This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft File: s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json) Hash identifier: WJS1oxnJQEUz822qmV/otr7+sr21Zwg9y1pOuxYM7fE= Subject key identifier: 0B:EE:B4:33:F9:38:A8:87:34:2A:BB:D0:E8:55:69:47:A1:EC:25:95 Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98 Certificate issuer: /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498 Certificate serial: 019BB2155B98768487FC47FA4A8A6F179B44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft Manifest number: 17C0 Signing time: Mon 12 Jan 2026 12:01:42 +0000 Manifest this update: Mon 12 Jan 2026 12:01:42 +0000 Manifest next update: Tue 13 Jan 2026 12:01:42 +0000 Files and hashes: 1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: MZVqq01vrsgQmMndGOd8je/UGub6umKQQ2+3rHn08xw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b2:15:5b:98:76:84:87:fc:47:fa:4a:8a:6f:17:9b:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498 Validity Not Before: Jan 12 12:01:42 2026 GMT Not After : Jan 13 12:01:42 2026 GMT Subject: CN=0beeb433f938a887342abbd0e8556947a1ec2595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:1f:80:0b:99:84:34:21:94:37:0c:fe:45:f4: 6a:8c:43:fc:ef:c9:2d:0d:ff:39:fb:b2:18:09:f0: 9c:8b:46:d3:81:2b:0f:83:b4:af:14:56:1a:91:e8: d7:45:f1:50:f7:a2:99:02:43:c8:f3:f2:e5:d2:39: 1c:aa:d8:94:c7:de:3a:14:36:0a:8b:03:d8:9e:27: 60:4f:5d:d5:f0:98:62:6d:36:86:47:00:7c:84:ef: 31:76:6c:a4:84:ae:02:f6:07:cb:08:92:d2:52:4a: 17:b6:c2:68:36:79:1d:2b:b4:40:34:6c:40:2e:a4: 56:87:bd:15:d7:79:b7:ac:0b:40:82:fd:64:01:18: 95:6d:41:a8:8b:a5:e3:db:02:bd:73:34:c8:a8:da: 69:7e:b7:4d:dc:53:46:c3:8a:24:3b:28:7d:61:cf: ba:f8:1b:42:d4:f7:82:96:0a:b6:d4:2b:a5:ca:fa: 41:06:b7:99:d5:79:a2:89:04:da:78:78:ef:dc:e8: 25:49:a3:04:c4:7d:58:ae:51:40:6f:84:ca:09:17: 86:1e:88:b2:4d:0d:80:35:76:31:bf:10:f0:a6:73: d2:98:eb:af:bc:d1:86:a7:07:4b:86:75:fb:f1:17: 5e:42:a2:61:7d:9e:c9:44:76:b0:4a:fa:55:b0:5f: af:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:EE:B4:33:F9:38:A8:87:34:2A:BB:D0:E8:55:69:47:A1:EC:25:95 X509v3 Authority Key Identifier: keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:7f:f1:b8:25:44:1b:5d:03:01:dc:96:fa:1d:87:62:00:90: 34:80:05:3c:32:88:19:26:cf:28:67:3a:f5:e9:70:e2:8f:f6: ca:5c:a0:d3:f2:df:4f:d6:ca:5a:a1:01:42:1d:d6:20:7e:ae: cf:f6:4d:b1:f7:23:e0:13:6a:0e:22:1f:0a:de:e5:32:a9:ab: b7:11:d2:a9:b1:44:ce:b3:f1:c9:e7:cf:2a:27:66:0a:49:06: 51:74:77:c2:bf:f5:ff:48:35:ea:68:f8:de:32:87:dd:f3:69: a5:02:81:e9:31:cc:1f:84:35:81:bd:3c:ba:42:87:f3:0f:d0: 46:a0:71:5f:a1:07:ac:6e:36:8e:ef:f8:b4:0c:3f:29:22:76: e5:7a:52:55:d9:32:a5:3d:c2:ad:82:c1:56:e7:e7:26:71:79: 77:2b:14:48:7b:13:fc:d6:9f:85:51:c0:48:4c:84:16:ff:30: 35:63:45:25:92:c8:9a:6b:6c:de:e4:87:a1:67:52:11:c1:ae: f9:03:8d:b0:08:cc:3e:fe:d8:10:6a:aa:28:0c:26:7f:c3:bd: d0:5e:29:7a:9d:3a:32:06:92:02:58:5f:dc:8f:d0:62:9d:57: 11:ec:21:fe:7d:75:a5:ed:71:58:e3:0b:31:36:d8:34:22:1e: 09:55:9c:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuyFVuYdoSH/Ef6SopvF5tEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm MGE0OTgwHhcNMjYwMTEyMTIwMTQyWhcNMjYwMTEzMTIwMTQyWjAzMTEwLwYDVQQD EygwYmVlYjQzM2Y5MzhhODg3MzQyYWJiZDBlODU1Njk0N2ExZWMyNTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h+AC5mENCGUNwz+RfRqjEP878kt Df85+7IYCfCci0bTgSsPg7SvFFYakejXRfFQ96KZAkPI8/Ll0jkcqtiUx946FDYK iwPYnidgT13V8JhibTaGRwB8hO8xdmykhK4C9gfLCJLSUkoXtsJoNnkdK7RANGxA LqRWh70V13m3rAtAgv1kARiVbUGoi6Xj2wK9czTIqNppfrdN3FNGw4okOyh9Yc+6 +BtC1PeClgq21CulyvpBBreZ1XmiiQTaeHjv3OglSaMExH1YrlFAb4TKCReGHoiy TQ2ANXYxvxDwpnPSmOuvvNGGpwdLhnX78RdeQqJhfZ7JRHawSvpVsF+vswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAvutDP5OKiHNCq70OhVaUeh7CWVMB8GA1UdIwQY MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2 LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3/xuCVE G10DAdyW+h2HYgCQNIAFPDKIGSbPKGc69elw4o/2ylyg0/LfT9bKWqEBQh3WIH6u z/ZNsfcj4BNqDiIfCt7lMqmrtxHSqbFEzrPxyefPKidmCkkGUXR3wr/1/0g16mj4 3jKH3fNppQKB6THMH4Q1gb08ukKH8w/QRqBxX6EHrG42ju/4tAw/KSJ25XpSVdky pT3CrYLBVufnJnF5dysUSHsT/NafhVHASEyEFv8wNWNFJZLImmts3uSHoWdSEcGu +QONsAjMPv7YEGqqKAwmf8O90F4pep06MgaSAlhf3I/QYp1XEewh/n11pe1xWOML MTbYNCIeCVWc+w== -----END CERTIFICATE-----Generated at Mon Jan 12 15:47:38 2026 by rpki-client