This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
File: Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft (raw, json)
Hash identifier: bSAa+XZkIBgghFRUrGNkacgcHctz8n/yeHs9NrMsjPo=
Subject key identifier: 2F:6B:65:CF:4F:E5:5A:BB:E9:7B:EC:B4:F5:7B:66:38:53:2E:F5:71
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 019BCC0B65058C3C1ACDC1CFFD9F765D2868
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
Manifest number: 1020
Signing time: Sat 17 Jan 2026 13:00:57 +0000
Manifest this update: Sat 17 Jan 2026 13:00:57 +0000
Manifest next update: Sun 18 Jan 2026 13:00:57 +0000
Files and hashes: 1: 0fq1gRYIVP9dTgOiD1oeMJEo_KQ.roa (hash: FJ5OMI2l4qRYLCvuHNSAsXUeDfS57Wh9X15C8/hlneg=)
2: 1nqC6xnrGeiiCsIQzeNoBlULrNs.roa (hash: M8+11gt77TdIMEMeidkDUFD2MIHTpwuA0Z3lO3wayfw=)
3: 5G7T_ta5GRY-vaF3PWEHkN7X3lY.roa (hash: E1pa9lzYctomz2Si/AVGz+D9ZaUziuZd2hK3Cs63LZA=)
4: 8PXruX0NUFmuFkbr5FDpoooVvXM.roa (hash: XPZ+iCpyreRyaJ/LqZJwBerjbtvxZcmxEnaEbiUms6Q=)
5: CgUHKiRsRmzYx7ZOCnuOhc6JuzM.roa (hash: EQlw+q9jnebrItocrNjEuHmz2ku3rbdvtehDLXwsagY=)
6: Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl (hash: +Uor6bFkZaxP8jBIjz2YqVMsvWdqJAhAW0KNddU2qYs=)
7: Qh6w5R4OY3LRFJlmxw3GEUIorWE.roa (hash: 2TZvTfqZGN/7yXjhJzZ95o9BQTNHk2HmhR+25FxXV1c=)
8: _bCrFb7VC4CCd9K-Wcu_5V2bR1U.roa (hash: 43+13/xiT3wMEpfoLe4Sy/ExJmNhgvNKxVgEkujyVA8=)
9: byxTcbn0R_ABtndiznyuziTHgi8.roa (hash: T2sYxuovHiigJvci2db9Vhz7uwGqQKQmouYx6Ud5yM0=)
10: hPKkrsj0FX97l8P5hhDoNCNjeqE.roa (hash: pR+tDQOXzEiJ05cgUzQGiwCXhXXy4kL5jERdGJNHgJ4=)
11: lGkHGhpYOdTznT_yaE3ovjGf5mQ.roa (hash: 4SHYfC7Bcu60W7bkjANyd/nQPdjStJcUQUz5MyP0/xM=)
12: xUyp5z9ki9x2dJcpNDLQqnXtfXs.roa (hash: OB5oPZJI1/ir+viyC2KaHJjQwYX8WdLDSXZSic2R5Fs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 18 Jan 2026 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:cc:0b:65:05:8c:3c:1a:cd:c1:cf:fd:9f:76:5d:28:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 17 13:00:57 2026 GMT
Not After : Jan 18 13:00:57 2026 GMT
Subject: CN=2f6b65cf4fe55abbe97becb4f57b6638532ef571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:ad:91:f4:f1:02:ad:7e:72:69:0f:16:ca:
73:56:d7:0d:4e:d0:e5:c8:f2:5e:f1:f8:cd:a5:7c:
94:56:bf:bf:31:1e:4b:0c:a8:b6:d6:ec:57:fd:52:
ab:1c:66:c2:38:79:43:d1:97:cd:a0:f7:a7:fd:69:
48:89:4a:a1:18:51:0f:8f:36:3c:d6:a9:5f:72:3d:
5c:2c:48:cc:f9:35:1c:47:19:f2:bf:d5:71:35:b0:
60:ce:db:df:4c:20:c6:ed:19:8f:a2:f3:20:a1:a8:
04:a1:4d:91:fe:72:28:19:aa:c8:44:d9:4d:ce:6a:
b8:cf:d6:5a:40:5d:bf:21:c7:56:1a:5e:37:e4:cc:
