This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft File: 4z2f_axY52ErCVFE_sBrolhapqg.mft (raw, json) Hash identifier: T6Nsmy5nSzIh/RWhpNv6USEWCWdrvlmSSfwMeenbU/E= Subject key identifier: 02:1F:BF:14:A5:F4:D4:5F:F2:A6:53:67:53:5F:E9:3D:22:40:DF:05 Authority key identifier: E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8 Certificate issuer: /CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8 Certificate serial: 019BFBE56B7600E1A44192940FEA8411DFD6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft Manifest number: 1542 Signing time: Mon 26 Jan 2026 20:01:15 +0000 Manifest this update: Mon 26 Jan 2026 20:01:15 +0000 Manifest next update: Tue 27 Jan 2026 20:01:15 +0000 Files and hashes: 1: 4z2f_axY52ErCVFE_sBrolhapqg.crl (hash: Vr8o1h+Z/YzjwoPwpsLLg7sMcYlF4DWdZF3BCT+wjv8=) 2: i0WslBSNbZGrjfVFMISsJmr6unc.roa (hash: 1n8qaJxx+xqAWzWkPFiEInqRBUPmVPxyAAXtCgkJ0/Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:e5:6b:76:00:e1:a4:41:92:94:0f:ea:84:11:df:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8 Validity Not Before: Jan 26 20:01:15 2026 GMT Not After : Jan 27 20:01:15 2026 GMT Subject: CN=021fbf14a5f4d45ff2a65367535fe93d2240df05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:43:6c:0a:b1:d5:63:d1:79:71:8f:d6:f6:b4: c2:26:ab:12:6e:70:13:f5:93:d1:2b:df:d7:ac:5d: 23:f4:d2:06:e0:67:f5:3f:54:44:07:a5:a3:b3:b0: d3:91:24:5e:9e:23:de:00:32:b0:60:c3:f0:6e:dc: 4d:13:4c:31:c8:2e:db:09:f3:ea:48:57:92:98:a0: 29:49:c4:9b:15:d2:f0:39:33:ef:d6:38:a5:45:7a: 13:9d:47:e2:21:3a:e4:63:60:da:2a:66:97:95:c8: dc:e2:e6:06:6a:4e:b9:4c:2c:72:c0:3d:38:f1:3d: 54:21:ce:2a:3e:1b:46:a7:ce:9b:41:1c:66:09:18: d6:ec:29:3e:9f:ae:51:75:9d:23:fb:5f:fc:3f:73: f6:7b:fe:ae:25:73:61:97:c6:09:f1:d8:d6:d8:c4: 0a:bf:61:29:bf:28:0e:cf:52:30:c2:75:a8:9a:13: 78:71:8c:be:b4:dd:0a:70:34:b1:02:fc:ce:33:da: 28:23:6a:ee:01:a8:90:3f:de:cf:3c:9e:41:5a:30: 72:e6:43:c1:14:59:f4:cb:a5:02:4a:45:a9:bc:ae: 7b:88:52:b2:b9:44:e4:78:a3:37:aa:10:ff:13:c2: d1:2f:60:5f:00:89:ca:e6:63:ce:c2:0b:6e:55:9c: 91:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:1F:BF:14:A5:F4:D4:5F:F2:A6:53:67:53:5F:E9:3D:22:40:DF:05 X509v3 Authority Key Identifier: keyid:E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:e9:d3:00:1b:47:e1:1d:76:17:22:0b:e2:09:80:19:7a:74: 1e:88:d0:06:13:74:75:d5:72:96:a5:a9:27:f5:e7:a1:e9:a6: c9:ee:4f:b0:c4:cb:fe:c3:4e:1f:6f:2d:7b:dc:2c:0d:5a:51: 04:6a:8b:b6:70:c2:2c:90:2a:1a:06:f1:55:2e:b4:79:ff:e9: 8a:19:ce:82:bb:41:75:3a:96:59:f9:28:04:45:5b:c1:07:75: 40:01:f7:2f:07:22:95:33:35:0d:89:84:7e:c0:a3:ee:7d:01: 20:e5:74:da:b5:ef:5c:5e:f6:6e:f2:0d:34:e3:01:a5:70:7a: e9:d7:84:45:7e:84:1d:7f:a2:1c:19:59:64:95:2f:6e:53:c1: 86:25:c8:ea:56:08:71:c6:b6:89:5c:07:7d:69:69:28:d4:9a: 65:ab:d5:e2:70:a4:e7:9d:46:f9:57:2f:2b:5e:d4:9e:3c:fc: 40:24:30:da:75:96:d7:ee:f5:fa:4d:56:28:bb:df:c6:50:b1: 19:86:38:f9:e8:f3:8d:af:f2:c2:c0:78:94:91:4e:e0:bd:36: 67:aa:5b:25:37:d6:19:1d:56:ee:bc:4f:e5:de:de:8c:1f:55: 1a:6e:de:49:dd:44:45:3f:49:2b:4e:cd:b0:50:26:97:a2:00: d3:5e:2e:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv75Wt2AOGkQZKUD+qEEd/WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzM2Q5ZmZkYWM1OGU3NjEyYjA5NTE0NGZlYzA2YmEyNTg1 YWE2YTgwHhcNMjYwMTI2MjAwMTE1WhcNMjYwMTI3MjAwMTE1WjAzMTEwLwYDVQQD EygwMjFmYmYxNGE1ZjRkNDVmZjJhNjUzNjc1MzVmZTkzZDIyNDBkZjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxENsCrHVY9F5cY/W9rTCJqsSbnAT 9ZPRK9/XrF0j9NIG4Gf1P1REB6Wjs7DTkSReniPeADKwYMPwbtxNE0wxyC7bCfPq SFeSmKApScSbFdLwOTPv1jilRXoTnUfiITrkY2DaKmaXlcjc4uYGak65TCxywD04 8T1UIc4qPhtGp86bQRxmCRjW7Ck+n65RdZ0j+1/8P3P2e/6uJXNhl8YJ8djW2MQK v2EpvygOz1IwwnWomhN4cYy+tN0KcDSxAvzOM9ooI2ruAaiQP97PPJ5BWjBy5kPB FFn0y6UCSkWpvK57iFKyuUTkeKM3qhD/E8LRL2BfAInK5mPOwgtuVZyRfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAIfvxSl9NRf8qZTZ1Nf6T0iQN8FMB8GA1UdIwQY MBaAFOM9n/2sWOdhKwlRRP7Aa6JYWqaoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTkt OWNiMjk2MzAxZTY0LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTktOWNiMjk2MzAxZTY0 LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbOnTABtH 4R12FyIL4gmAGXp0HojQBhN0ddVylqWpJ/Xnoemmye5PsMTL/sNOH28te9wsDVpR BGqLtnDCLJAqGgbxVS60ef/pihnOgrtBdTqWWfkoBEVbwQd1QAH3LwcilTM1DYmE fsCj7n0BIOV02rXvXF72bvINNOMBpXB66deERX6EHX+iHBlZZJUvblPBhiXI6lYI cca2iVwHfWlpKNSaZavV4nCk551G+VcvK17Unjz8QCQw2nWW1+71+k1WKLvfxlCx GYY4+ejzja/ywsB4lJFO4L02Z6pbJTfWGR1W7rxP5d7ejB9VGm7eSd1ERT9JK07N sFAml6IA014ufw== -----END CERTIFICATE-----Generated at Tue Jan 27 07:16:57 2026 by rpki-client