This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft File: 1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft (raw, json) Hash identifier: z3cU37UFGRJkz13xXATo+LaLijPj1fT+EbnTerV+IFg= Subject key identifier: 4C:AD:2C:25:52:09:24:59:40:B6:BF:E0:5F:47:C0:02:6A:0D:67:8A Authority key identifier: D5:A2:19:6E:F1:19:22:11:55:E1:68:3F:89:67:D2:54:62:5D:AE:71 Certificate issuer: /CN=d5a2196ef119221155e1683f8967d254625dae71 Certificate serial: 019BAFEFFD924FB802E6BDAB7A32E1CBAFB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft Manifest number: 17C2 Signing time: Mon 12 Jan 2026 02:01:39 +0000 Manifest this update: Mon 12 Jan 2026 02:01:39 +0000 Manifest next update: Tue 13 Jan 2026 02:01:39 +0000 Files and hashes: 1: 1aIZbvEZIhFV4Wg_iWfSVGJdrnE.crl (hash: CyfQamF8CqLkBpPKffYA08B+paNsF4Mgzo1fKbQEhXk=) 2: AHnNibYpBfUdvSGboILQ1teAIw4.roa (hash: 42GSIkMZbcrmZ8XMph6d+mXrtH34NIs/JYMf8WUp4vM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.crl rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 02:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:af:ef:fd:92:4f:b8:02:e6:bd:ab:7a:32:e1:cb:af:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5a2196ef119221155e1683f8967d254625dae71 Validity Not Before: Jan 12 02:01:39 2026 GMT Not After : Jan 13 02:01:39 2026 GMT Subject: CN=4cad2c255209245940b6bfe05f47c0026a0d678a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:db:78:71:1d:ee:c8:f9:75:16:e0:7d:5b:01: f9:36:0b:bc:9d:5a:80:96:c0:94:3d:5a:83:d6:0c: f3:b7:fc:a5:00:20:d7:6a:20:46:be:c0:cb:bc:24: f9:da:ce:da:0a:3e:0a:80:18:05:cf:7f:2c:48:40: 4b:b6:d7:ce:00:8f:9c:04:42:76:9a:eb:3e:11:3e: f4:3b:1e:f6:dd:00:54:94:70:ab:ae:92:59:4d:be: be:30:e1:c1:66:d2:0c:a7:a7:c3:e5:6c:f7:dc:2d: 88:2d:1a:88:34:2c:09:95:45:b3:02:b9:66:cf:d1: 4a:09:4b:45:d4:b0:49:30:49:d8:95:2f:93:61:64: 8d:27:03:30:20:ab:03:e5:1a:a3:c8:c8:05:73:9a: bc:f7:18:d7:de:82:ba:a3:8e:f7:fa:e1:9a:31:ef: 34:b5:87:04:18:f7:94:c2:78:37:a1:8d:98:09:7f: e7:62:c3:c3:27:fc:19:f7:ce:47:67:32:e4:eb:36: 5d:f0:89:84:ab:d3:a2:4d:45:ed:af:f9:1f:21:82: ed:c3:dc:bd:b8:9e:33:e4:ed:c2:a2:ef:3d:48:d9: eb:45:64:92:61:43:2b:fc:3f:ac:40:e3:ae:55:25: 96:62:01:df:91:07:1f:bf:eb:d9:84:68:9d:4a:0e: 06:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:AD:2C:25:52:09:24:59:40:B6:BF:E0:5F:47:C0:02:6A:0D:67:8A X509v3 Authority Key Identifier: keyid:D5:A2:19:6E:F1:19:22:11:55:E1:68:3F:89:67:D2:54:62:5D:AE:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:a0:28:6f:6b:29:28:dc:a3:b8:de:93:ea:62:31:4e:83:cd: 