This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft File: xGtE1wczJKsoQWNn3gQPDkYzSNE.mft (raw, json) Hash identifier: xxyDlgA0O4lGA3TJsFW6+QJ4UA5Wrr7gCdWYo5g44EQ= Subject key identifier: 62:1F:EC:29:0A:1E:6F:BD:C0:7B:F7:22:BB:77:C2:15:49:12:ED:59 Authority key identifier: C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1 Certificate issuer: /CN=c46b44d7073324ab28416367de040f0e463348d1 Certificate serial: 019BB2B9881C1EE348F871F5D56843B1DA83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft Manifest number: 0FEF Signing time: Mon 12 Jan 2026 15:01:01 +0000 Manifest this update: Mon 12 Jan 2026 15:01:01 +0000 Manifest next update: Tue 13 Jan 2026 15:01:01 +0000 Files and hashes: 1: xGtE1wczJKsoQWNn3gQPDkYzSNE.crl (hash: KrPQJk0Jb3XNb0o8jfWqudpSyiHOJJ3cssxb5RCYivE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 15:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b2:b9:88:1c:1e:e3:48:f8:71:f5:d5:68:43:b1:da:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c46b44d7073324ab28416367de040f0e463348d1 Validity Not Before: Jan 12 15:01:01 2026 GMT Not After : Jan 13 15:01:01 2026 GMT Subject: CN=621fec290a1e6fbdc07bf722bb77c2154912ed59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:d4:17:bd:9e:a3:cf:d2:23:53:02:85:10:e8: eb:b6:af:55:ba:7f:fb:fd:1c:1a:eb:df:fe:ba:cf: 33:8b:c0:2f:f4:49:d8:ad:13:11:45:4c:b4:ef:5c: 82:7c:a4:1f:9f:8c:b3:47:f3:75:2d:d7:bf:e2:d6: 03:8b:f0:6b:a2:45:c1:6c:dc:d5:d1:cc:31:93:1b: 41:bd:16:41:4c:ee:f6:71:d9:89:d2:78:a3:33:e1: f1:89:75:e4:f2:a3:e3:9d:a7:5b:31:c4:0f:be:26: 76:8d:b3:0f:3d:34:6f:8f:88:69:c3:07:f2:07:58: e7:fa:f1:55:d1:61:60:a8:cd:9b:65:cc:ae:f4:c7: f1:87:91:61:6c:a2:4a:9c:c7:f4:ed:0d:49:28:90: 07:78:35:8e:c3:37:1c:f2:ac:51:85:e1:a3:80:16: ff:ab:86:f3:80:4e:16:9b:65:72:f2:86:5a:df:c9: cc:de:c3:5d:c4:3a:67:1a:96:ba:f3:2a:b9:58:b1: a7:7d:f3:69:ef:5c:57:b9:bc:6a:6b:cd:bd:c6:ea: 89:34:11:27:29:fa:e1:b1:48:b3:98:fe:c0:ad:ba: f8:7f:19:31:5d:30:42:63:c2:ca:07:30:2e:08:70: 79:16:74:09:fe:b2:f6:e4:10:b6:b2:32:99:b6:24: 78:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:1F:EC:29:0A:1E:6F:BD:C0:7B:F7:22:BB:77:C2:15:49:12:ED:59 X509v3 Authority Key Identifier: keyid:C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:7f:91:6a:82:64:ee:e5:56:db:30:dd:b9:75:d4:c0:9e:77: 87:89:dc:e8:03:c8:e2:7b:27:90:c4:14:88:bd:d3:44:1f:44: 04:ad:b1:29:d7:5a:b7:83:e0:5f:d5:a6:1e:39:eb:de:d0:1e: 25:e5:10:72:c9:d5:7c:06:69:f7:be:16:c5:8a:a6:cb:42:07: b2:13:fc:df:10:d8:4b:f9:ff:8a:e9:7a:89:e7:b2:fc:de:7b: 65:05:db:11:d6:56:8b:40:36:52:00:6d:d4:4c:4c:49:ca:37: 26:79:80:a0:01:1a:f3:ab:bb:85:0b:64:f5:e2:02:c1:27:8c: 28:2d:97:66:0e:33:43:04:a6:f8:4c:5d:f2:7f:a8:45:a3:86: 94:e1:b4:9e:97:7f:f0:40:f1:dc:9e:26:bb:a7:8f:bb:8e:9b: 66:e4:ed:1d:7f:10:be:f5:83:4c:19:dd:59:cf:15:89:aa:5f: d9:5b:6c:b3:c5:b9:22:1e:bd:c4:2a:ac:ae:a3:4b:c7:39:1c: c9:7f:ee:8d:0f:c0:ec:a7:c2:66:20:37:48:84:55:64:16:bb: f3:8b:42:50:ac:60:e5:b8:65:2b:a7:6f:0d:f5:04:5f:fd:24: 4a:4f:b2:dc:df:84:e1:8c:59:b3:15:b3:3a:d7:07:09:cd:94: d5:b1:d3:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuyuYgcHuNI+HH11WhDsdqDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NmI0NGQ3MDczMzI0YWIyODQxNjM2N2RlMDQwZjBlNDYz MzQ4ZDEwHhcNMjYwMTEyMTUwMTAxWhcNMjYwMTEzMTUwMTAxWjAzMTEwLwYDVQQD Eyg2MjFmZWMyOTBhMWU2ZmJkYzA3YmY3MjJiYjc3YzIxNTQ5MTJlZDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NQXvZ6jz9IjUwKFEOjrtq9Vun/7 /Rwa69/+us8zi8Av9EnYrRMRRUy071yCfKQfn4yzR/N1Lde/4tYDi/BrokXBbNzV 0cwxkxtBvRZBTO72cdmJ0nijM+HxiXXk8qPjnadbMcQPviZ2jbMPPTRvj4hpwwfy B1jn+vFV0WFgqM2bZcyu9Mfxh5FhbKJKnMf07Q1JKJAHeDWOwzcc8qxRheGjgBb/ q4bzgE4Wm2Vy8oZa38nM3sNdxDpnGpa68yq5WLGnffNp71xXubxqa829xuqJNBEn KfrhsUizmP7Arbr4fxkxXTBCY8LKBzAuCHB5FnQJ/rL25BC2sjKZtiR4nwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGIf7CkKHm+9wHv3Irt3whVJEu1ZMB8GA1UdIwQY MBaAFMRrRNcHMySrKEFjZ94EDw5GM0jRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEt MWYwYWFjMTQ5NWFjLzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEtMWYwYWFjMTQ5NWFj LzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABH+RaoJk 7uVW2zDduXXUwJ53h4nc6API4nsnkMQUiL3TRB9EBK2xKddat4PgX9WmHjnr3tAe JeUQcsnVfAZp974WxYqmy0IHshP83xDYS/n/iul6ieey/N57ZQXbEdZWi0A2UgBt 1ExMSco3JnmAoAEa86u7hQtk9eICwSeMKC2XZg4zQwSm+Exd8n+oRaOGlOG0npd/ 8EDx3J4mu6ePu46bZuTtHX8QvvWDTBndWc8Viapf2Vtss8W5Ih69xCqsrqNLxzkc yX/ujQ/A7KfCZiA3SIRVZBa784tCUKxg5bhlK6dvDfUEX/0kSk+y3N+E4YxZsxWz OtcHCc2U1bHTUA== -----END CERTIFICATE-----Generated at Mon Jan 12 22:59:35 2026 by rpki-client