This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft File: hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json) Hash identifier: /1Mu6IxQk3dT9CZLgZe/5ecoh7lK1xnq7wsgVwx6ycU= Subject key identifier: 28:51:DE:07:0C:EE:EE:F7:5E:25:DD:C8:E6:F5:21:C6:54:1B:EC:EB Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF Certificate issuer: /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af Certificate serial: 019BAFB931807B600C680D4BE623AA93B2D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft Manifest number: 0EA3 Signing time: Mon 12 Jan 2026 01:01:48 +0000 Manifest this update: Mon 12 Jan 2026 01:01:48 +0000 Manifest next update: Tue 13 Jan 2026 01:01:48 +0000 Files and hashes: 1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: beDcuda1BpDVorUbSjdL9FcAlfMrgVDQqS5gqiYGtkM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 01:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:af:b9:31:80:7b:60:0c:68:0d:4b:e6:23:aa:93:b2:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af Validity Not Before: Jan 12 01:01:48 2026 GMT Not After : Jan 13 01:01:48 2026 GMT Subject: CN=2851de070ceeeef75e25ddc8e6f521c6541beceb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:7d:04:bd:68:67:f1:ef:ee:1e:7c:fc:ec:cc: 44:bb:bc:03:4e:4d:ce:6f:8c:b4:3c:68:f6:4c:36: ac:00:80:9e:74:44:1f:16:38:74:c9:02:07:d0:5f: 23:c1:fe:47:12:8e:7f:17:f0:4c:49:fc:26:51:ba: d1:dd:59:44:12:98:11:a8:76:9a:1b:f9:95:e1:77: 6c:92:f8:5f:22:7e:e6:ce:1b:0c:07:fd:57:1a:d6: e5:24:ce:ce:ea:b2:2a:cd:71:6b:e2:09:3b:17:8a: 6b:18:62:5f:c9:60:4a:dc:41:2d:55:2f:7e:3f:51: b8:6e:ad:85:2f:ec:b2:ef:cd:91:19:e1:c6:3e:a5: 30:45:66:f2:ae:92:eb:5b:08:06:e0:21:a7:24:ed: f0:cb:75:d4:2c:eb:08:11:38:27:b1:f5:7e:c9:e7: 17:4c:e9:40:ec:70:ae:0c:ab:5d:14:12:f8:91:60: 05:f1:1a:35:13:02:ef:1e:5d:1f:8d:c4:70:01:96: ba:3d:ea:9a:ad:36:3b:5b:32:e6:88:a5:d5:58:10: bc:8c:20:e0:f0:64:ff:85:a4:7a:06:b9:d9:0c:88: fe:c4:c6:5e:2a:67:c4:2e:f8:ed:6d:40:a0:53:52: 93:be:d0:a5:dc:b7:fb:60:d9:6f:77:c8:2a:8a:3c: 4a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:51:DE:07:0C:EE:EE:F7:5E:25:DD:C8:E6:F5:21:C6:54:1B:EC:EB X509v3 Authority Key Identifier: keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:04:3d:74:13:3e:8a:be:79:ff:ad:f5:9a:95:b1:67:0b:79: cd:1f:66:6a:f4:b8:67:0d:9d:9c:26:6a:f0:3b:c9:b4:16:9c: a2:e0:25:87:3b:e6:6c:d7:7b:a6:4f:e1:75:70:1d:f3:dd:7c: 1e:41:c5:be:1e:29:85:83:b0:a0:a7:3a:5c:2e:19:65:3b:89: d3:5d:c0:8f:38:d4:be:d8:d5:24:23:70:22:ff:b9:e7:48:29: 36:15:b9:fb:f1:fa:7e:17:68:fe:be:07:00:92:c5:d8:4a:27: 89:35:19:a9:f8:a8:dd:5a:a6:f5:64:d8:f4:b1:18:06:46:d9: 4c:5c:65:ae:49:df:35:3b:14:ce:92:55:a8:76:b6:8a:61:8b: e7:c8:55:a4:c0:e7:36:f5:dc:9d:d1:c3:6b:cf:dd:a8:37:9c: 85:5c:f9:43:f1:65:c0:68:fa:3c:31:87:af:c2:fb:44:6d:20: b7:ac:c1:7c:3a:a1:89:71:d0:41:6d:89:df:5e:8f:0f:97:4d: 2c:02:2c:c6:49:d2:23:a7:af:01:a8:13:d1:cb:38:1a:62:ba: 1f:05:49:fe:cd:f1:cc:64:3b:68:11:e9:7c:88:82:4b:7f:9c: 97:f7:74:bb:c6:43:d5:52:21:ea:1a:75:77:b5:27:82:bc:a1: bc:19:51:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuvuTGAe2AMaA1L5iOqk7LZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh MjQ4YWYwHhcNMjYwMTEyMDEwMTQ4WhcNMjYwMTEzMDEwMTQ4WjAzMTEwLwYDVQQD EygyODUxZGUwNzBjZWVlZWY3NWUyNWRkYzhlNmY1MjFjNjU0MWJlY2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAin0EvWhn8e/uHnz87MxEu7wDTk3O b4y0PGj2TDasAICedEQfFjh0yQIH0F8jwf5HEo5/F/BMSfwmUbrR3VlEEpgRqHaa G/mV4XdskvhfIn7mzhsMB/1XGtblJM7O6rIqzXFr4gk7F4prGGJfyWBK3EEtVS9+ P1G4bq2FL+yy782RGeHGPqUwRWbyrpLrWwgG4CGnJO3wy3XULOsIETgnsfV+yecX TOlA7HCuDKtdFBL4kWAF8Ro1EwLvHl0fjcRwAZa6PeqarTY7WzLmiKXVWBC8jCDg 8GT/haR6BrnZDIj+xMZeKmfELvjtbUCgU1KTvtCl3Lf7YNlvd8gqijxKowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFChR3gcM7u73XiXdyOb1IcZUG+zrMB8GA1UdIwQY MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4 LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwQ9dBM+ ir55/631mpWxZwt5zR9mavS4Zw2dnCZq8DvJtBacouAlhzvmbNd7pk/hdXAd8918 HkHFvh4phYOwoKc6XC4ZZTuJ013AjzjUvtjVJCNwIv+550gpNhW5+/H6fhdo/r4H AJLF2EoniTUZqfio3Vqm9WTY9LEYBkbZTFxlrknfNTsUzpJVqHa2imGL58hVpMDn NvXcndHDa8/dqDechVz5Q/FlwGj6PDGHr8L7RG0gt6zBfDqhiXHQQW2J316PD5dN LAIsxknSI6evAagT0cs4GmK6HwVJ/s3xzGQ7aBHpfIiCS3+cl/d0u8ZD1VIh6hp1 d7UngryhvBlRGw== -----END CERTIFICATE-----Generated at Mon Jan 12 09:25:31 2026 by rpki-client