This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft File: bgC7pk9Ra41jNaAc8wS4It7hrtA.mft (raw, json) Hash identifier: M5TIgDjrQfn5vmvpMGlxUuS8qo7oQf+dZ88/pZ6Zm1Q= Subject key identifier: 2E:5C:46:E8:54:A8:8C:F5:CF:BD:45:83:7A:5C:2B:6F:C1:24:DE:86 Authority key identifier: 6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0 Certificate issuer: /CN=6e00bba64f516b8d6335a01cf304b822dee1aed0 Certificate serial: 019BB3286B994DFBCCF7C969DEFEF5239BE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft Manifest number: 17C3 Signing time: Mon 12 Jan 2026 17:02:09 +0000 Manifest this update: Mon 12 Jan 2026 17:02:09 +0000 Manifest next update: Tue 13 Jan 2026 17:02:09 +0000 Files and hashes: 1: bgC7pk9Ra41jNaAc8wS4It7hrtA.crl (hash: a7Af74eLol524Ft3tMrB4Q29sy2WXiQmLl7IMQpsF4E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 16:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:28:6b:99:4d:fb:cc:f7:c9:69:de:fe:f5:23:9b:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e00bba64f516b8d6335a01cf304b822dee1aed0 Validity Not Before: Jan 12 17:02:09 2026 GMT Not After : Jan 13 17:02:09 2026 GMT Subject: CN=2e5c46e854a88cf5cfbd45837a5c2b6fc124de86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ac:0d:48:24:0b:ad:a2:88:a5:4c:1c:91:42: 7c:8e:7e:a7:fb:5e:63:80:60:59:77:f8:da:94:2f: 20:9d:5a:cc:3e:10:46:3e:c7:63:96:ed:4e:1f:e7: d8:45:c9:df:8b:6c:2f:c5:c3:03:45:77:d3:0a:ee: 45:3d:74:05:8d:a1:d8:a3:ce:d3:5f:98:93:51:2b: d1:6f:5a:d9:d2:39:ae:e7:d6:c8:18:f5:c2:c2:3b: 67:b7:b4:4a:c4:26:2b:6b:b8:31:70:b1:70:40:95: 66:f9:79:85:d2:75:58:7d:62:b9:bd:e5:da:17:ae: d8:2b:ae:cd:d9:f0:78:30:aa:a3:56:5b:af:0d:dc: ad:4d:31:6f:eb:46:7a:39:8d:1c:6f:19:e5:f0:8c: e7:57:00:92:9c:ec:81:53:ed:87:a4:85:d4:4a:cd: f5:7e:bc:8d:74:54:af:03:9e:dc:2e:0b:f0:a1:f0: 9f:9c:f0:60:08:fe:b3:28:c3:a2:40:25:ba:94:b1: 9a:90:3f:d1:50:58:84:ff:9a:96:3e:d9:09:d1:db: cc:9d:3c:92:25:63:96:45:7e:99:b6:ef:16:e0:df: e6:dd:48:b7:91:91:8d:42:79:c3:71:30:37:53:00: 58:89:f9:ca:44:db:75:f1:a5:74:a7:c9:75:4f:3d: bc:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:5C:46:E8:54:A8:8C:F5:CF:BD:45:83:7A:5C:2B:6F:C1:24:DE:86 X509v3 Authority Key Identifier: keyid:6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:e0:91:3b:80:5b:f0:1f:f3:bc:2e:3b:a3:59:a1:dd:05:95: c2:a0:fb:0d:de:1d:53:80:30:df:eb:04:96:3e:a6:b5:10:98: fe:10:bc:a3:26:16:d0:61:65:90:01:77:76:f2:f3:b2:95:c8: 5c:3c:49:1b:69:8f:22:d4:55:95:74:da:d5:4f:30:f3:88:de: 8b:35:ab:2c:7c:4d:6c:ea:9e:a6:7d:9b:c9:58:b7:56:ec:8c: 02:23:fe:c1:8c:11:7b:d4:78:92:ce:04:93:41:82:2b:b8:d9: 8a:6c:bb:6b:95:bb:09:e0:f6:08:03:10:16:26:23:d8:ab:27: 73:2a:b4:2d:df:30:ff:0e:3c:48:2d:da:72:64:cf:ca:52:67: 91:5e:ad:d4:a4:94:94:8a:48:3b:71:34:4f:c6:4f:7a:0b:a1: ff:65:a8:bc:c1:ac:78:fc:25:d8:0f:ee:1c:69:26:68:0b:79: 76:91:36:0e:5b:00:85:44:55:bc:56:62:2a:77:de:a8:b6:63: 3b:60:2b:71:f3:28:69:af:e4:f5:a8:fe:2d:e0:95:a0:79:41: 88:5e:ea:aa:0a:57:9b:b6:79:13:d3:13:ca:27:ca:1e:60:e1: 0a:1e:87:2f:3b:c3:ff:9d:b0:78:4e:59:1a:8e:06:2b:9e:7c: b3:34:88:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuzKGuZTfvM98lp3v71I5vhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlMDBiYmE2NGY1MTZiOGQ2MzM1YTAxY2YzMDRiODIyZGVl MWFlZDAwHhcNMjYwMTEyMTcwMjA5WhcNMjYwMTEzMTcwMjA5WjAzMTEwLwYDVQQD EygyZTVjNDZlODU0YTg4Y2Y1Y2ZiZDQ1ODM3YTVjMmI2ZmMxMjRkZTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyawNSCQLraKIpUwckUJ8jn6n+15j gGBZd/jalC8gnVrMPhBGPsdjlu1OH+fYRcnfi2wvxcMDRXfTCu5FPXQFjaHYo87T X5iTUSvRb1rZ0jmu59bIGPXCwjtnt7RKxCYra7gxcLFwQJVm+XmF0nVYfWK5veXa F67YK67N2fB4MKqjVluvDdytTTFv60Z6OY0cbxnl8IznVwCSnOyBU+2HpIXUSs31 fryNdFSvA57cLgvwofCfnPBgCP6zKMOiQCW6lLGakD/RUFiE/5qWPtkJ0dvMnTyS JWOWRX6Ztu8W4N/m3Ui3kZGNQnnDcTA3UwBYifnKRNt18aV0p8l1Tz28uwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC5cRuhUqIz1z71Fg3pcK2/BJN6GMB8GA1UdIwQY MBaAFG4Au6ZPUWuNYzWgHPMEuCLe4a7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQt NTc1Y2Y1ZDMzNWU0LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQtNTc1Y2Y1ZDMzNWU0 LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdOCRO4Bb 8B/zvC47o1mh3QWVwqD7Dd4dU4Aw3+sElj6mtRCY/hC8oyYW0GFlkAF3dvLzspXI XDxJG2mPItRVlXTa1U8w84jeizWrLHxNbOqepn2byVi3VuyMAiP+wYwRe9R4ks4E k0GCK7jZimy7a5W7CeD2CAMQFiYj2Ksncyq0Ld8w/w48SC3acmTPylJnkV6t1KSU lIpIO3E0T8ZPeguh/2WovMGsePwl2A/uHGkmaAt5dpE2DlsAhURVvFZiKnfeqLZj O2ArcfMoaa/k9aj+LeCVoHlBiF7qqgpXm7Z5E9MTyifKHmDhCh6HLzvD/52weE5Z Go4GK558szSIRw== -----END CERTIFICATE-----Generated at Mon Jan 12 23:49:14 2026 by rpki-client