CN=5094d83afc3530e4791660c0c783495fa13ab4c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e8:b7:26:5f:02:df:c5:87:fc:79:07:ad:00: fc:58:2a:69:41:74:85:27:1b:7d:6f:e6:02:1d:70: 4a:d4:f7:7c:fd:2d:23:06:60:25:e6:09:04:40:d4: cb:cb:79:b7:48:07:77:fe:f5:a4:fc:e8:af:8d:49: cf:e4:d3:17:3d:96:10:9b:e0:3d:20:9f:8a:83:09: 98:b0:43:ab:b9:6b:b8:ae:33:79:9f:f9:ce:ee:1e: 71:86:e0:7b:c0:d2:7f:24:fe:f9:93:23:cc:9b:9f: 49:57:b9:8d:0e:77:6c:33:ba:bc:73:58:d5:89:63: 75:96:65:c1:fa:e0:14:8a:21:d9:5c:d2:30:bd:4e: 92:40:06:8b:6c:03:ab:16:c6:bb:86:d2:55:3b:c6: d3:12:1e:cd:b0:ce:9f:09:86:5f:8c:86:ef:05:eb: b5:be:9d:49:a6:14:91:24:66:9b:80:c7:3d:d3:a5: 67:f1:b7:9e:b4:10:7d:c7:ee:1d:05:80:d4:f6:b4: 3d:2e:2e:84:6c:95:a8:31:7c:98:1f:ea:96:7a:82: f3:88:56:dd:cd:ba:6b:69:b1:02:c0:1d:7e:28:c0: dd:92:29:2f:3a:78:b1:2c:e6:77:fa:46:13:f7:36: 84:ed:3d:df:17:46:b8:e0:1c:7f:d8:a3:08:7b:0b: d0:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:94:D8:3A:FC:35:30:E4:79:16:60:C0:C7:83:49:5F:A1:3A:B4:C5 X509v3 Authority Key Identifier: keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:12:d5:e3:11:b9:76:74:6a:71:e7:2a:71:4e:a9:23:cd:36: 9b:4a:ce:93:37:51:85:89:80:f8:2f:21:06:3c:89:02:ff:8f: 57:01:83:1f:a2:9b:17:26:2b:c9:16:e7:fb:28:cc:4d:a6:78: c7:c2:4b:d9:34:50:1d:4f:70:21:e4:25:ff:6a:ce:55:64:eb: 48:25:e0:a7:0f:57:8f:b5:15:58:54:73:bc:97:9c:3d:d3:22: 43:c9:5f:f2:00:ef:3a:7d:29:1b:32:7b:d4:33:a6:7d:a4:7e: ed:6d:61:04:da:41:ec:c2:56:f5:78:56:17:1d:da:d6:63:85: ad:f6:30:69:ef:ee:c6:d3:c6:57:4c:d5:04:f6:70:a8:31:aa: 08:07:3d:d0:ed:8f:7d:d2:ea:95:2f:12:05:c9:12:6e:76:54: 54:c3:3f:28:a1:b5:a7:6f:00:68:68:27:1b:cc:fa:89:eb:3e: 24:a2:31:f4:db:de:b8:04:3f:f3:bb:de:3a:1f:3b:d0:b9:c9: 02:ae:62:05:e9:94:d9:a3:1b:18:09:3d:ba:7d:48:64:83:c5: 3f:47:a2:5c:98:98:bd:9a:92:1d:aa:f3:98:d7:1e:03:8b:8f: da:5d:06:47:a5:52:30:43:6b:82:42:a9:57:4e:17:46:d0:1f: 87:de:cc:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv/i5Wsr/lvSAIslDfUGpyHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh NGUzYTEwHhcNMjYwMTI3MTMwMTM2WhcNMjYwMTI4MTMwMTM2WjAzMTEwLwYDVQQD Eyg1MDk0ZDgzYWZjMzUzMGU0NzkxNjYwYzBjNzgzNDk1ZmExM2FiNGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+i3Jl8C38WH/HkHrQD8WCppQXSF Jxt9b+YCHXBK1Pd8/S0jBmAl5gkEQNTLy3m3SAd3/vWk/OivjUnP5NMXPZYQm+A9 IJ+KgwmYsEOruWu4rjN5n/nO7h5xhuB7wNJ/JP75kyPMm59JV7mNDndsM7q8c1jV iWN1lmXB+uAUiiHZXNIwvU6SQAaLbAOrFsa7htJVO8bTEh7NsM6fCYZfjIbvBeu1 vp1JphSRJGabgMc906Vn8beetBB9x+4dBYDU9rQ9Li6EbJWoMXyYH+qWeoLziFbd zbprabECwB1+KMDdkikvOnixLOZ3+kYT9zaE7T3fF0a44Bx/2KMIewvQUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFCU2Dr8NTDkeRZgwMeDSV+hOrTFMB8GA1UdIwQY MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt MWFjNGE0MDA3ZGI0LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0 LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxLV4xG5 dnRqcecqcU6pI802m0rOkzdRhYmA+C8hBjyJAv+PVwGDH6KbFyYryRbn+yjMTaZ4 x8JL2TRQHU9wIeQl/2rOVWTrSCXgpw9Xj7UVWFRzvJecPdMiQ8lf8gDvOn0pGzJ7 1DOmfaR+7W1hBNpB7MJW9XhWFx3a1mOFrfYwae/uxtPGV0zVBPZwqDGqCAc90O2P fdLqlS8SBckSbnZUVMM/KKG1p28AaGgnG8z6ies+JKIx9NveuAQ/87veOh870LnJ Aq5iBemU2aMbGAk9un1IZIPFP0eiXJiYvZqSHarzmNceA4uP2l0GR6VSMENrgkKp V04XRtAfh97MgA== -----END CERTIFICATE-----Generated at Tue Jan 27 15:30:31 2026 by rpki-client