This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json) Hash identifier: tfFB00wRvGRzX48RRO/DMng9r2GCaMPyQoMCKt5+zCM= Subject key identifier: B8:26:05:72:18:E8:06:CA:A3:44:17:01:4B:EC:A9:2E:8F:E7:A3:61 Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Certificate serial: 019B790064F2B23E5AD438CE51CB44895657 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft Manifest number: 17BF Signing time: Thu 01 Jan 2026 10:00:27 +0000 Manifest this update: Thu 01 Jan 2026 10:00:27 +0000 Manifest next update: Fri 02 Jan 2026 10:00:27 +0000 Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: ixKryoB8VUFrDS/yxWVctlM9yevEANxZCZWAToJ8BbQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:00:64:f2:b2:3e:5a:d4:38:ce:51:cb:44:89:56:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Validity Not Before: Jan 1 10:00:27 2026 GMT Not After : Jan 2 10:00:27 2026 GMT Subject: CN=b826057218e806caa34417014beca92e8fe7a361 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:29:88:0e:2c:ca:df:94:97:41:66:af:6a:ed: f1:5c:ef:71:08:b6:97:6a:b2:0e:c1:65:23:e8:3e: 2d:a8:dc:d5:b9:5e:18:14:22:4e:85:b1:5a:b3:54: dc:81:87:df:03:18:11:b5:07:ad:4b:4d:b2:a3:0a: bb:ed:9b:27:a3:01:0b:8e:dc:7b:2e:ec:cb:b3:c9: 84:9c:77:1e:4a:82:23:a8:55:5d:8f:1f:89:5b:7e: 1c:eb:52:39:3b:29:34:cf:ef:74:19:ea:85:cd:97: 55:1d:89:77:e4:65:76:be:41:d5:ca:83:23:a7:e4: 65:5c:57:8c:94:be:d7:9f:4b:02:79:d6:2f:2c:73: a2:d4:81:e7:30:74:fd:da:b1:6a:e4:15:62:50:48: 32:06:8e:7a:0b:88:a9:1d:ec:6d:21:ba:03:c5:6c: eb:49:09:ce:2d:e2:5d:1f:50:57:67:69:ab:10:fc: 30:f7:dd:f8:a8:0b:9d:71:76:64:34:6e:e6:1d:5f: 22:b6:a7:6a:a3:cf:7e:be:71:64:26:11:35:1c:13: 1d:29:3b:cf:1c:15:ee:77:84:02:6c:63:14:cb:0c: 15:d7:30:63:c8:e0:aa:73:b3:1b:c0:36:37:75:42: 5b:fe:6e:df:fa:48:af:f3:af:7b:21:f5:22:b5:1a: 72:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:26:05:72:18:E8:06:CA:A3:44:17:01:4B:EC:A9:2E:8F:E7:A3:61 X509v3 Authority Key Identifier: keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:9c:14:7f:13:63:60:26:6f:9a:6c:35:3e:ab:cf:1d:d5:d7: 51:06:1f:01:3a:88:71:60:61:d9:cd:38:a5:56:dd:77:08:7a: de:a2:dd:d2:5f:c3:cc:0b:79:d1:f5:8c:20:bc:f2:4c:d8:9a: 3f:b3:22:17:1b:f6:b4:1e:ac:e5:70:1a:7d:c0:3d:65:77:7c: ba:0d:b9:e6:b5:68:15:30:f8:f7:6b:36:55:52:81:5a:2a:62: cb:2a:f8:f8:c7:2d:83:c2:c6:91:bc:24:de:c9:21:41:51:71: 3a:55:0b:77:b3:a7:05:6c:89:51:7c:e2:c0:ea:40:51:d5:5d: 6c:fb:cf:12:0b:e8:e1:8b:2f:48:7c:5f:69:fb:8b:55:21:7e: 48:97:d0:51:68:bb:cc:71:92:a5:67:ed:41:af:ee:fd:8d:2d: d1:05:4f:13:99:49:ef:a4:c8:8d:40:6e:4a:66:c5:db:91:60: e1:76:55:a7:92:20:ac:2e:44:dc:c1:91:28:37:a4:cd:3a:c0: 1f:70:94:3b:49:e2:13:5f:21:2f:c4:63:b6:bc:7b:f4:58:38: 7b:dd:4a:b5:c6:cf:08:ea:c6:e1:e0:09:18:45:3f:a9:4e:c2: 33:2e:82:e7:c7:85:3a:f4:49:8d:74:42:2a:ac:d0:27:28:38: 8d:aa:70:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt5AGTysj5a1DjOUctEiVZXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl YmFhNDMwHhcNMjYwMTAxMTAwMDI3WhcNMjYwMTAyMTAwMDI3WjAzMTEwLwYDVQQD EyhiODI2MDU3MjE4ZTgwNmNhYTM0NDE3MDE0YmVjYTkyZThmZTdhMzYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySmIDizK35SXQWavau3xXO9xCLaX arIOwWUj6D4tqNzVuV4YFCJOhbFas1TcgYffAxgRtQetS02yowq77ZsnowELjtx7 LuzLs8mEnHceSoIjqFVdjx+JW34c61I5Oyk0z+90GeqFzZdVHYl35GV2vkHVyoMj p+RlXFeMlL7Xn0sCedYvLHOi1IHnMHT92rFq5BViUEgyBo56C4ipHextIboDxWzr SQnOLeJdH1BXZ2mrEPww9934qAudcXZkNG7mHV8itqdqo89+vnFkJhE1HBMdKTvP HBXud4QCbGMUywwV1zBjyOCqc7MbwDY3dUJb/m7f+kiv8697IfUitRpy2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLgmBXIY6AbKo0QXAUvsqS6P56NhMB8GA1UdIwQY MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARZwUfxNj YCZvmmw1PqvPHdXXUQYfATqIcWBh2c04pVbddwh63qLd0l/DzAt50fWMILzyTNia P7MiFxv2tB6s5XAafcA9ZXd8ug255rVoFTD492s2VVKBWipiyyr4+Mctg8LGkbwk 3skhQVFxOlULd7OnBWyJUXziwOpAUdVdbPvPEgvo4YsvSHxfafuLVSF+SJfQUWi7 zHGSpWftQa/u/Y0t0QVPE5lJ76TIjUBuSmbF25Fg4XZVp5IgrC5E3MGRKDekzTrA H3CUO0niE18hL8Rjtrx79Fg4e91KtcbPCOrG4eAJGEU/qU7CMy6C58eFOvRJjXRC KqzQJyg4japwsw== -----END CERTIFICATE-----Generated at Thu Jan 1 14:25:55 2026 by rpki-client