33:f5:d7:a5:d4:27:26:f5:c7:c3:85:e0:63:a0:a3:dd:6b:a2: 8d:44:3a:e1:91:26:3f:42:94:20:36:60:e7:5f:9c:6d:ce:83: cf:ac:7a:df:19:65:f5:98:35:e9:b3:00:84:05:ee:ce:d7:49: 43:5f:3a:52:c9:5f:30:f3:38:ae:8d:ff:2a:eb:6e:53:02:dc: 18:fb:fe:f1:27:c1:cb:06:4e:ba:b1:c6:c5:07:49:67:1c:f3: 91:c9:f7:af:c9:44:0f:1f:42:69:bf:ad:b6:d4:96:fa:2f:b6: 0e:8d:05:5a:c5:9c:21:b2:30:ab:45:3e:a4:1c:c2:ad:fc:d1: d9:3d:d8:f6:dc:d5:3d:2e:71:87:49:ff:0e:36:92:6e:1f:8b: 9c:cb:7d:61:14:f1:68:fa:18:87:2f:fa:a2:e3:19:18:62:47: 32:2d:8b:26:cf:a8:12:42:40:b2:f2:5c:53:04:d9:11:a2:2a: f1:80:42:26:f9:70:ff:c8:d2:80:18:cf:d2:7f:5c:b1:5d:b0: 86:c8:bd:7d:e8:b6:a6:13:8d:6e:91:29:fc:3a:3d:09:6f:1f: e7:ef:af:8a:19:80:82:c0:56:2c:75:da:66:c2:7f:07:44:5d: 8f:83:97:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuv7/2ST7gC5r2rejLhy6+3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YTIxOTZlZjExOTIyMTE1NWUxNjgzZjg5NjdkMjU0NjI1 ZGFlNzEwHhcNMjYwMTEyMDIwMTM5WhcNMjYwMTEzMDIwMTM5WjAzMTEwLwYDVQQD Eyg0Y2FkMmMyNTUyMDkyNDU5NDBiNmJmZTA1ZjQ3YzAwMjZhMGQ2NzhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstt4cR3uyPl1FuB9WwH5Ngu8nVqA lsCUPVqD1gzzt/ylACDXaiBGvsDLvCT52s7aCj4KgBgFz38sSEBLttfOAI+cBEJ2 mus+ET70Ox723QBUlHCrrpJZTb6+MOHBZtIMp6fD5Wz33C2ILRqINCwJlUWzArlm z9FKCUtF1LBJMEnYlS+TYWSNJwMwIKsD5RqjyMgFc5q89xjX3oK6o473+uGaMe80 tYcEGPeUwng3oY2YCX/nYsPDJ/wZ985HZzLk6zZd8ImEq9OiTUXtr/kfIYLtw9y9 uJ4z5O3Cou89SNnrRWSSYUMr/D+sQOOuVSWWYgHfkQcfv+vZhGidSg4G6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEytLCVSCSRZQLa/4F9HwAJqDWeKMB8GA1UdIwQY MBaAFNWiGW7xGSIRVeFoP4ln0lRiXa5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWFJWmJ2RVpJaEZWNFdnX2lXZlNWR0pkcm5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iMDYzMzctNjUxNy00MDBiLThjYjUt N2FmYTBiY2Q3OTc2LzEvMWFJWmJ2RVpJaEZWNFdnX2lXZlNWR0pkcm5FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9iMDYzMzctNjUxNy00MDBiLThjYjUtN2FmYTBiY2Q3OTc2 LzEvMWFJWmJ2RVpJaEZWNFdnX2lXZlNWR0pkcm5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaAob2sp KNyjuN6T6mIxToPNM/XXpdQnJvXHw4XgY6Cj3WuijUQ64ZEmP0KUIDZg51+cbc6D z6x63xll9Zg16bMAhAXuztdJQ186UslfMPM4ro3/KutuUwLcGPv+8SfBywZOurHG xQdJZxzzkcn3r8lEDx9Cab+tttSW+i+2Do0FWsWcIbIwq0U+pBzCrfzR2T3Y9tzV PS5xh0n/DjaSbh+LnMt9YRTxaPoYhy/6ouMZGGJHMi2LJs+oEkJAsvJcUwTZEaIq 8YBCJvlw/8jSgBjP0n9csV2whsi9fei2phONbpEp/Do9CW8f5++vihmAgsBWLHXa ZsJ/B0Rdj4OXbA== -----END CERTIFICATE-----Generated at Mon Jan 12 12:31:56 2026 by rpki-client