This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft File: 2PWmbP0hpcrXopuOtc2SqkYDIMM.mft (raw, json) Hash identifier: HFFc0qWTax4Ak9VmLfPzX3m78unVTTtWR9NTpQB77y4= Subject key identifier: 1B:37:49:DA:2A:FF:9C:32:5A:C4:E9:84:A2:47:FA:A1:D2:C9:62:A6 Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3 Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3 Certificate serial: 019BAE6F146810C4626897912B9BDD973927 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft Manifest number: 17C4 Signing time: Sun 11 Jan 2026 19:01:13 +0000 Manifest this update: Sun 11 Jan 2026 19:01:13 +0000 Manifest next update: Mon 12 Jan 2026 19:01:13 +0000 Files and hashes: 1: 2PWmbP0hpcrXopuOtc2SqkYDIMM.crl (hash: cZdjtgowFUgezKzlx4hjOteFVGZ3uEwEKbqtxVDbl/I=) 2: hSitky1wYRTLv14NEnwV-zxWb_o.roa (hash: PA0bbeChQyvoxmLwu2ifsRmhbm5WEw0zyVf1Uu/ZDBo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:6f:14:68:10:c4:62:68:97:91:2b:9b:dd:97:39:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3 Validity Not Before: Jan 11 19:01:13 2026 GMT Not After : Jan 12 19:01:13 2026 GMT Subject: CN=1b3749da2aff9c325ac4e984a247faa1d2c962a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f8:1c:7e:65:46:b7:4c:0b:1a:12:f1:4c:b5: f3:4d:4d:44:ae:0a:df:b1:8d:a6:40:a2:4f:19:3c: bc:d4:00:6f:18:ca:8a:e0:5e:5f:15:39:81:2e:ef: 24:ff:a0:4e:22:84:6a:21:2d:17:de:ce:67:3a:52: e5:90:54:07:ac:a0:0b:9e:ce:96:01:3a:cb:a7:bb: 65:ac:7d:a3:b5:5d:1c:92:cc:fe:41:c0:51:de:bf: 0f:f5:db:21:75:4f:a8:a3:f7:9d:e8:63:92:ad:6d: 0e:90:da:50:80:5d:d0:e4:db:62:5f:66:36:00:c1: 50:a2:51:ad:7a:dd:0e:67:08:42:e8:5c:80:3c:b8: bf:a9:c3:88:6e:2b:29:83:aa:23:26:20:64:48:2b: 26:7b:b1:f2:1e:da:3c:9c:df:a2:66:55:a3:69:26: 6a:84:15:62:58:34:2c:b7:27:6a:c7:aa:5d:a7:07: 8a:43:53:80:ae:d1:19:ea:a9:1b:a2:81:a5:e6:ef: 7f:58:4f:59:28:b7:8c:35:97:51:35:61:15:97:60: 5d:2d:c5:16:02:48:3f:a2:dc:49:b2:4a:d9:7d:04: 22:71:4c:51:8e:87:91:91:0e:28:0a:f4:ea:fb:b3: b3:7c:0f:eb:8f:0c:cb:8b:83:ce:6e:cd:a6:5b:d8: a1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:37:49:DA:2A:FF:9C:32:5A:C4:E9:84:A2:47:FA:A1:D2:C9:62:A6 X509v3 Authority Key Identifier: keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:ea:af:87:90:e2:9a:d3:dd:2c:02:00:7b:7c:0a:a1:71:06: a5:98:19:e4:58:f0:a8:ff:b4:25:06:d6:e0:f5:4b:65:ac:9d: e4:91:88:fb:d3:42:65:b2:e7:45:08:59:87:fc:e6:d5:98:f9: 91:c6:32:ca:6a:26:07:af:80:ea:a5:bf:98:76:00:0d:9e:fb: 78:9d:5f:17:0f:ac:05:df:2a:a1:67:ac:ca:89:00:28:e5:81: 80:77:9e:dc:95:ea:28:2e:3c:56:24:61:7f:b8:bf:f4:d4:58: c3:6a:ab:2a:92:08:1c:5f:0a:50:82:62:6b:83:bb:3b:06:e6: b7:3f:bc:0b:bf:7a:a2:10:85:24:f3:c6:c1:87:d2:3e:ce:8a: 61:25:d2:3f:6e:7f:cb:4d:03:ab:78:0b:54:c6:ac:66:49:9d: 7c:d4:de:dc:04:7b:65:15:b0:40:79:1f:17:36:97:74:26:8f: 89:3d:5f:c0:f5:ae:c6:fb:d5:ac:51:9f:59:10:a3:24:23:42: dd:e9:65:c1:f7:ed:68:ed:05:e5:54:71:12:54:51:38:36:cf: e9:0b:cc:c1:53:77:bc:f3:cf:98:92:2d:7c:6c:4d:dd:8a:19: 91:f3:1c:8f:d5:78:ba:10:45:1b:d6:53:f5:3e:af:a5:8c:d4: 09:42:14:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuubxRoEMRiaJeRK5vdlzknMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw MzIwYzMwHhcNMjYwMTExMTkwMTEzWhcNMjYwMTEyMTkwMTEzWjAzMTEwLwYDVQQD EygxYjM3NDlkYTJhZmY5YzMyNWFjNGU5ODRhMjQ3ZmFhMWQyYzk2MmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/gcfmVGt0wLGhLxTLXzTU1Ergrf sY2mQKJPGTy81ABvGMqK4F5fFTmBLu8k/6BOIoRqIS0X3s5nOlLlkFQHrKALns6W ATrLp7tlrH2jtV0cksz+QcBR3r8P9dshdU+oo/ed6GOSrW0OkNpQgF3Q5NtiX2Y2 AMFQolGtet0OZwhC6FyAPLi/qcOIbispg6ojJiBkSCsme7HyHto8nN+iZlWjaSZq hBViWDQstydqx6pdpweKQ1OArtEZ6qkbooGl5u9/WE9ZKLeMNZdRNWEVl2BdLcUW Akg/otxJskrZfQQicUxRjoeRkQ4oCvTq+7OzfA/rjwzLi4PObs2mW9ihqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBs3Sdoq/5wyWsTphKJH+qHSyWKmMB8GA1UdIwQY MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct ODIxMGRiNzA0OWIxLzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGeqvh5Di mtPdLAIAe3wKoXEGpZgZ5FjwqP+0JQbW4PVLZayd5JGI+9NCZbLnRQhZh/zm1Zj5 kcYyymomB6+A6qW/mHYADZ77eJ1fFw+sBd8qoWesyokAKOWBgHee3JXqKC48ViRh f7i/9NRYw2qrKpIIHF8KUIJia4O7Owbmtz+8C796ohCFJPPGwYfSPs6KYSXSP25/ y00Dq3gLVMasZkmdfNTe3AR7ZRWwQHkfFzaXdCaPiT1fwPWuxvvVrFGfWRCjJCNC 3ellwfftaO0F5VRxElRRODbP6QvMwVN3vPPPmJItfGxN3YoZkfMcj9V4uhBFG9ZT 9T6vpYzUCUIUpw== -----END CERTIFICATE-----Generated at Sun Jan 11 22:28:37 2026 by rpki-client