This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json) Hash identifier: YfPiKxM/1pN1wxOxUu9s01AIRqkrpoB6/rvWDwCP/+0= Subject key identifier: 1B:57:84:F1:E4:73:FE:7E:64:43:D2:F0:87:A0:7D:27:AE:6B:98:30 Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Certificate serial: 019BFB0A0C66E8820FE35915E780A2F4CC27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft Manifest number: 0FCD Signing time: Mon 26 Jan 2026 16:01:38 +0000 Manifest this update: Mon 26 Jan 2026 16:01:38 +0000 Manifest next update: Tue 27 Jan 2026 16:01:38 +0000 Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: m4/hs/iQ6Wr+P2WeJYjOU8dM0CoiqejC3uEUmYKpfvc=) 2: tl9JmYqZuc8rnWm5B3tF-CPUxEg.roa (hash: ti/VYS4hognsUWtb/PVfBo1Uhz2rYc5vy7DleprVf/Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:0a:0c:66:e8:82:0f:e3:59:15:e7:80:a2:f4:cc:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Validity Not Before: Jan 26 16:01:38 2026 GMT Not After : Jan 27 16:01:38 2026 GMT Subject: CN=1b5784f1e473fe7e6443d2f087a07d27ae6b9830 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9a:77:a5:12:fe:5c:21:00:a2:a0:68:df:60: e0:2a:fe:4a:16:be:da:05:e3:ce:58:ec:c5:e4:c0: f5:e5:29:c2:08:62:91:9c:0a:84:0d:d3:05:2c:68: 93:89:85:ad:e2:f6:91:c6:d5:65:b9:2a:11:07:fc: 6c:71:1b:b2:98:5c:7e:35:3e:f2:c0:71:4d:02:2e: 85:6e:1a:9b:5a:68:53:b2:83:ad:e4:45:b1:8b:1b: 55:f9:53:de:d2:56:3e:16:9c:59:ec:db:42:a9:84: 0d:c1:51:ff:67:0b:e9:39:5b:23:b4:67:36:91:dc: 5b:b5:ef:b7:6a:61:4e:a5:29:58:4e:4a:8a:bd:c5: bf:bf:80:24:5e:b7:c5:6b:d2:d4:67:af:9f:83:d5: b5:36:f9:00:80:3f:77:da:55:ba:f2:4d:99:d7:f3: 41:63:64:4f:a0:14:33:65:55:48:43:63:0d:fc:22: d4:ad:3d:64:80:b5:2a:75:97:a8:86:a8:80:d9:12: df:7d:c0:bf:90:4a:c7:87:43:0f:d0:2f:5e:27:b9: 81:75:bd:de:9c:e1:43:b4:c5:58:2e:80:28:7b:4c: 45:58:a5:4d:d7:57:7a:a2:e2:4a:91:59:0f:b8:9c: 89:2b:3c:a0:55:73:85:de:3c:b8:ea:88:a4:36:24: 35:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:57:84:F1:E4:73:FE:7E:64:43:D2:F0:87:A0:7D:27:AE:6B:98:30 X509v3 Authority Key Identifier: keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:11:c1:a4:d1:b0:b0:df:9c:e9:57:c9:2b:16:45:16:ce:f1: 69:90:8b:ff:c1:90:10:e4:03:f4:46:98:7a:90:cc:c1:2e:0f: 13:c9:d4:54:7c:a0:d1:c3:f9:e4:84:4c:3e:c3:f8:74:45:8e: 7b:62:eb:a2:02:64:ae:26:84:01:56:f9:e4:de:5f:fd:e4:2e: ac:4f:eb:ac:df:bd:c4:a1:af:9d:50:2f:ec:e0:3e:5a:eb:b3: 8b:6d:8a:e2:4b:94:bf:75:82:a5:0e:d0:e0:a2:c0:25:10:e7: 8f:18:2a:f9:b8:24:b2:27:20:aa:9f:fe:b9:30:a1:1c:b1:94: 02:df:ea:18:4c:b4:43:4c:92:f0:bc:35:54:17:61:05:42:9b: 13:8a:4d:70:18:93:8f:d0:6f:29:3d:3d:08:26:20:70:62:fa: 67:40:22:b6:84:2e:62:3b:29:10:a8:1f:ea:ff:b3:8f:a8:c6: d8:3f:af:5f:c8:4c:80:40:a5:b2:7a:6b:ce:13:41:24:04:ad: 76:dc:ea:5c:3f:cf:6f:4e:45:03:3f:7d:c3:17:21:34:51:b9: 7f:3d:2f:0f:7e:e4:2f:c8:d6:39:8e:4a:db:bd:3d:85:c0:7d: 04:9d:17:22:f9:a6:a7:ec:cb:27:86:ef:ad:57:09:1e:ff:42: 31:75:5b:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7Cgxm6IIP41kV54Ci9MwnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk ZGM3ZGYwHhcNMjYwMTI2MTYwMTM4WhcNMjYwMTI3MTYwMTM4WjAzMTEwLwYDVQQD EygxYjU3ODRmMWU0NzNmZTdlNjQ0M2QyZjA4N2EwN2QyN2FlNmI5ODMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZp3pRL+XCEAoqBo32DgKv5KFr7a BePOWOzF5MD15SnCCGKRnAqEDdMFLGiTiYWt4vaRxtVluSoRB/xscRuymFx+NT7y wHFNAi6FbhqbWmhTsoOt5EWxixtV+VPe0lY+FpxZ7NtCqYQNwVH/ZwvpOVsjtGc2 kdxbte+3amFOpSlYTkqKvcW/v4AkXrfFa9LUZ6+fg9W1NvkAgD932lW68k2Z1/NB Y2RPoBQzZVVIQ2MN/CLUrT1kgLUqdZeohqiA2RLffcC/kErHh0MP0C9eJ7mBdb3e nOFDtMVYLoAoe0xFWKVN11d6ouJKkVkPuJyJKzygVXOF3jy46oikNiQ15QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBtXhPHkc/5+ZEPS8IegfSeua5gwMB8GA1UdIwQY MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1 LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxHBpNGw sN+c6VfJKxZFFs7xaZCL/8GQEOQD9EaYepDMwS4PE8nUVHyg0cP55IRMPsP4dEWO e2LrogJkriaEAVb55N5f/eQurE/rrN+9xKGvnVAv7OA+Wuuzi22K4kuUv3WCpQ7Q 4KLAJRDnjxgq+bgksicgqp/+uTChHLGUAt/qGEy0Q0yS8Lw1VBdhBUKbE4pNcBiT j9BvKT09CCYgcGL6Z0AitoQuYjspEKgf6v+zj6jG2D+vX8hMgEClsnprzhNBJASt dtzqXD/Pb05FAz99wxchNFG5fz0vD37kL8jWOY5K2709hcB9BJ0XIvmmp+zLJ4bv rVcJHv9CMXVbHw== -----END CERTIFICATE-----Generated at Tue Jan 27 00:10:00 2026 by rpki-client