This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft File: z5dREMc5t0-E1BcDxIgoMnJ73cw.mft (raw, json) Hash identifier: oTOYeub0BYBs0LlvlYX7wurjprpuOUUWzEfOyCVvN/Y= Subject key identifier: 11:7D:2F:00:67:B9:1B:0A:96:17:FE:03:CC:B1:F0:C9:C7:6F:B6:48 Authority key identifier: CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC Certificate issuer: /CN=cf975110c739b74f84d41703c4882832727bddcc Certificate serial: 019B91775EB756CCC76EAF12175F482011C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft Manifest number: 1741 Signing time: Tue 06 Jan 2026 04:01:17 +0000 Manifest this update: Tue 06 Jan 2026 04:01:17 +0000 Manifest next update: Wed 07 Jan 2026 04:01:17 +0000 Files and hashes: 1: z5dREMc5t0-E1BcDxIgoMnJ73cw.crl (hash: p+lvMG1XqQdhEwhtMegqMkXRJHvNDJIw2jYXr7S4XKA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 21:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:91:77:5e:b7:56:cc:c7:6e:af:12:17:5f:48:20:11:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf975110c739b74f84d41703c4882832727bddcc Validity Not Before: Jan 6 04:01:17 2026 GMT Not After : Jan 7 04:01:17 2026 GMT Subject: CN=117d2f0067b91b0a9617fe03ccb1f0c9c76fb648 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8c:bd:93:22:6b:90:34:4f:6d:62:3b:cb:1f: 98:88:ef:18:50:23:aa:04:d3:b2:ad:35:65:1a:49: 7d:9e:00:f4:a3:a0:8b:5a:c0:3d:d9:9b:9b:5e:2e: a6:2c:a3:31:57:41:d7:9a:c0:3e:96:11:a7:3b:e0: 2b:83:92:d7:f2:2a:d4:6a:6a:5d:9b:35:40:aa:c2: 75:d0:c1:1f:34:b8:4d:d5:77:29:c6:0a:c4:a0:9f: 09:16:62:c9:6b:06:5d:98:11:2c:b7:f5:89:4e:38: 08:c8:f6:eb:6e:9d:86:72:f5:6d:59:09:0d:98:96: 56:e6:13:86:ed:62:87:88:bb:3f:5e:a4:f5:1c:3b: 1c:af:28:76:bd:3e:1c:73:04:a2:4b:a9:da:e7:d4: 8c:76:61:b6:16:55:dd:26:15:fe:25:1b:80:00:db: da:6b:10:01:a6:1a:09:67:b6:ec:a2:38:57:58:c9: 59:32:a6:58:6d:30:a6:e9:f4:ac:1d:fe:0e:9c:85: 83:e3:ef:b7:41:44:7e:bb:53:82:47:1c:d6:29:de: 76:5c:60:b4:1b:d1:38:e5:46:42:fd:a7:51:dc:fb: 9d:fd:de:f7:b5:1b:97:a2:c4:d2:81:6d:43:8a:c1: ba:8a:e6:f8:cc:61:39:bc:08:92:b9:2b:50:3e:61: bb:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:7D:2F:00:67:B9:1B:0A:96:17:FE:03:CC:B1:F0:C9:C7:6F:B6:48 X509v3 Authority Key Identifier: keyid:CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:37:77:03:34:94:6c:a7:97:4f:6e:8c:7a:a7:51:39:3c:e2: da:9d:38:5f:c3:01:de:60:02:c9:1f:cc:57:51:0c:eb:9f:49: 8b:72:d0:4f:bc:6f:c3:67:ca:28:ba:5f:91:f3:cf:28:1a:ae: a9:42:21:bc:f2:99:f0:a8:43:d2:69:b1:a2:ff:a1:b7:e8:b6: c3:4b:3a:71:48:fd:f3:b0:d3:be:81:2e:67:5a:35:4b:cc:dd: 4b:a6:a1:69:4b:c3:46:b1:6c:f3:ed:df:e5:39:69:38:9c:f2: a3:4e:f5:cd:fe:02:f7:29:50:e4:62:f7:1a:96:9f:c2:34:b2: 99:e0:3b:63:65:45:2b:a4:94:08:b7:b6:13:31:db:58:60:af: 55:23:84:de:8e:08:b1:08:c8:b2:11:d1:73:f6:97:87:f0:cd: f6:8f:34:39:ba:b4:96:da:5d:08:f5:a7:76:1d:b5:7d:82:42: 83:67:45:b4:4f:83:b9:0e:7c:df:d2:1c:05:48:fa:4d:37:60: 4b:40:7a:ff:39:39:28:17:e8:42:cc:be:42:a1:d4:a2:e3:1a: 22:25:d0:6d:69:17:13:ee:09:a6:54:62:61:2e:4a:23:83:72: f2:48:5b:e8:a0:4b:c7:b1:46:66:ae:8d:cd:ea:fc:f3:12:32: bf:a2:73:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuRd163VszHbq8SF19IIBHGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmOTc1MTEwYzczOWI3NGY4NGQ0MTcwM2M0ODgyODMyNzI3 YmRkY2MwHhcNMjYwMTA2MDQwMTE3WhcNMjYwMTA3MDQwMTE3WjAzMTEwLwYDVQQD EygxMTdkMmYwMDY3YjkxYjBhOTYxN2ZlMDNjY2IxZjBjOWM3NmZiNjQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIy9kyJrkDRPbWI7yx+YiO8YUCOq BNOyrTVlGkl9ngD0o6CLWsA92ZubXi6mLKMxV0HXmsA+lhGnO+Arg5LX8irUampd mzVAqsJ10MEfNLhN1XcpxgrEoJ8JFmLJawZdmBEst/WJTjgIyPbrbp2GcvVtWQkN mJZW5hOG7WKHiLs/XqT1HDscryh2vT4ccwSiS6na59SMdmG2FlXdJhX+JRuAANva axABphoJZ7bsojhXWMlZMqZYbTCm6fSsHf4OnIWD4++3QUR+u1OCRxzWKd52XGC0 G9E45UZC/adR3Pud/d73tRuXosTSgW1DisG6iub4zGE5vAiSuStQPmG70wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBF9LwBnuRsKlhf+A8yx8MnHb7ZIMB8GA1UdIwQY MBaAFM+XURDHObdPhNQXA8SIKDJye93MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQt ZGFiNjhmZDg3ODZiLzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQtZGFiNjhmZDg3ODZi LzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTd3AzSU bKeXT26MeqdROTzi2p04X8MB3mACyR/MV1EM659Ji3LQT7xvw2fKKLpfkfPPKBqu qUIhvPKZ8KhD0mmxov+ht+i2w0s6cUj987DTvoEuZ1o1S8zdS6ahaUvDRrFs8+3f 5TlpOJzyo071zf4C9ylQ5GL3GpafwjSymeA7Y2VFK6SUCLe2EzHbWGCvVSOE3o4I sQjIshHRc/aXh/DN9o80Obq0ltpdCPWndh21fYJCg2dFtE+DuQ5839IcBUj6TTdg S0B6/zk5KBfoQsy+QqHUouMaIiXQbWkXE+4JplRiYS5KI4Ny8khb6KBLx7FGZq6N zer88xIyv6JzmQ== -----END CERTIFICATE-----Generated at Tue Jan 6 06:36:51 2026 by rpki-client