This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft File: GheAknBHDXwlZxEvtAqe9xJgBRY.mft (raw, json) Hash identifier: ieKZmgEHv8UX+QJYGYx8lFem91oC4scJS6tdjdCTmLg= Subject key identifier: 8E:35:DD:74:4D:4C:D2:74:4E:32:32:8D:E5:86:8A:BA:13:B7:3C:CA Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16 Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516 Certificate serial: 019BA67EA17EEFA46E3B5034E8758AAB69D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft Manifest number: 17C1 Signing time: Sat 10 Jan 2026 06:01:15 +0000 Manifest this update: Sat 10 Jan 2026 06:01:15 +0000 Manifest next update: Sun 11 Jan 2026 06:01:15 +0000 Files and hashes: 1: 0tBvzHKBM9CFXoUvWhZ8oAIxIYQ.roa (hash: u3BDMBzVoIVq/H0Z4B77BSL8kjz5TDlPAlMIn/QKiB8=) 2: GheAknBHDXwlZxEvtAqe9xJgBRY.crl (hash: x4/xf2iuY/uJx0BaXvWxlbfcXQKEGWzYj5u2XAHR0Dc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a6:7e:a1:7e:ef:a4:6e:3b:50:34:e8:75:8a:ab:69:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516 Validity Not Before: Jan 10 06:01:15 2026 GMT Not After : Jan 11 06:01:15 2026 GMT Subject: CN=8e35dd744d4cd2744e32328de5868aba13b73cca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7b:2c:db:e5:f7:ef:03:6b:db:67:32:5d:2c: 75:a0:56:17:00:07:53:8a:fd:27:34:e0:10:39:66: 65:62:56:3e:e4:1c:00:f2:1e:5b:60:87:57:88:ed: 89:65:0b:1e:f1:80:cd:2a:c2:2d:50:e3:0c:81:64: 30:d0:9a:01:66:2d:16:ba:49:a6:bc:4b:d3:a6:68: 1e:a2:f9:c8:ae:42:fc:49:94:7a:01:c0:dc:88:88: 9b:8a:f7:07:ed:8e:dd:2e:ae:99:d6:2a:8c:b9:e3: 25:30:7f:4f:4b:bd:f8:73:cf:f5:23:b7:ff:21:aa: 24:51:49:7b:3b:33:a1:f6:55:f4:bf:11:b7:90:7e: 61:80:49:dd:67:f1:54:65:35:39:fd:d5:86:0b:1e: f6:cf:4b:cf:8e:4c:0e:e9:bc:12:14:e4:b4:63:4d: 2e:fb:5d:d5:f3:57:f0:dd:a1:53:7a:86:51:6d:64: 06:74:88:1c:bf:ed:66:48:32:e7:13:72:94:08:3c: 28:6c:65:b1:ed:ad:8b:8b:1a:dd:0c:c1:d9:1b:64: 67:e7:1b:81:4a:df:e3:91:e1:a2:b6:62:af:2c:7e: df:5a:bf:4f:25:41:3a:92:3e:cf:82:a9:83:9a:75: 75:c9:62:50:5a:4a:2a:02:af:d2:75:d6:7b:63:0c: 3d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:35:DD:74:4D:4C:D2:74:4E:32:32:8D:E5:86:8A:BA:13:B7:3C:CA X509v3 Authority Key Identifier: keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:04:22:df:36:df:8c:39:1c:37:7a:31:85:f0:b3:e8:e4:a9: ef:5a:ac:f8:9c:2f:67:09:4f:9a:4d:e8:3c:04:9e:6a:f6:4e: b2:5c:a5:4a:f0:9e:21:38:b7:a0:be:0a:78:66:73:41:64:96: ee:b7:34:75:35:f9:53:7c:9c:90:0b:5b:b7:64:15:fd:4d:27: 4a:5a:b0:cc:c5:12:bc:e2:b3:f5:19:cc:b7:e5:11:a0:7e:84: 84:8c:c9:fb:d3:3a:10:9f:44:cc:a5:ee:74:c0:ab:e8:92:42: f7:f9:08:a1:2c:bf:68:4c:9e:a4:9f:31:89:f8:ec:5d:a4:86: c2:bd:62:a6:87:29:7e:d7:76:bf:d5:07:7a:ef:26:a8:a3:db: 83:d8:2c:4a:50:88:f6:bf:93:a9:c7:a5:f6:e3:35:48:17:e4: 06:99:ee:9c:e9:2f:e7:4e:07:cf:a1:11:be:ad:11:58:78:5e: 02:d3:35:af:57:cd:b4:9a:ce:f4:dd:b5:a5:2a:fb:5d:91:5c: 52:54:4d:bf:2d:8e:73:f4:a9:8a:61:e4:2d:80:ab:8c:ab:60: 1e:fa:08:a9:dc:25:98:26:ab:5e:0b:24:0c:2a:8b:1f:29:f1: a4:47:62:e5:7d:6a:65:a1:07:59:2d:da:20:86:d6:3c:19:8f: c3:aa:34:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZumfqF+76RuO1A06HWKq2nRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2 MDA1MTYwHhcNMjYwMTEwMDYwMTE1WhcNMjYwMTExMDYwMTE1WjAzMTEwLwYDVQQD Eyg4ZTM1ZGQ3NDRkNGNkMjc0NGUzMjMyOGRlNTg2OGFiYTEzYjczY2NhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnss2+X37wNr22cyXSx1oFYXAAdT iv0nNOAQOWZlYlY+5BwA8h5bYIdXiO2JZQse8YDNKsItUOMMgWQw0JoBZi0Wukmm vEvTpmgeovnIrkL8SZR6AcDciIibivcH7Y7dLq6Z1iqMueMlMH9PS734c8/1I7f/ IaokUUl7OzOh9lX0vxG3kH5hgEndZ/FUZTU5/dWGCx72z0vPjkwO6bwSFOS0Y00u +13V81fw3aFTeoZRbWQGdIgcv+1mSDLnE3KUCDwobGWx7a2LixrdDMHZG2Rn5xuB St/jkeGitmKvLH7fWr9PJUE6kj7PgqmDmnV1yWJQWkoqAq/SddZ7Yww9swIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI413XRNTNJ0TjIyjeWGiroTtzzKMB8GA1UdIwQY MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt OGFmYTc0ZDg3NjlmLzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAigQi3zbf jDkcN3oxhfCz6OSp71qs+JwvZwlPmk3oPASeavZOslylSvCeITi3oL4KeGZzQWSW 7rc0dTX5U3yckAtbt2QV/U0nSlqwzMUSvOKz9RnMt+URoH6EhIzJ+9M6EJ9EzKXu dMCr6JJC9/kIoSy/aEyepJ8xifjsXaSGwr1ipocpftd2v9UHeu8mqKPbg9gsSlCI 9r+Tqcel9uM1SBfkBpnunOkv504Hz6ERvq0RWHheAtM1r1fNtJrO9N21pSr7XZFc UlRNvy2Oc/SpimHkLYCrjKtgHvoIqdwlmCarXgskDCqLHynxpEdi5X1qZaEHWS3a IIbWPBmPw6o09A== -----END CERTIFICATE-----Generated at Sat Jan 10 08:25:51 2026 by rpki-client