This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft File: HjXAaowG1d1k_nawkKPh4qSZbcg.mft (raw, json) Hash identifier: boF7EgXGnWcYMsS6Ns29FAYEg2eGMB6rm6mkDTv7vfs= Subject key identifier: 07:3D:41:10:A6:86:2B:05:D9:F1:54:09:21:A9:A4:89:DB:F6:2A:2C Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8 Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8 Certificate serial: 019BFA9C5C7EFA3666E8A93E12E07140B12B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft Manifest number: 17EC Signing time: Mon 26 Jan 2026 14:01:49 +0000 Manifest this update: Mon 26 Jan 2026 14:01:49 +0000 Manifest next update: Tue 27 Jan 2026 14:01:49 +0000 Files and hashes: 1: HjXAaowG1d1k_nawkKPh4qSZbcg.crl (hash: Oo3PxSaRp30YuJEIkU0nmxF/ysoYcTQBatp3W9G0S2c=) 2: _SW-efIyZk8frPlLE8yBxAElkiU.roa (hash: iv2POwrNLwDCvtWPf5ONex0CqcvwAdFHiaQ1/D120FA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:9c:5c:7e:fa:36:66:e8:a9:3e:12:e0:71:40:b1:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8 Validity Not Before: Jan 26 14:01:49 2026 GMT Not After : Jan 27 14:01:49 2026 GMT Subject: CN=073d4110a6862b05d9f1540921a9a489dbf62a2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:19:bb:04:d7:ff:96:18:15:ea:39:0c:b7:4f: fe:b3:9c:cf:85:22:db:67:60:17:e3:b0:22:23:be: 0e:58:e0:86:4c:e3:d8:ac:cd:a8:ac:90:ab:ef:d2: 8d:e6:e1:ae:65:3d:11:b7:20:65:39:33:97:6f:90: b0:dd:11:1a:a4:73:7b:b7:a8:fa:0e:9c:ab:44:72: f4:69:9e:be:47:ab:25:af:d3:da:34:32:28:c5:5e: a9:e8:9e:73:fb:6e:64:e6:6c:a8:18:e3:9a:eb:6e: 0c:66:f4:a0:fa:ca:39:cd:1f:ce:31:1f:f4:7c:79: 03:e4:94:76:5e:60:7d:6b:74:92:46:d9:19:a6:3e: 90:28:af:72:95:43:3b:64:1c:79:d3:c2:d4:98:4d: eb:3a:80:5a:fa:c7:8a:9c:f4:39:42:79:f9:c4:b3: 10:aa:71:e2:de:75:77:42:7c:9c:c6:fd:8f:82:c4: c2:8e:4c:e2:e2:6c:8f:e4:13:29:7f:9e:52:db:2b: e5:50:d8:b9:23:c3:c8:93:25:9f:77:11:e5:6d:c1: d5:65:56:6b:6b:8f:2e:5c:68:85:57:8a:9f:1b:4d: 37:63:5e:4d:39:ba:35:9c:5d:cc:c3:fd:dc:ed:c9: 97:f5:93:40:06:fb:00:29:05:e6:8e:97:3c:f2:a7: 02:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:3D:41:10:A6:86:2B:05:D9:F1:54:09:21:A9:A4:89:DB:F6:2A:2C X509v3 Authority Key Identifier: keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:a6:83:4e:28:4a:e5:74:b9:05:70:5d:c3:a9:7a:3e:e1:1a: de:ea:38:c3:8f:47:dd:0c:84:89:f1:57:28:01:2b:09:da:22: f7:29:8d:4d:fa:b7:5a:47:8f:11:01:a4:c9:25:ef:12:8b:7d: e2:95:32:eb:f3:e5:c4:0a:4d:84:63:13:f5:fa:52:54:7d:25: ce:09:f0:ae:8e:ed:1e:f6:34:85:71:9b:15:5a:08:fe:98:86: 0d:3b:a1:31:e6:88:22:b1:fe:ef:a9:81:8c:56:a5:c4:d7:08: aa:28:af:61:f7:46:8b:92:82:b1:e5:0f:59:ff:27:68:a9:0b: 2a:a9:5a:d8:a7:df:64:3d:78:9d:91:73:73:54:5d:46:50:9a: 72:d2:85:51:1a:84:4c:40:4e:a7:9e:1d:6a:65:04:82:61:a1: 95:01:61:0b:08:3e:fa:10:c7:d2:f6:9c:2a:b8:9f:12:79:1e: 05:00:13:b8:ef:be:01:19:44:80:fd:b4:9b:c1:56:6d:32:64: b1:76:0d:e1:36:5f:c1:f4:54:e4:e6:07:8a:19:cd:af:db:70: c9:36:c5:3a:94:fd:79:97:bc:90:ff:e9:6a:be:d8:09:00:48: c4:63:d1:e8:b1:df:8e:a7:90:2f:70:b5:ad:32:bd:29:53:6b: 80:34:f9:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6nFx++jZm6Kk+EuBxQLErMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5 OTZkYzgwHhcNMjYwMTI2MTQwMTQ5WhcNMjYwMTI3MTQwMTQ5WjAzMTEwLwYDVQQD EygwNzNkNDExMGE2ODYyYjA1ZDlmMTU0MDkyMWE5YTQ4OWRiZjYyYTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRm7BNf/lhgV6jkMt0/+s5zPhSLb Z2AX47AiI74OWOCGTOPYrM2orJCr79KN5uGuZT0RtyBlOTOXb5Cw3REapHN7t6j6 DpyrRHL0aZ6+R6slr9PaNDIoxV6p6J5z+25k5myoGOOa624MZvSg+so5zR/OMR/0 fHkD5JR2XmB9a3SSRtkZpj6QKK9ylUM7ZBx508LUmE3rOoBa+seKnPQ5Qnn5xLMQ qnHi3nV3Qnycxv2PgsTCjkzi4myP5BMpf55S2yvlUNi5I8PIkyWfdxHlbcHVZVZr a48uXGiFV4qfG003Y15NObo1nF3Mw/3c7cmX9ZNABvsAKQXmjpc88qcCXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAc9QRCmhisF2fFUCSGppInb9iosMB8GA1UdIwQY MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt OWI1ZDc2YTk0OWY0LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0 LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6aDTihK 5XS5BXBdw6l6PuEa3uo4w49H3QyEifFXKAErCdoi9ymNTfq3WkePEQGkySXvEot9 4pUy6/PlxApNhGMT9fpSVH0lzgnwro7tHvY0hXGbFVoI/piGDTuhMeaIIrH+76mB jFalxNcIqiivYfdGi5KCseUPWf8naKkLKqla2KffZD14nZFzc1RdRlCactKFURqE TEBOp54damUEgmGhlQFhCwg++hDH0vacKrifEnkeBQATuO++ARlEgP20m8FWbTJk sXYN4TZfwfRU5OYHihnNr9twyTbFOpT9eZe8kP/par7YCQBIxGPR6LHfjqeQL3C1 rTK9KVNrgDT5kw== -----END CERTIFICATE-----Generated at Mon Jan 26 22:11:37 2026 by rpki-client