This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft File: vflgsO5rxdD2oMZKafL4Yln9zVg.mft (raw, json) Hash identifier: /ZfHXjs85iF81GPOxcUvQoyugOxdtqG6pChzCGkpJ58= Subject key identifier: 6E:00:6A:DA:AF:C1:1D:20:6E:0B:ED:5B:8A:E5:5A:CF:45:14:B9:94 Authority key identifier: BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58 Certificate issuer: /CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58 Certificate serial: 019B77EDABABE66F18D9AAB8B2FCEB61E769 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft Manifest number: 167F Signing time: Thu 01 Jan 2026 05:00:23 +0000 Manifest this update: Thu 01 Jan 2026 05:00:23 +0000 Manifest next update: Fri 02 Jan 2026 05:00:23 +0000 Files and hashes: 1: rEdLOhgJ5xMWvLwmv0wizm-cOW0.roa (hash: 5KEvRv7KqMLhpYGvFA0tU5bp6PFE1qlP3ELvibmeSX4=) 2: vflgsO5rxdD2oMZKafL4Yln9zVg.crl (hash: Tw33gYfEiVHQaIluRrCq3p2x3+fU6hjwrMD9EjOIrKY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 05:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:ed:ab:ab:e6:6f:18:d9:aa:b8:b2:fc:eb:61:e7:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58 Validity Not Before: Jan 1 05:00:23 2026 GMT Not After : Jan 2 05:00:23 2026 GMT Subject: CN=6e006adaafc11d206e0bed5b8ae55acf4514b994 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:02:dd:56:ba:cf:9d:46:8f:99:36:af:64:f0: b3:a7:80:86:9d:e4:2f:1d:e5:aa:09:cf:2f:95:91: 9f:38:79:f3:07:6d:86:1a:93:6e:b9:c5:e3:2d:a8: 0a:46:3e:1c:4d:5c:45:9f:e7:c2:55:70:a3:cb:41: 6d:92:fb:b7:04:0c:b8:5d:2e:42:af:96:ce:57:40: e2:0c:3d:28:b4:59:2b:7c:51:b2:1f:f1:37:7a:d3: 60:75:64:8a:81:ed:ad:8c:ef:0f:28:24:ca:d9:75: d3:14:27:47:f9:dd:e7:cd:4c:27:78:32:84:52:14: 41:49:cc:cc:74:78:08:9e:55:8b:a8:62:33:a5:25: 98:91:d6:6f:12:1d:f7:b7:57:3d:a6:cf:8e:29:45: e8:39:b7:d3:5e:03:b0:1a:2b:2f:ca:08:19:3e:d4: c3:f4:3c:de:ce:53:be:79:28:cc:36:ba:0c:0c:06: 68:33:09:32:87:64:4b:9f:7c:d9:89:e6:e2:ed:d3: 40:31:fa:ff:cd:a8:b8:97:74:05:d0:a5:38:45:56: 63:54:98:d3:b8:b9:1c:a3:01:4a:0d:78:1e:4a:52: d0:00:f4:56:ab:9a:09:0b:cb:0c:81:cd:68:3d:f1: ce:8b:11:55:c0:36:4c:00:ad:59:33:84:39:a2:11: 16:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:00:6A:DA:AF:C1:1D:20:6E:0B:ED:5B:8A:E5:5A:CF:45:14:B9:94 X509v3 Authority Key Identifier: keyid:BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:41:49:d5:b0:a4:7b:a0:2b:cf:ee:5e:41:96:d0:6a:be:b6: 40:e4:49:93:a2:d7:3b:51:b5:2b:8d:95:ea:e7:9c:1a:1d:08: b1:07:8a:3b:b4:f3:83:17:52:5a:a7:c0:a3:f2:d9:f0:d9:fb: 82:da:c9:35:d5:cb:0e:d3:65:18:09:8a:5e:97:50:8d:56:d2: 66:cb:5d:a3:71:2e:27:33:dc:86:d8:ec:d9:45:29:c1:7b:c7: bf:22:4d:aa:31:26:15:47:d1:80:98:fc:a4:46:2a:18:27:53: 2d:a5:f4:5f:c3:c1:66:ab:af:4d:c3:d2:49:27:13:db:77:ad: cd:d7:97:cf:13:94:d1:c2:28:8a:9e:a6:08:58:77:86:17:cd: 26:27:bb:61:49:df:88:a4:2b:6c:8b:bc:96:4a:87:cc:53:26: 77:fb:bf:8d:a8:3b:a6:15:20:e8:57:75:f3:94:6d:9e:5b:3e: 14:a8:b3:8b:d0:87:3a:72:ae:a2:36:30:72:15:31:7f:30:ed: a5:10:35:8c:a3:6a:a1:ac:df:49:76:25:e7:6e:fd:1b:b4:64: 0d:a5:fc:fc:fc:dc:a0:4f:a2:74:12:67:d9:68:1a:40:20:d5: 9b:a7:15:63:30:8a:3a:d8:43:43:2d:2a:e3:c0:dd:ad:a1:da: 2c:93:d8:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt37aur5m8Y2aq4svzrYedpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZjk2MGIwZWU2YmM1ZDBmNmEwYzY0YTY5ZjJmODYyNTlm ZGNkNTgwHhcNMjYwMTAxMDUwMDIzWhcNMjYwMTAyMDUwMDIzWjAzMTEwLwYDVQQD Eyg2ZTAwNmFkYWFmYzExZDIwNmUwYmVkNWI4YWU1NWFjZjQ1MTRiOTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxALdVrrPnUaPmTavZPCzp4CGneQv HeWqCc8vlZGfOHnzB22GGpNuucXjLagKRj4cTVxFn+fCVXCjy0Ftkvu3BAy4XS5C r5bOV0DiDD0otFkrfFGyH/E3etNgdWSKge2tjO8PKCTK2XXTFCdH+d3nzUwneDKE UhRBSczMdHgInlWLqGIzpSWYkdZvEh33t1c9ps+OKUXoObfTXgOwGisvyggZPtTD 9DzezlO+eSjMNroMDAZoMwkyh2RLn3zZiebi7dNAMfr/zai4l3QF0KU4RVZjVJjT uLkcowFKDXgeSlLQAPRWq5oJC8sMgc1oPfHOixFVwDZMAK1ZM4Q5ohEWRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG4AatqvwR0gbgvtW4rlWs9FFLmUMB8GA1UdIwQY MBaAFL35YLDua8XQ9qDGSmny+GJZ/c1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2Et M2RkZmZkZWI5MjA3LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2EtM2RkZmZkZWI5MjA3 LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkFJ1bCk e6Arz+5eQZbQar62QORJk6LXO1G1K42V6uecGh0IsQeKO7TzgxdSWqfAo/LZ8Nn7 gtrJNdXLDtNlGAmKXpdQjVbSZstdo3EuJzPchtjs2UUpwXvHvyJNqjEmFUfRgJj8 pEYqGCdTLaX0X8PBZquvTcPSSScT23etzdeXzxOU0cIoip6mCFh3hhfNJie7YUnf iKQrbIu8lkqHzFMmd/u/jag7phUg6Fd185Rtnls+FKizi9CHOnKuojYwchUxfzDt pRA1jKNqoazfSXYl5279G7RkDaX8/PzcoE+idBJn2WgaQCDVm6cVYzCKOthDQy0q 48DdraHaLJPYhA== -----END CERTIFICATE-----Generated at Thu Jan 1 10:52:45 2026 by rpki-client