a2:eb:d0:f6:90:13:2a:1e:b6:b8:1c:13:1e:08:bc:
7c:7d:c5:20:4e:f5:0b:23:42:6a:98:75:fe:52:c3:
b6:60:ed:2f:fe:73:85:6a:14:5d:a6:69:0a:a2:8e:
90:4b:ce:df:69:89:73:f8:08:e8:f0:cc:57:4a:3a:
72:71:c6:77:38:55:c5:8d:25:ce:92:20:cc:83:c7:
bd:9d:c7:ae:20:ee:c3:ab:78:59:87:14:0f:19:4f:
ad:23:80:bf:5d:bb:ea:f4:41:d9:07:fe:b4:8f:ac:
e7:59:2b:ec:02:e6:67:00:c1:ed:23:1f:7c:01:63:
3f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6B:65:CF:4F:E5:5A:BB:E9:7B:EC:B4:F5:7B:66:38:53:2E:F5:71
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:38:72:fd:60:11:bd:78:09:2a:43:fa:a2:9a:b4:af:21:09:
b1:95:99:f3:1b:d2:96:52:eb:3c:00:d7:09:48:a1:60:f8:d1:
4c:b8:17:48:d2:19:8d:c0:09:cd:3d:27:ac:69:7b:9f:e3:c6:
05:76:13:08:c8:36:1b:7b:78:6a:e4:71:0c:d7:4f:78:5e:00:
b3:ce:02:c6:c2:8c:de:1b:26:28:e9:6b:ec:79:0f:c8:9a:5b:
b4:de:f9:79:c6:f4:15:84:96:07:77:13:6d:72:7c:cd:51:bb:
b3:a1:22:a8:50:25:32:6f:cc:5c:5f:a4:37:81:a4:b6:41:fa:
ce:c7:b4:17:83:63:4a:c4:fe:c1:d0:e4:07:11:fc:4e:da:25:
03:4f:de:82:b7:7f:e9:53:e3:95:24:6d:68:78:06:37:4e:1b:
f8:1c:50:51:c1:a1:2a:d5:a0:ba:0b:a7:8e:6c:6a:09:fc:9d:
c9:ff:52:43:13:cd:24:03:41:21:bd:cc:4b:d0:50:24:53:ba:
21:b7:21:b5:8b:f3:5e:4b:2c:7e:15:8e:d6:bb:6f:58:0e:94:
13:50:f1:e2:62:48:4e:03:44:bc:80:16:82:c1:18:45:4e:b6:
99:58:a3:31:fe:0e:2b:fd:bd:eb:b7:8d:56:ff:57:99:4a:9f:
cf:33:7f:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZvMC2UFjDwazcHP/Z92XShoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjYwMTE3MTMwMDU3WhcNMjYwMTE4MTMwMDU3WjAzMTEwLwYDVQQD
EygyZjZiNjVjZjRmZTU1YWJiZTk3YmVjYjRmNTdiNjYzODUzMmVmNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRytkfTxAq1+cmkPFspzVtcNTtDl
yPJe8fjNpXyUVr+/MR5LDKi21uxX/VKrHGbCOHlD0ZfNoPen/WlIiUqhGFEPjzY8
1qlfcj1cLEjM+TUcRxnyv9VxNbBgztvfTCDG7RmPovMgoagEoU2R/nIoGarIRNlN
zmq4z9ZaQF2/IcdWGl435Myi69D2kBMqHra4HBMeCLx8fcUgTvULI0JqmHX+UsO2
YO0v/nOFahRdpmkKoo6QS87faYlz+Ajo8MxXSjpyccZ3OFXFjSXOkiDMg8e9nceu
IO7Dq3hZhxQPGU+tI4C/Xbvq9EHZB/60j6znWSvsAuZnAMHtIx98AWM/XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9rZc9P5Vq76XvstPV7ZjhTLvVxMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkThy/WAR
vXgJKkP6opq0ryEJsZWZ8xvSllLrPADXCUihYPjRTLgXSNIZjcAJzT0nrGl7n+PG
BXYTCMg2G3t4auRxDNdPeF4As84CxsKM3hsmKOlr7HkPyJpbtN75ecb0FYSWB3cT
bXJ8zVG7s6EiqFAlMm/MXF+kN4GktkH6zse0F4NjSsT+wdDkBxH8TtolA0/egrd/
6VPjlSRtaHgGN04b+BxQUcGhKtWgugunjmxqCfydyf9SQxPNJANBIb3MS9BQJFO6
IbchtYvzXkssfhWO1rtvWA6UE1Dx4mJITgNEvIAWgsEYRU62mVijMf4OK/2967eN
Vv9XmUqfzzN/ag==
-----END CERTIFICATE-----
Generated at Sat Jan 17 22:58:41 2026 by rpki-client