This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json) Hash identifier: 29bQgY5Oua0DFtenJoawCUT/j+KD0TWmyhYQI41/ES4= Subject key identifier: C3:DF:7E:C6:A0:CD:DF:55:FB:8B:57:2D:97:06:55:C7:CC:EC:CB:1C Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f Certificate serial: 019BA1FD52934A2CF1A0BF1F31C524B1ECD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft Manifest number: 0447 Signing time: Fri 09 Jan 2026 09:01:32 +0000 Manifest this update: Fri 09 Jan 2026 09:01:32 +0000 Manifest next update: Sat 10 Jan 2026 09:01:32 +0000 Files and hashes: 1: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: 5hZWlpVzrg22N97sioaZRRZfcOJ9Y/Xsx3YKiTGmLwA=) 2: N3bXffW8yKFqU5UMm7fvxG-jz6A.roa (hash: bdRoY8TZDQQa0PscQFcX1AU8tV8n2oKXvuQ9ADHxYzU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 09:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a1:fd:52:93:4a:2c:f1:a0:bf:1f:31:c5:24:b1:ec:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f Validity Not Before: Jan 9 09:01:32 2026 GMT Not After : Jan 10 09:01:32 2026 GMT Subject: CN=c3df7ec6a0cddf55fb8b572d970655c7cceccb1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:12:c5:56:77:33:db:bb:1c:f6:b6:4e:f0:3c: 96:84:67:8e:58:9d:ab:75:13:bd:68:b2:d7:9f:f5: 3e:48:de:d9:e7:35:e4:fe:9e:d6:e2:c9:1f:63:53: dc:34:54:78:6a:b1:61:73:23:d9:7d:73:7c:60:5d: 5e:d7:71:52:5a:73:40:63:10:f6:3c:5c:ea:29:b4: 5b:b8:cb:21:21:02:ae:3b:33:c8:77:4d:b3:12:70: da:9e:c4:ba:2e:b3:e6:65:e7:7e:18:93:78:bd:bf: 7a:3b:f2:77:bd:cd:49:91:c4:63:20:62:17:8c:5f: 2d:e8:81:32:e2:c0:4b:48:c3:ba:84:ad:ef:57:d2: 10:8b:2b:c4:e6:5a:d2:46:2b:cf:93:82:bd:23:ec: bb:ad:64:a4:ee:4a:4c:bd:b4:da:a4:f6:5e:b0:0d: 76:c8:bb:cf:92:b8:34:cb:25:22:c9:fc:04:6b:01: f1:49:58:49:e2:84:d3:e1:9f:55:17:3a:50:f6:a0: 27:a8:bf:a1:84:21:fc:45:8f:b8:60:13:71:f5:6f: b5:09:ec:b0:51:4a:c4:be:43:d1:1e:e9:1a:6b:53: 1a:75:6f:72:07:42:99:57:d4:01:21:51:8d:e5:29: d6:65:94:44:8f:b4:03:44:0e:05:c7:f2:22:74:6f: 1b:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:DF:7E:C6:A0:CD:DF:55:FB:8B:57:2D:97:06:55:C7:CC:EC:CB:1C X509v3 Authority Key Identifier: keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:a5:dc:2a:b3:1f:0c:eb:98:c1:92:43:20:01:97:70:6d:47: e5:67:47:ec:89:4a:f4:00:c3:cd:2f:ba:82:36:c6:2c:04:24: f1:d5:49:a4:12:62:1c:3a:b1:9e:f9:51:6b:b0:83:ea:e8:14: b4:9a:51:42:7a:4a:e4:dc:4d:65:b0:c5:6f:84:42:ea:0c:cb: e1:95:52:b7:88:77:17:c8:4f:c8:27:b6:02:4a:91:00:18:fb: d1:c6:83:36:b7:96:87:b3:c7:93:ea:15:98:d5:f5:ae:c0:fd: 50:3b:5f:8a:f4:48:86:62:1b:32:ce:07:78:cc:24:1f:e8:72: b4:d4:93:49:d3:ac:b6:5c:06:97:d3:84:71:4c:be:f0:ae:50: c9:63:42:23:a6:ef:e8:44:b3:e5:f9:75:65:b3:5a:ca:36:d4: ef:b5:03:2f:4f:5a:8a:74:a4:09:e7:0b:03:b4:0f:c8:ca:0b: fc:ee:59:cf:3a:53:32:13:56:24:21:4b:7d:65:29:f6:ed:5e: 7c:26:69:20:3e:93:1d:f1:5c:f9:24:7f:f9:20:51:84:bc:71: a7:1e:a0:82:87:f0:d2:3c:5d:6f:25:b2:1b:83:99:df:f7:b5: 52:c0:2e:52:8b:6e:22:5d:cf:6d:b3:eb:02:0d:09:58:63:c7: 4d:c1:c8:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuh/VKTSizxoL8fMcUksezQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll ODg2NGYwHhcNMjYwMTA5MDkwMTMyWhcNMjYwMTEwMDkwMTMyWjAzMTEwLwYDVQQD EyhjM2RmN2VjNmEwY2RkZjU1ZmI4YjU3MmQ5NzA2NTVjN2NjZWNjYjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRLFVncz27sc9rZO8DyWhGeOWJ2r dRO9aLLXn/U+SN7Z5zXk/p7W4skfY1PcNFR4arFhcyPZfXN8YF1e13FSWnNAYxD2 PFzqKbRbuMshIQKuOzPId02zEnDansS6LrPmZed+GJN4vb96O/J3vc1JkcRjIGIX jF8t6IEy4sBLSMO6hK3vV9IQiyvE5lrSRivPk4K9I+y7rWSk7kpMvbTapPZesA12 yLvPkrg0yyUiyfwEawHxSVhJ4oTT4Z9VFzpQ9qAnqL+hhCH8RY+4YBNx9W+1Ceyw UUrEvkPRHukaa1MadW9yB0KZV9QBIVGN5SnWZZREj7QDRA4Fx/IidG8bAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPffsagzd9V+4tXLZcGVcfM7MscMB8GA1UdIwQY MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1 LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASaXcKrMf DOuYwZJDIAGXcG1H5WdH7IlK9ADDzS+6gjbGLAQk8dVJpBJiHDqxnvlRa7CD6ugU tJpRQnpK5NxNZbDFb4RC6gzL4ZVSt4h3F8hPyCe2AkqRABj70caDNreWh7PHk+oV mNX1rsD9UDtfivRIhmIbMs4HeMwkH+hytNSTSdOstlwGl9OEcUy+8K5QyWNCI6bv 6ESz5fl1ZbNayjbU77UDL09ainSkCecLA7QPyMoL/O5ZzzpTMhNWJCFLfWUp9u1e fCZpID6THfFc+SR/+SBRhLxxpx6ggofw0jxdbyWyG4OZ3/e1UsAuUotuIl3PbbPr Ag0JWGPHTcHIQg== -----END CERTIFICATE-----Generated at Fri Jan 9 16:26:34 2026 by rpki-client