This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json) Hash identifier: YNemgGE0a87r7fK3hyyExrpo8xHylQCQX6GaRCLTpJk= Subject key identifier: 02:FB:0B:DA:EF:CF:82:70:84:14:B6:71:8F:0B:17:9D:14:46:E3:C2 Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Certificate serial: 019BB43AAA2B02978911AA83222CED7506B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft Manifest number: 03A7 Signing time: Mon 12 Jan 2026 22:01:41 +0000 Manifest this update: Mon 12 Jan 2026 22:01:41 +0000 Manifest next update: Tue 13 Jan 2026 22:01:41 +0000 Files and hashes: 1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: nn3aLrvZDWrNas8JsS+b0ZvJZvyrl6ZoN6/mq8/IyeM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 22:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b4:3a:aa:2b:02:97:89:11:aa:83:22:2c:ed:75:06:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Validity Not Before: Jan 12 22:01:41 2026 GMT Not After : Jan 13 22:01:41 2026 GMT Subject: CN=02fb0bdaefcf82708414b6718f0b179d1446e3c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:dd:03:ea:d2:77:76:19:8b:81:76:e8:49:67: 96:5b:7f:28:4b:67:b6:89:ac:7c:1c:24:29:2b:b6: 34:27:fc:00:9c:87:a1:3e:3a:00:82:54:03:13:62: 15:9a:79:7d:a5:cf:4a:63:c7:51:13:6c:e3:cb:4f: 08:38:56:01:4f:bf:ad:f2:41:30:ac:40:f5:6c:b0: 7d:62:3e:da:d5:32:7d:11:3d:2d:2b:29:bc:46:d5: 62:a0:23:02:ca:04:04:47:3f:06:88:a3:cb:2e:b7: 28:3c:02:35:6e:32:df:9d:5b:1e:9e:d1:23:29:2a: de:71:3e:ee:d9:4d:3a:e6:a7:f0:f2:e8:cd:93:86: 6d:38:50:a3:50:18:19:9d:c0:fb:bf:fe:1c:d6:8f: 9b:84:f1:79:33:83:84:46:28:94:b9:a6:f2:31:74: 70:be:17:21:fb:eb:e1:6e:c0:7b:0a:05:9e:46:5b: 93:d6:80:d8:2a:1a:ac:38:0d:4d:dd:9e:7e:77:2a: 94:a7:03:9c:41:71:e6:5a:90:83:3f:0e:3e:2f:11: de:86:69:57:d0:75:7a:eb:40:59:ef:77:53:46:6d: cf:7b:06:e2:32:a1:2b:76:0c:9f:00:8e:14:a4:e9: f2:83:9c:e6:2c:a7:2d:32:5e:90:0d:f3:5b:b6:54: fe:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:FB:0B:DA:EF:CF:82:70:84:14:B6:71:8F:0B:17:9D:14:46:E3:C2 X509v3 Authority Key Identifier: keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:32:1d:3f:8b:c5:a2:7c:eb:a9:7a:1d:b9:78:72:de:41:01: 98:ad:b9:2a:e3:c0:e9:fb:49:b0:d4:25:10:53:8a:4a:78:86: 76:48:ef:0f:6d:b2:d5:8c:88:10:73:e8:30:0f:e4:c4:51:32: 2d:43:50:17:96:92:14:d1:58:67:ea:d6:8f:f2:0c:2c:08:90: ca:ad:f0:44:79:92:e9:d1:e0:48:d0:9e:a7:a2:ff:88:50:98: 8f:32:37:47:04:04:f2:82:94:6c:0c:81:5b:2a:bd:ff:86:8c: f9:7e:71:0b:d4:36:39:8c:b0:2e:c5:74:9e:c7:49:b9:2d:8a: 01:51:77:83:eb:51:1d:43:70:19:1e:35:8e:20:aa:c1:e9:85: 71:69:c6:14:01:83:18:4c:1e:a5:f9:8c:b3:17:d9:00:01:90: 96:f4:d1:89:96:dc:c7:98:7c:3b:83:bf:6f:4d:37:5d:62:16: 8e:7c:37:19:31:61:cb:c0:92:9b:c1:ff:e8:dc:ed:ee:4f:43: a9:38:1a:87:64:7d:c3:61:68:89:ca:68:35:82:50:b3:bb:c7: 81:9e:d6:1d:97:b4:4c:8a:d8:32:b2:ce:b1:91:58:b1:e9:c5: c6:ba:c8:28:b5:98:a4:c8:05:a6:85:f9:6b:b2:ba:73:fe:ad: 9b:c1:af:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZu0OqorApeJEaqDIiztdQa2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1 M2JlMzYwHhcNMjYwMTEyMjIwMTQxWhcNMjYwMTEzMjIwMTQxWjAzMTEwLwYDVQQD EygwMmZiMGJkYWVmY2Y4MjcwODQxNGI2NzE4ZjBiMTc5ZDE0NDZlM2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd0D6tJ3dhmLgXboSWeWW38oS2e2 iax8HCQpK7Y0J/wAnIehPjoAglQDE2IVmnl9pc9KY8dRE2zjy08IOFYBT7+t8kEw rED1bLB9Yj7a1TJ9ET0tKym8RtVioCMCygQERz8GiKPLLrcoPAI1bjLfnVsentEj KSrecT7u2U065qfw8ujNk4ZtOFCjUBgZncD7v/4c1o+bhPF5M4OERiiUuabyMXRw vhch++vhbsB7CgWeRluT1oDYKhqsOA1N3Z5+dyqUpwOcQXHmWpCDPw4+LxHehmlX 0HV660BZ73dTRm3PewbiMqErdgyfAI4UpOnyg5zmLKctMl6QDfNbtlT+pQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAL7C9rvz4JwhBS2cY8LF50URuPCMB8GA1UdIwQY MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzIdP4vF onzrqXoduXhy3kEBmK25KuPA6ftJsNQlEFOKSniGdkjvD22y1YyIEHPoMA/kxFEy LUNQF5aSFNFYZ+rWj/IMLAiQyq3wRHmS6dHgSNCep6L/iFCYjzI3RwQE8oKUbAyB Wyq9/4aM+X5xC9Q2OYywLsV0nsdJuS2KAVF3g+tRHUNwGR41jiCqwemFcWnGFAGD GEwepfmMsxfZAAGQlvTRiZbcx5h8O4O/b003XWIWjnw3GTFhy8CSm8H/6Nzt7k9D qTgah2R9w2FoicpoNYJQs7vHgZ7WHZe0TIrYMrLOsZFYsenFxrrIKLWYpMgFpoX5 a7K6c/6tm8GvpQ== -----END CERTIFICATE-----Generated at Tue Jan 13 09:22:12 2026 by rpki-client