This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.mft File: RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.mft (raw, json) Hash identifier: FJ0ksu/JQMS2Iv8FH+uMGLBMjyNuewel4VzTl0/rGDc= Subject key identifier: 2B:BC:FB:EE:E5:79:5F:DC:8B:33:57:90:0C:4A:3D:FC:D0:DE:1D:A9 Authority key identifier: 46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A Certificate issuer: /CN=467350d5975a272a88bfb8810af45981cd55935a Certificate serial: 019B7711E90630B5A65337D9803CCE98963A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.mft Manifest number: 10A1 Signing time: Thu 01 Jan 2026 01:00:20 +0000 Manifest this update: Thu 01 Jan 2026 01:00:20 +0000 Manifest next update: Fri 02 Jan 2026 01:00:20 +0000 Files and hashes: 1: RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl (hash: 6iF1BELTpE0g6InDVM5K19TOt0cJS5tYn550FH+yrMo=) 2: cM594o8l7Xh7Dw0EOXhcxgvWLYI.roa (hash: 1Ym4804A2QtxpGJhVDPpEbLS0giUeOdd5FG8xMIV330=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.mft rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 01:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:11:e9:06:30:b5:a6:53:37:d9:80:3c:ce:98:96:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=467350d5975a272a88bfb8810af45981cd55935a Validity Not Before: Jan 1 01:00:20 2026 GMT Not After : Jan 2 01:00:20 2026 GMT Subject: CN=2bbcfbeee5795fdc8b3357900c4a3dfcd0de1da9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ec:b6:b0:96:e2:14:e9:0a:4f:c7:6f:59:26: 03:82:b7:b5:bf:4d:c0:f4:03:b4:20:96:a5:9e:36: 35:19:c0:e3:fd:22:64:ab:e1:0d:ae:16:f7:14:2b: b1:b4:31:6e:83:ab:c5:df:6e:05:6c:c8:51:3c:92: bb:0a:c3:08:8a:e2:7e:56:c4:c6:ca:3f:8e:78:08: 6b:e7:3c:2f:df:fc:de:8c:cb:1c:3b:4e:58:f3:56: d7:40:38:ce:31:cc:c7:8e:20:67:06:2b:5d:ee:d4: 21:67:67:4c:99:a0:e1:95:ca:88:7d:12:4b:38:bb: 82:33:3b:e8:24:63:eb:3c:19:01:2b:d9:01:f4:05: 33:3b:94:32:89:27:a8:e1:d2:b2:ec:27:cd:ad:17: ec:de:d0:ac:24:7e:3d:36:77:7e:45:4f:97:c4:6a: 91:c9:5a:05:04:ba:67:c4:39:d3:34:11:35:09:fb: ce:df:d6:7a:85:80:72:b8:3d:e5:5e:e0:b0:c4:b9: 6e:cd:8c:84:f4:51:fd:67:f4:4e:0a:22:94:74:46: a3:ad:cb:48:f3:a4:cc:c9:ac:0d:4c:e7:b2:7d:53: 00:32:c2:39:da:e4:b4:80:2f:71:b5:ec:d1:04:8e: 91:e2:11:51:cb:99:c9:6b:df:54:4d:1a:49:aa:f3: 38:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:BC:FB:EE:E5:79:5F:DC:8B:33:57:90:0C:4A:3D:FC:D0:DE:1D:A9 X509v3 Authority Key Identifier: keyid:46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:9d:fe:44:2b:dd:25:6f:fc:b4:93:cb:c7:ef:e9:f2:e9:0b: 96:4d:c2:80:14:d4:89:d9:68:4c:df:93:6e:46:ae:85:41:98: 3a:29:68:0f:c1:ba:ac:c6:60:ad:b1:20:3d:91:01:54:62:ea: f3:cc:da:09:37:92:eb:81:ba:80:3f:7e:dd:e5:c5:69:74:87: f0:25:f9:71:ac:18:a8:8b:02:b9:0e:bb:73:c9:e4:24:40:7d: 73:57:d0:de:25:5f:f8:d4:4c:0b:62:9a:a2:1f:8f:d0:19:b8: 83:fb:d9:68:44:d3:ac:c0:cd:95:c8:72:08:d7:f6:01:2c:db: f7:f0:5d:7b:9e:ff:d2:cf:38:e7:52:44:5e:c7:fe:84:4c:dd: f5:6f:6e:b8:5c:15:47:4b:47:91:42:2e:d8:f2:c2:0e:ff:86: 41:52:68:78:e4:b6:81:77:47:29:80:4c:8c:df:dd:c5:e5:e6: 2a:42:dc:e5:df:86:23:9b:60:c9:f5:08:ad:2d:e0:13:7e:fe: 7b:31:68:22:02:7d:13:cb:c1:33:dd:b8:d7:39:a3:09:ba:84: f7:d4:9a:50:4a:ca:e9:a6:e9:1c:c1:c6:09:fe:89:ad:32:fa: 02:68:79:b0:d1:7a:9e:3d:08:1c:f0:1f:69:7b:f9:63:fe:d8: 78:45:fe:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt3EekGMLWmUzfZgDzOmJY6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2NzM1MGQ1OTc1YTI3MmE4OGJmYjg4MTBhZjQ1OTgxY2Q1 NTkzNWEwHhcNMjYwMTAxMDEwMDIwWhcNMjYwMTAyMDEwMDIwWjAzMTEwLwYDVQQD EygyYmJjZmJlZWU1Nzk1ZmRjOGIzMzU3OTAwYzRhM2RmY2QwZGUxZGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOy2sJbiFOkKT8dvWSYDgre1v03A 9AO0IJalnjY1GcDj/SJkq+ENrhb3FCuxtDFug6vF324FbMhRPJK7CsMIiuJ+VsTG yj+OeAhr5zwv3/zejMscO05Y81bXQDjOMczHjiBnBitd7tQhZ2dMmaDhlcqIfRJL OLuCMzvoJGPrPBkBK9kB9AUzO5QyiSeo4dKy7CfNrRfs3tCsJH49Nnd+RU+XxGqR yVoFBLpnxDnTNBE1CfvO39Z6hYByuD3lXuCwxLluzYyE9FH9Z/ROCiKUdEajrctI 86TMyawNTOeyfVMAMsI52uS0gC9xtezRBI6R4hFRy5nJa99UTRpJqvM4+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCu8++7leV/cizNXkAxKPfzQ3h2pMB8GA1UdIwQY MBaAFEZzUNWXWicqiL+4gQr0WYHNVZNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEt ZTg1NzQ3N2E3MDA4LzEvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEtZTg1NzQ3N2E3MDA4 LzEvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJ3+RCvd JW/8tJPLx+/p8ukLlk3CgBTUidloTN+TbkauhUGYOiloD8G6rMZgrbEgPZEBVGLq 88zaCTeS64G6gD9+3eXFaXSH8CX5cawYqIsCuQ67c8nkJEB9c1fQ3iVf+NRMC2Ka oh+P0Bm4g/vZaETTrMDNlchyCNf2ASzb9/Bde57/0s8451JEXsf+hEzd9W9uuFwV R0tHkUIu2PLCDv+GQVJoeOS2gXdHKYBMjN/dxeXmKkLc5d+GI5tgyfUIrS3gE37+ ezFoIgJ9E8vBM9241zmjCbqE99SaUErK6abpHMHGCf6JrTL6Amh5sNF6nj0IHPAf aXv5Y/7YeEX+1Q== -----END CERTIFICATE-----Generated at Thu Jan 1 11:06:20 2026 by rpki-client