This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft File: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft (raw, json) Hash identifier: /l8iP4G2faUak0T7+gUmFVIvPiprM0PALqF8lHEK1nE= Subject key identifier: 95:FF:9D:D8:34:F3:5B:D2:8D:03:71:BC:2C:58:29:24:FD:B6:57:C7 Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c Certificate serial: 019BDEED2C04226E24CE4968B3E9A264AA91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft Manifest number: 140F Signing time: Wed 21 Jan 2026 05:00:43 +0000 Manifest this update: Wed 21 Jan 2026 05:00:43 +0000 Manifest next update: Thu 22 Jan 2026 05:00:43 +0000 Files and hashes: 1: EsvahZdQZVhluZsLSr98J_sMDK4.roa (hash: DNS5SQ17LOTRnwWYUw1eb+IWwNLBZu1qV/4r+8SuduY=) 2: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl (hash: G+Yg0np103s+5PU73JC/xh4u6SKBWjQ8zbNGs5NGlYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:de:ed:2c:04:22:6e:24:ce:49:68:b3:e9:a2:64:aa:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c Validity Not Before: Jan 21 05:00:43 2026 GMT Not After : Jan 22 05:00:43 2026 GMT Subject: CN=95ff9dd834f35bd28d0371bc2c582924fdb657c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a0:13:1a:09:1e:1f:38:4a:07:3a:6e:2a:6c: d2:e3:c3:1e:7b:ad:2f:c8:78:57:90:52:9f:f2:5d: d1:83:99:ab:38:95:96:55:8c:5e:6b:d8:c7:29:82: b4:65:5f:2b:b8:e9:d3:59:5a:b4:0a:d1:65:46:87: 3b:84:d1:83:67:99:99:f4:da:4a:fa:1b:2c:e3:73: 70:a4:72:73:ef:6f:5f:df:b6:2c:09:a2:76:ab:41: d7:74:a4:ef:f2:83:b7:e7:4c:45:c2:1f:a4:7d:6c: f2:aa:65:4f:53:0f:70:5f:79:c4:33:4e:94:00:21: ac:c0:3f:18:c1:62:85:19:20:34:af:3d:10:b3:a6: 99:94:55:46:a4:6b:1e:84:32:7e:ec:17:3b:e9:cf: 67:fa:e8:b9:75:a4:75:4e:33:73:73:c9:35:6e:b9: 39:df:49:fa:db:02:24:87:cf:aa:aa:87:87:92:9e: 90:b3:fd:aa:e7:c2:72:fc:e5:22:5d:20:24:f3:86: f3:1b:8b:fb:39:1b:5c:7d:a7:ef:11:c5:27:f7:ca: e6:bf:0c:0b:69:4d:42:58:b9:04:7f:63:ae:16:7f: a9:7e:03:13:e7:61:33:1d:4e:b1:f5:58:13:a0:91: 23:3c:a1:00:13:10:fc:fc:fa:4a:9e:7f:9d:62:dc: 0a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:FF:9D:D8:34:F3:5B:D2:8D:03:71:BC:2C:58:29:24:FD:B6:57:C7 X509v3 Authority Key Identifier: keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:94:c1:34:75:cc:08:9d:a4:99:2b:0d:8f:e3:6a:6a:a3:db: af:f7:58:ca:f4:bc:16:d4:d2:e5:1f:cc:74:26:d5:56:62:83: 23:4f:12:89:6b:b3:4b:a5:7c:9a:a1:02:38:e4:53:9f:70:88: 91:bb:97:a7:49:ea:63:d3:8e:d3:df:ca:fd:00:d1:9a:a8:92: c9:a3:ad:e7:8e:e7:a1:fd:24:f3:ac:e5:f1:a4:4b:7f:1e:c3: b5:54:be:c8:46:37:9b:86:0b:6e:7c:75:a0:46:bf:18:de:3d: e3:f6:66:94:39:81:7c:95:74:ea:f7:cf:c1:53:f6:0a:7b:9a: bf:80:79:c1:c6:75:0d:2f:ba:a8:61:e6:07:4d:0b:97:bd:cc: 2f:f5:4c:ec:26:8f:3d:53:47:2c:6b:2b:1a:0c:9a:c5:8d:a9: d7:c9:94:74:bc:8b:95:58:74:02:9f:6d:75:40:42:11:3f:a5: 5c:66:bf:7c:6b:35:e0:fe:4b:d6:1f:15:bb:a5:c8:fd:79:e6: c1:b4:68:7f:f5:a5:e0:a6:3d:9e:28:9f:ee:da:f4:ce:73:22: 1d:00:c2:d9:4a:ab:e9:eb:3c:a6:bf:cc:47:5b:4e:1d:62:0d: de:cf:3f:77:ae:1e:92:de:57:c4:8f:16:7f:c1:4d:5f:6f:82: 8e:a2:7c:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZve7SwEIm4kzklos+miZKqRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3 NTYyMGMwHhcNMjYwMTIxMDUwMDQzWhcNMjYwMTIyMDUwMDQzWjAzMTEwLwYDVQQD Eyg5NWZmOWRkODM0ZjM1YmQyOGQwMzcxYmMyYzU4MjkyNGZkYjY1N2M3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26ATGgkeHzhKBzpuKmzS48Mee60v yHhXkFKf8l3Rg5mrOJWWVYxea9jHKYK0ZV8ruOnTWVq0CtFlRoc7hNGDZ5mZ9NpK +hss43NwpHJz729f37YsCaJ2q0HXdKTv8oO350xFwh+kfWzyqmVPUw9wX3nEM06U ACGswD8YwWKFGSA0rz0Qs6aZlFVGpGsehDJ+7Bc76c9n+ui5daR1TjNzc8k1brk5 30n62wIkh8+qqoeHkp6Qs/2q58Jy/OUiXSAk84bzG4v7ORtcfafvEcUn98rmvwwL aU1CWLkEf2OuFn+pfgMT52EzHU6x9VgToJEjPKEAExD8/PpKnn+dYtwKawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJX/ndg081vSjQNxvCxYKST9tlfHMB8GA1UdIwQY MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt NmY1ZDhhNzRhMGU0LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0 LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZTBNHXM CJ2kmSsNj+NqaqPbr/dYyvS8FtTS5R/MdCbVVmKDI08SiWuzS6V8mqECOORTn3CI kbuXp0nqY9OO09/K/QDRmqiSyaOt547nof0k86zl8aRLfx7DtVS+yEY3m4YLbnx1 oEa/GN494/ZmlDmBfJV06vfPwVP2Cnuav4B5wcZ1DS+6qGHmB00Ll73ML/VM7CaP PVNHLGsrGgyaxY2p18mUdLyLlVh0Ap9tdUBCET+lXGa/fGs14P5L1h8Vu6XI/Xnm wbRof/Wl4KY9niif7tr0znMiHQDC2Uqr6es8pr/MR1tOHWIN3s8/d64ekt5XxI8W f8FNX2+CjqJ8fg== -----END CERTIFICATE-----Generated at Wed Jan 21 09:20:41 2026 by rpki-client