This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json) Hash identifier: O7hvdedm8aIQ9XcGYdFlWSS2sbqMfxpQuxMcdlNiNNI= Subject key identifier: E8:A9:65:CC:09:C6:F3:54:CE:E5:77:04:72:98:63:F5:37:67:13:8F Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c Certificate serial: 019BB027052751BA53DA636AF55F3A5ED6F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft Manifest number: 034A Signing time: Mon 12 Jan 2026 03:01:45 +0000 Manifest this update: Mon 12 Jan 2026 03:01:45 +0000 Manifest next update: Tue 13 Jan 2026 03:01:45 +0000 Files and hashes: 1: 1-w3-HT-b4gN55Ez02d0Ltxhd_18.roa (hash: SZE3EWQBz3QYJjq31FoNPzS9VUyILcF5vCKxR6HmvGg=) 2: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: vmhOO+KmYtMzoN6zMYMjxGkmI2TnKJNwp++foBuiCGo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 02:42:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b0:27:05:27:51:ba:53:da:63:6a:f5:5f:3a:5e:d6:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c Validity Not Before: Jan 12 03:01:45 2026 GMT Not After : Jan 13 03:01:45 2026 GMT Subject: CN=e8a965cc09c6f354cee57704729863f53767138f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:79:79:a9:63:b2:96:44:10:cd:0c:0d:6f:d3: ad:02:4d:59:7b:ef:08:8d:a1:c4:d5:12:a3:b0:2c: 3c:3b:e0:aa:db:fa:2c:2d:8d:e4:8e:7b:f2:a9:59: 1c:76:b3:f2:e4:f9:29:82:16:b2:7e:28:58:0e:f6: 05:fa:3b:fa:d1:79:1f:0a:e1:4d:62:77:e4:46:d9: 27:3c:73:fe:6a:51:5b:db:b7:a1:03:d9:dc:1f:5c: a6:42:d0:6a:b5:d8:74:10:7f:c6:7e:aa:fe:98:e1: ec:f7:80:8e:a1:f1:43:d9:0e:aa:c8:af:53:ae:04: 0e:16:47:e0:bc:3a:ae:68:e9:07:c8:03:18:ed:ed: fb:96:e6:7c:3b:70:8c:85:da:07:7d:56:1b:57:a3: 33:42:1f:b0:da:33:5f:65:c5:69:af:4d:d4:cc:3c: c3:e9:1c:e1:2b:9d:ab:e7:92:72:07:06:e0:c4:83: 22:8d:26:a5:e7:35:f2:f8:60:37:88:0a:8c:25:33: 98:d3:f2:7c:8c:ff:14:0a:ca:9a:89:4f:d8:a4:51: 2e:30:76:63:1c:10:ea:f1:9f:1b:31:06:6c:19:0a: 1e:f0:c4:e0:1d:f1:58:2f:7f:eb:1d:a1:ad:21:a5: cc:0b:3c:ca:17:04:b7:4b:b6:ad:e8:1e:7d:90:17: a6:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:A9:65:CC:09:C6:F3:54:CE:E5:77:04:72:98:63:F5:37:67:13:8F X509v3 Authority Key Identifier: keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:f9:f5:f0:ff:31:d4:21:7e:8f:fa:2a:76:1c:36:c1:a1:94: 93:27:c1:6a:c0:39:25:0f:2a:84:d6:4b:9e:dd:3b:6e:17:e4: 70:bb:77:63:6d:0b:01:ac:d2:a0:50:07:a9:18:54:87:2b:f9: 31:2c:4e:8d:8b:17:77:fd:0d:92:11:29:a3:a3:86:bd:b4:5a: ac:22:5b:b6:b7:e7:66:d6:c2:97:bb:70:8e:b1:88:85:56:b0: 19:a4:ea:6b:1f:24:02:84:59:c3:e9:7a:8b:59:d6:c2:0d:da: db:b9:5d:05:0e:75:a7:bd:b0:ac:78:ab:38:01:59:c4:da:57: 5d:d7:98:3a:31:f8:5a:8d:85:34:e6:20:46:a4:d9:25:5c:0f: fb:64:8b:ae:74:c5:74:22:64:08:04:9e:ca:a6:43:f9:c0:33: e1:79:5a:e0:83:92:da:e7:3d:1a:ea:df:c2:18:42:e8:d6:68: 40:53:10:07:61:3f:4e:28:e1:a5:36:a1:cb:1c:f4:ed:3d:20: 76:38:44:51:68:97:ab:d9:a7:31:58:6d:eb:76:2d:97:69:d5: aa:35:8d:09:52:7b:c6:f2:5f:9f:0c:cf:b6:bf:70:63:01:88: a3:57:04:22:dd:7f:b7:23:44:47:5c:7f:e9:09:ba:fe:91:34: 7d:bc:ed:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuwJwUnUbpT2mNq9V86Xtb0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw Mjc2NmMwHhcNMjYwMTEyMDMwMTQ1WhcNMjYwMTEzMDMwMTQ1WjAzMTEwLwYDVQQD EyhlOGE5NjVjYzA5YzZmMzU0Y2VlNTc3MDQ3Mjk4NjNmNTM3NjcxMzhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnl5qWOylkQQzQwNb9OtAk1Ze+8I jaHE1RKjsCw8O+Cq2/osLY3kjnvyqVkcdrPy5PkpghayfihYDvYF+jv60XkfCuFN YnfkRtknPHP+alFb27ehA9ncH1ymQtBqtdh0EH/Gfqr+mOHs94COofFD2Q6qyK9T rgQOFkfgvDquaOkHyAMY7e37luZ8O3CMhdoHfVYbV6MzQh+w2jNfZcVpr03UzDzD 6RzhK52r55JyBwbgxIMijSal5zXy+GA3iAqMJTOY0/J8jP8UCsqaiU/YpFEuMHZj HBDq8Z8bMQZsGQoe8MTgHfFYL3/rHaGtIaXMCzzKFwS3S7at6B59kBemUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOipZcwJxvNUzuV3BHKYY/U3ZxOPMB8GA1UdIwQY MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfn18P8x 1CF+j/oqdhw2waGUkyfBasA5JQ8qhNZLnt07bhfkcLt3Y20LAazSoFAHqRhUhyv5 MSxOjYsXd/0NkhEpo6OGvbRarCJbtrfnZtbCl7twjrGIhVawGaTqax8kAoRZw+l6 i1nWwg3a27ldBQ51p72wrHirOAFZxNpXXdeYOjH4Wo2FNOYgRqTZJVwP+2SLrnTF dCJkCASeyqZD+cAz4Xla4IOS2uc9GurfwhhC6NZoQFMQB2E/TijhpTahyxz07T0g djhEUWiXq9mnMVht63Ytl2nVqjWNCVJ7xvJfnwzPtr9wYwGIo1cEIt1/tyNER1x/ 6Qm6/pE0fbztsQ== -----END CERTIFICATE-----Generated at Mon Jan 12 06:02:37 2026 by rpki-client