This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft File: nDKfMzH1ND8pDrSkHxbENjooLJA.mft (raw, json) Hash identifier: 35LgVx3ET4KRupaxK5Vb5ogQlv0Y1ANbht2wN9jzPLc= Subject key identifier: 32:38:1B:BB:BA:7B:F2:74:2E:54:26:E0:DB:10:FE:2D:C0:6F:0D:20 Authority key identifier: 9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90 Certificate issuer: /CN=9c329f3331f5343f290eb4a41f16c4363a282c90 Certificate serial: 019B9E20AFEFF9F78858200A0FA932CC2B2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft Manifest number: 17BC Signing time: Thu 08 Jan 2026 15:01:40 +0000 Manifest this update: Thu 08 Jan 2026 15:01:40 +0000 Manifest next update: Fri 09 Jan 2026 15:01:40 +0000 Files and hashes: 1: eypzd6poG3jDCG2V-Hkvi0h-uqk.roa (hash: a6MGVLLBIxQKSFoYyBfEEcE09ol5itCNEXdRhC5N+Ao=) 2: nDKfMzH1ND8pDrSkHxbENjooLJA.crl (hash: ZRO0d4jWz3chST0FRJpvFrlXLBxaug6wzl3Aa173sUQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 14:14:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9e:20:af:ef:f9:f7:88:58:20:0a:0f:a9:32:cc:2b:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c329f3331f5343f290eb4a41f16c4363a282c90 Validity Not Before: Jan 8 15:01:40 2026 GMT Not After : Jan 9 15:01:40 2026 GMT Subject: CN=32381bbbba7bf2742e5426e0db10fe2dc06f0d20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:d4:c9:55:c3:a1:15:3b:18:8d:a7:74:20:ea: 51:37:01:46:47:66:df:c0:9d:aa:bc:1c:e8:b6:82: 40:6c:b9:73:39:41:f3:cb:0f:32:01:7d:98:a6:23: c3:08:59:11:af:a4:da:ad:ce:31:df:15:ba:11:d7: 37:58:37:42:63:55:2b:c3:ad:45:cc:e2:b3:41:21: 15:d3:39:b2:e9:69:b6:38:ea:f3:a5:e4:30:07:16: de:31:81:13:a9:5f:e7:8a:bc:fc:40:46:d2:9b:46: 37:81:64:17:a2:2c:f9:23:6c:9e:3b:9e:59:43:43: 8a:b1:78:47:a0:4c:60:8f:4b:6b:27:b2:b0:fd:07: 88:17:2c:d0:75:b0:50:85:a9:d6:aa:c5:b7:92:ff: 02:68:68:d0:bc:7b:fe:fa:f7:08:b9:cc:fc:38:2d: 84:bb:e7:b3:aa:3c:3f:c7:8c:33:9b:ca:d7:ec:88: 2e:b7:23:31:67:f8:6a:54:5e:80:ab:53:fa:c8:40: 02:e4:04:a1:9b:43:b6:d7:c6:0b:c9:77:ed:1d:53: 29:4e:35:cb:ed:8e:38:29:54:c8:3f:be:73:17:4f: cf:75:d9:1e:e4:26:78:cb:d2:38:8c:52:6a:98:45: a8:01:b6:04:fb:ab:78:d2:41:d2:10:f7:75:a5:e2: 08:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:38:1B:BB:BA:7B:F2:74:2E:54:26:E0:DB:10:FE:2D:C0:6F:0D:20 X509v3 Authority Key Identifier: