This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft File: 4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json) Hash identifier: deR4DHoNgbtJgdEFt06pZiMrSsPoVKUtX/qGbhhMcdk= Subject key identifier: B3:6C:0A:39:11:E4:E7:1B:59:9C:04:9D:B3:DE:3A:F6:25:A2:3E:7B Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A Certificate issuer: /CN=e2a10de6ffae590427244a03343db66ac564275a Certificate serial: 019B8B74B634A3A0EB8BC7C091FF557DB1FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft Manifest number: 14F9 Signing time: Mon 05 Jan 2026 00:00:40 +0000 Manifest this update: Mon 05 Jan 2026 00:00:40 +0000 Manifest next update: Tue 06 Jan 2026 00:00:40 +0000 Files and hashes: 1: 0gIiALe6pz1IQicIRlap9JpEjvk.roa (hash: a8WIdauJpV7mniv+m0G3DWtScZS35ac1cb7lSAK0pD4=) 2: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: kmqHKZaf7ezDiRGqYuYOWIKf9kUYRYgJC7b4QSUExpQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8b:74:b6:34:a3:a0:eb:8b:c7:c0:91:ff:55:7d:b1:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a Validity Not Before: Jan 5 00:00:40 2026 GMT Not After : Jan 6 00:00:40 2026 GMT Subject: CN=b36c0a3911e4e71b599c049db3de3af625a23e7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:76:e7:55:0a:e4:8d:eb:39:c5:3d:99:20:a3: 05:00:35:f4:02:85:89:2a:ca:95:f4:8e:60:4a:78: f7:20:ea:f2:87:bf:c6:65:e4:d5:20:7e:c7:63:4e: 85:49:91:80:82:60:9d:df:3d:b5:de:d5:c7:61:3b: d8:3e:3f:0c:0f:95:6e:8d:0a:89:e0:81:d6:30:bf: b2:a3:a5:33:df:27:d0:d9:2e:f8:35:bb:b5:55:26: be:cf:1d:1d:fe:18:18:b3:fe:ad:28:0e:a6:cd:4f: 2d:21:ed:fa:19:b4:d9:91:cd:f1:7f:4e:2f:b4:3f: 03:b6:1f:2d:8f:e0:39:42:99:ca:82:65:14:aa:e9: 05:0f:bb:b8:ad:31:aa:89:c4:19:39:00:ed:27:b1: f8:a5:3e:d4:6a:f5:fc:34:a6:b1:a5:a6:83:83:74: 21:72:79:d9:41:2f:83:4d:b5:37:05:9e:20:fa:a4: cc:f8:8f:83:b3:37:06:fc:a9:fe:9e:7b:1b:65:63: 31:09:0f:3e:5c:11:13:13:a1:07:f8:93:cc:14:96: cc:ee:2b:c9:d8:62:bb:db:80:26:5a:ae:19:76:12: be:11:9f:0f:a8:27:45:77:14:6c:76:34:8f:fd:d2: d5:c2:04:be:3e:a8:df:b2:c2:6e:65:a4:2e:3c:06: 8f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:6C:0A:39:11:E4:E7:1B:59:9C:04:9D:B3:DE:3A:F6:25:A2:3E:7B X509v3 Authority Key Identifier: keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:29:32:63:8e:09:0d:3f:3d:08:ec:9e:a6:43:4b:f4:61:18: 47:c6:ad:49:16:c3:a1:86:b8:6f:ff:ac:e7:ce:2c:9c:61:77: ca:ea:83:80:d4:64:37:19:4a:a2:8f:b1:29:de:62:32:49:91: 4c:05:31:59:b5:28:38:b4:cd:63:93:b4:a1:d2:48:24:f4:9d: 5a:b4:eb:38:69:9f:59:28:4b:73:70:ea:f3:2d:60:42:2d:bd: cd:8a:af:22:e4:54:08:81:56:d1:c0:0f:67:04:df:f2:7a:fe: d5:78:31:d7:96:65:0d:6d:fa:77:01:21:6f:bd:6f:1a:72:f9: 1d:33:eb:85:65:78:e9:8c:61:18:98:17:72:a3:34:a4:0d:61: 33:97:0a:3a:57:2a:86:a3:53:d4:79:0f:87:d0:9a:b0:63:98: ff:80:c3:21:07:01:3f:e1:a1:2e:c3:b3:93:d4:9a:a3:91:5c: a9:d1:4f:b0:92:0a:13:73:e1:7a:e5:e1:46:3d:68:95:a1:28: 75:fb:66:df:3c:6d:06:f5:5a:c1:9a:c1:da:51:e6:04:f6:69: ac:f9:26:d6:60:56:68:fe:9f:c8:9f:e1:78:aa:54:7c:c7:87: 46:6a:ff:90:61:38:6b:a1:c9:00:be:0e:99:c8:24:41:cf:e9: c0:67:dd:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuLdLY0o6Dri8fAkf9VfbH8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2 NDI3NWEwHhcNMjYwMTA1MDAwMDQwWhcNMjYwMTA2MDAwMDQwWjAzMTEwLwYDVQQD EyhiMzZjMGEzOTExZTRlNzFiNTk5YzA0OWRiM2RlM2FmNjI1YTIzZTdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXbnVQrkjes5xT2ZIKMFADX0AoWJ KsqV9I5gSnj3IOryh7/GZeTVIH7HY06FSZGAgmCd3z213tXHYTvYPj8MD5VujQqJ 4IHWML+yo6Uz3yfQ2S74Nbu1VSa+zx0d/hgYs/6tKA6mzU8tIe36GbTZkc3xf04v tD8Dth8tj+A5QpnKgmUUqukFD7u4rTGqicQZOQDtJ7H4pT7UavX8NKaxpaaDg3Qh cnnZQS+DTbU3BZ4g+qTM+I+DszcG/Kn+nnsbZWMxCQ8+XBETE6EH+JPMFJbM7ivJ 2GK724AmWq4ZdhK+EZ8PqCdFdxRsdjSP/dLVwgS+PqjfssJuZaQuPAaPsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLNsCjkR5OcbWZwEnbPeOvYloj57MB8GA1UdIwQY MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARykyY44J DT89COyepkNL9GEYR8atSRbDoYa4b/+s584snGF3yuqDgNRkNxlKoo+xKd5iMkmR TAUxWbUoOLTNY5O0odJIJPSdWrTrOGmfWShLc3Dq8y1gQi29zYqvIuRUCIFW0cAP ZwTf8nr+1Xgx15ZlDW36dwEhb71vGnL5HTPrhWV46YxhGJgXcqM0pA1hM5cKOlcq hqNT1HkPh9CasGOY/4DDIQcBP+GhLsOzk9Sao5FcqdFPsJIKE3PheuXhRj1olaEo dftm3zxtBvVawZrB2lHmBPZprPkm1mBWaP6fyJ/heKpUfMeHRmr/kGE4a6HJAL4O mcgkQc/pwGfdCw== -----END CERTIFICATE-----Generated at Mon Jan 5 03:06:56 2026 by rpki-client