This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft File: jrsOsZ53d9cDgAD2wS053tEgQkI.mft (raw, json) Hash identifier: ZL5MEd9TOnDUG/fReHRJzO2CLVUNkWU6PGq81k0lC4Q= Subject key identifier: A1:72:2E:97:97:42:5E:E3:0E:CD:EC:2D:AB:09:84:4A:F6:64:C0:AA Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Certificate serial: 019BA8360620E65FD1A056A80EF6FCBF01CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft Manifest number: 0DFA Signing time: Sat 10 Jan 2026 14:01:11 +0000 Manifest this update: Sat 10 Jan 2026 14:01:11 +0000 Manifest next update: Sun 11 Jan 2026 14:01:11 +0000 Files and hashes: 1: 1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa (hash: 8sGtUkhkFlICQ8XRP+JZAkWRdlSZS/aRM+3p/w/Efdw=) 2: jrsOsZ53d9cDgAD2wS053tEgQkI.crl (hash: 9YH+ksWFurJt+B6sT6yNsnPNnKlIqcjrY3grqUhI3Sw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a8:36:06:20:e6:5f:d1:a0:56:a8:0e:f6:fc:bf:01:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Validity Not Before: Jan 10 14:01:11 2026 GMT Not After : Jan 11 14:01:11 2026 GMT Subject: CN=a1722e9797425ee30ecdec2dab09844af664c0aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:e6:8a:c4:6f:32:cd:86:c8:91:e0:d3:c3:65: 1a:29:a2:fa:ff:9d:db:ad:fa:16:63:ab:92:af:e8: e5:6a:29:57:fc:93:b0:72:9e:53:8c:4c:bd:b9:e7: eb:6d:13:aa:31:94:aa:fe:e7:a5:57:d8:5c:c1:2e: 9c:00:e2:1d:f7:9c:93:c8:7b:d3:f1:6e:58:2c:09: 11:92:36:9c:ae:b7:43:f5:f6:43:7f:0b:77:67:89: 4f:4b:db:65:39:f8:f8:24:b5:38:10:7b:e9:e9:56: 4e:ae:97:bb:9c:2b:a9:54:98:c9:dc:d9:4c:ac:a7: d0:c5:d0:4e:92:59:db:6d:23:5f:b4:5c:a8:16:00: 50:8f:5d:df:ed:33:d4:60:ec:68:c9:d8:4c:98:19: 5c:72:f6:c2:25:e6:e9:6f:5d:92:d1:7c:49:b5:7c: e8:70:c9:54:f6:90:84:56:91:03:16:41:bf:35:47: 2b:ad:87:11:d8:84:f1:57:67:57:da:c1:62:b2:c5: ea:38:b7:06:a7:e2:42:d4:a2:44:af:a0:fa:0b:8f: 73:2d:91:5a:10:80:b5:77:b8:59:0c:42:c4:a1:ac: a1:0b:37:4c:f1:e2:15:a0:3b:fe:80:b9:59:a4:dc: 1f:e5:14:e9:5d:a5:2e:99:ce:d0:68:9f:4d:f2:25: e2:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:72:2E:97:97:42:5E:E3:0E:CD:EC:2D:AB:09:84:4A:F6:64:C0:AA X509v3 Authority Key Identifier: keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:68:e4:04:d9:c2:b4:73:0b:62:25:a3:27:f0:40:36:22:92: 7c:80:f7:99:11:cb:16:ec:57:1c:a8:ba:2d:c1:43:ac:64:0a: 7b:d5:21:da:bc:5d:a0:f1:90:96:cd:09:4f:4e:8e:af:25:c0: 1d:e2:f9:3d:61:a2:f1:96:75:de:5a:6e:7a:80:47:46:3f:06: 05:20:3b:fa:fe:c3:2e:59:ef:a6:91:e2:14:35:1e:b4:d6:32: 86:fc:0c:c0:a7:42:cc:18:e3:a9:a0:43:bc:d1:4c:df:2e:e5: c6:aa:2b:88:3e:76:9c:d2:cc:f9:61:e5:07:63:50:62:c5:84: 8b:63:09:e2:bd:72:b2:4a:d4:4d:a8:f3:5e:10:c0:35:2e:18: 2e:03:76:76:be:c8:57:0c:1e:90:80:bc:06:b3:b3:62:6b:e6: 6f:ff:b6:7f:dd:23:28:80:00:21:0a:87:a6:60:52:c5:61:b1: 8f:a7:32:57:1b:9b:c1:14:de:6a:7f:42:37:49:f1:6f:3c:45: 5b:2a:66:67:4d:b1:94:07:42:d5:3a:65:e4:a8:8c:db:f1:8d: 7f:23:a4:8d:18:86:93:76:f2:ab:c0:15:38:f7:80:3c:f4:2c: 25:87:02:95:ad:10:d9:08:2d:6c:85:ad:91:bd:eb:9e:9e:59: 8f:1c:ac:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuoNgYg5l/RoFaoDvb8vwHOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy MDQyNDIwHhcNMjYwMTEwMTQwMTExWhcNMjYwMTExMTQwMTExWjAzMTEwLwYDVQQD EyhhMTcyMmU5Nzk3NDI1ZWUzMGVjZGVjMmRhYjA5ODQ0YWY2NjRjMGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeaKxG8yzYbIkeDTw2UaKaL6/53b rfoWY6uSr+jlailX/JOwcp5TjEy9uefrbROqMZSq/uelV9hcwS6cAOId95yTyHvT 8W5YLAkRkjacrrdD9fZDfwt3Z4lPS9tlOfj4JLU4EHvp6VZOrpe7nCupVJjJ3NlM rKfQxdBOklnbbSNftFyoFgBQj13f7TPUYOxoydhMmBlccvbCJebpb12S0XxJtXzo cMlU9pCEVpEDFkG/NUcrrYcR2ITxV2dX2sFissXqOLcGp+JC1KJEr6D6C49zLZFa EIC1d7hZDELEoayhCzdM8eIVoDv+gLlZpNwf5RTpXaUumc7QaJ9N8iXiTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKFyLpeXQl7jDs3sLasJhEr2ZMCqMB8GA1UdIwQY MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt MTUxNDFjNjY4NTRkLzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWjkBNnC tHMLYiWjJ/BANiKSfID3mRHLFuxXHKi6LcFDrGQKe9Uh2rxdoPGQls0JT06OryXA HeL5PWGi8ZZ13lpueoBHRj8GBSA7+v7DLlnvppHiFDUetNYyhvwMwKdCzBjjqaBD vNFM3y7lxqoriD52nNLM+WHlB2NQYsWEi2MJ4r1yskrUTajzXhDANS4YLgN2dr7I VwwekIC8BrOzYmvmb/+2f90jKIAAIQqHpmBSxWGxj6cyVxubwRTean9CN0nxbzxF WypmZ02xlAdC1Tpl5KiM2/GNfyOkjRiGk3byq8AVOPeAPPQsJYcCla0Q2QgtbIWt kb3rnp5ZjxysjQ== -----END CERTIFICATE-----Generated at Sat Jan 10 21:09:21 2026 by rpki-client