keyid:9C:32:9F:33:31:F5:34:3F:29:0E:B4:A4:1F:16:C4:36:3A:28:2C:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDKfMzH1ND8pDrSkHxbENjooLJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/624220-c076-4a1d-aefb-b7f5d4395cc0/1/nDKfMzH1ND8pDrSkHxbENjooLJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:74:e8:64:67:f9:15:b9:da:2a:74:50:c2:09:fc:9c:ee:8b: bd:75:cc:80:2f:bb:4b:e3:45:a6:d5:97:82:21:d1:77:5f:3f: b2:09:03:3b:f3:e6:51:07:ac:42:2d:f9:2c:31:b1:24:33:28: d0:57:15:d4:39:98:0b:b1:2b:b1:39:85:87:fa:99:82:51:e6: 1f:97:a5:55:c5:7d:ed:47:d6:be:b5:00:14:95:f9:59:f1:d0: ef:ef:62:96:c2:34:dd:b7:5c:ad:b9:06:b8:0c:34:4e:81:d3: 7a:26:4d:92:54:a5:52:12:f1:7d:50:69:9e:14:75:59:5d:f1: b8:82:1d:86:1d:a2:9c:d4:87:37:ba:dc:84:4e:f9:a2:64:70: 66:84:f0:78:a2:63:5b:68:8f:1e:b7:c0:0f:6e:1b:78:14:6e: fe:f3:cf:1e:2f:14:ad:a8:a2:30:de:2d:67:c4:79:af:b2:f7: c3:b5:77:1a:a2:54:7f:e7:1d:3d:f9:7e:0a:19:aa:c1:2a:55: 51:3b:1d:c2:5e:24:32:f4:ac:c1:3f:8e:d8:32:84:85:3e:80: b9:8e:9a:0d:58:de:06:5e:e1:ea:52:f9:a7:a6:13:25:ca:06: 98:97:cb:1e:7b:89:02:50:24:be:13:48:3d:77:d4:fe:1a:b7: 1f:bd:90:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZueIK/v+feIWCAKD6kyzCsrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljMzI5ZjMzMzFmNTM0M2YyOTBlYjRhNDFmMTZjNDM2M2Ey ODJjOTAwHhcNMjYwMTA4MTUwMTQwWhcNMjYwMTA5MTUwMTQwWjAzMTEwLwYDVQQD EygzMjM4MWJiYmJhN2JmMjc0MmU1NDI2ZTBkYjEwZmUyZGMwNmYwZDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dTJVcOhFTsYjad0IOpRNwFGR2bf wJ2qvBzotoJAbLlzOUHzyw8yAX2YpiPDCFkRr6Tarc4x3xW6Edc3WDdCY1Urw61F zOKzQSEV0zmy6Wm2OOrzpeQwBxbeMYETqV/nirz8QEbSm0Y3gWQXoiz5I2yeO55Z Q0OKsXhHoExgj0trJ7Kw/QeIFyzQdbBQhanWqsW3kv8CaGjQvHv++vcIucz8OC2E u+ezqjw/x4wzm8rX7IgutyMxZ/hqVF6Aq1P6yEAC5AShm0O218YLyXftHVMpTjXL 7Y44KVTIP75zF0/Pddke5CZ4y9I4jFJqmEWoAbYE+6t40kHSEPd1peIIBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDI4G7u6e/J0LlQm4NsQ/i3Abw0gMB8GA1UdIwQY MBaAFJwynzMx9TQ/KQ60pB8WxDY6KCyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmIt YjdmNWQ0Mzk1Y2MwLzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi82MjQyMjAtYzA3Ni00YTFkLWFlZmItYjdmNWQ0Mzk1Y2Mw LzEvbkRLZk16SDFORDhwRHJTa0h4YkVOam9vTEpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanToZGf5 FbnaKnRQwgn8nO6LvXXMgC+7S+NFptWXgiHRd18/sgkDO/PmUQesQi35LDGxJDMo 0FcV1DmYC7ErsTmFh/qZglHmH5elVcV97UfWvrUAFJX5WfHQ7+9ilsI03bdcrbkG uAw0ToHTeiZNklSlUhLxfVBpnhR1WV3xuIIdhh2inNSHN7rchE75omRwZoTweKJj W2iPHrfAD24beBRu/vPPHi8UraiiMN4tZ8R5r7L3w7V3GqJUf+cdPfl+ChmqwSpV UTsdwl4kMvSswT+O2DKEhT6AuY6aDVjeBl7h6lL5p6YTJcoGmJfLHnuJAlAkvhNI PXfU/hq3H72Q8w== -----END CERTIFICATE-----Generated at Thu Jan 8 20:12:52 2026 by rpki-client