This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft File: I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json) Hash identifier: FPwHML8eMzl9J7JQ7k540kIfn5Me5uZavJiRsyBdm+8= Subject key identifier: A3:6A:48:C8:58:F8:AE:A1:E3:37:07:5C:12:FB:0B:02:28:F8:8F:92 Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0 Certificate issuer: /CN=23f91084058819889a4a8f32ea347759543134f0 Certificate serial: 019BB0CBC85BCE77D668F76E5EFD9C8DAB7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft Manifest number: 17C1 Signing time: Mon 12 Jan 2026 06:01:43 +0000 Manifest this update: Mon 12 Jan 2026 06:01:43 +0000 Manifest next update: Tue 13 Jan 2026 06:01:43 +0000 Files and hashes: 1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: hv5ozxKblBoEijBUS5hKZhQa2qRaYNjBfNrlzQ18i00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b0:cb:c8:5b:ce:77:d6:68:f7:6e:5e:fd:9c:8d:ab:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23f91084058819889a4a8f32ea347759543134f0 Validity Not Before: Jan 12 06:01:43 2026 GMT Not After : Jan 13 06:01:43 2026 GMT Subject: CN=a36a48c858f8aea1e337075c12fb0b0228f88f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:3b:af:e2:59:07:fc:a4:c2:03:b3:00:43:f7: c0:39:fc:25:af:15:a7:8d:39:8d:6e:b8:c3:36:26: ee:b1:d4:a2:08:97:1d:8e:bf:1c:37:03:b9:c1:0a: 65:ef:22:b7:ae:00:dd:4c:b6:b2:79:73:3c:37:c2: 7c:a4:84:0f:cf:8a:20:b0:d5:25:de:b8:a6:45:b3: 4f:71:98:24:94:24:cc:d5:3a:b7:d4:92:6a:34:59: 2f:a5:76:84:c2:df:19:b0:8c:96:04:3a:d3:dd:f1: 51:e4:26:3a:e0:c7:11:ea:1f:21:f2:26:d5:ad:8d: dc:aa:d8:5d:5f:12:f9:f0:6a:91:6e:75:21:d8:e9: 47:00:14:7a:3d:d9:60:4f:17:74:89:f8:7b:8d:88: 6e:fb:27:14:5f:29:0b:1d:ce:a1:5c:8d:91:9c:72: 56:09:2a:6a:7f:1e:1c:0d:01:1d:4f:27:36:19:46: 24:e1:30:25:d6:1d:81:fe:d4:d2:16:93:60:b3:3e: 9b:6d:5a:ab:01:88:b6:00:fc:80:cc:9b:ee:85:54: 7a:2d:16:70:ad:56:8e:5d:3c:51:e4:a4:ba:b9:32: 5b:fc:a2:ee:3f:06:5b:56:4a:5e:0a:3a:98:dc:d4: 79:0a:b2:8f:b2:ca:ce:23:2b:be:61:10:1b:d3:ce: d0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6A:48:C8:58:F8:AE:A1:E3:37:07:5C:12:FB:0B:02:28:F8:8F:92 X509v3 Authority Key Identifier: keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:9c:c7:83:27:39:84:98:f2:9e:f8:26:99:b1:b5:bc:38:e3: cd:7b:6a:84:f0:5d:e8:55:1c:72:c6:e3:d1:ed:21:1a:09:43: 5b:7c:ee:e5:9e:2a:df:55:e8:de:d6:a2:99:87:b1:6c:0b:16: 23:ea:53:ae:40:f4:b9:bb:0b:35:02:37:78:2e:37:07:fd:27: 08:84:01:6a:90:43:8c:6a:11:f0:6d:d5:10:d7:f8:8b:c6:4e: 78:71:2e:ee:b4:d3:f5:7d:d6:25:4f:29:08:a8:da:45:e9:9d: cf:a8:be:dc:cb:55:33:7f:54:37:ad:7f:df:13:54:d5:54:41: e8:f5:bc:6d:27:18:bf:ef:7c:73:6b:e6:ed:db:b0:91:8a:1a: e4:22:7e:c9:1a:ac:57:fa:e4:c1:c0:4a:3b:d1:1a:45:57:32: 34:c8:f7:73:fc:f6:ad:cf:60:aa:35:a3:dd:33:68:04:fb:15: e7:07:bd:b5:86:1e:4c:d6:06:69:c7:b6:21:fa:12:7f:73:fc: 8d:b9:c8:67:34:06:6c:f7:23:20:34:65:2b:1e:62:07:bf:4d: 77:f8:4d:84:8d:3e:cf:0f:be:7d:9a:c2:3a:50:8c:3a:42:1f: 6d:3d:e5:fe:bb:ba:ea:b8:98:d3:72:50:43:98:05:ca:9c:dd: 0d:25:58:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuwy8hbznfWaPduXv2cjat6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz MTM0ZjAwHhcNMjYwMTEyMDYwMTQzWhcNMjYwMTEzMDYwMTQzWjAzMTEwLwYDVQQD EyhhMzZhNDhjODU4ZjhhZWExZTMzNzA3NWMxMmZiMGIwMjI4Zjg4ZjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzuv4lkH/KTCA7MAQ/fAOfwlrxWn jTmNbrjDNibusdSiCJcdjr8cNwO5wQpl7yK3rgDdTLayeXM8N8J8pIQPz4ogsNUl 3rimRbNPcZgklCTM1Tq31JJqNFkvpXaEwt8ZsIyWBDrT3fFR5CY64McR6h8h8ibV rY3cqthdXxL58GqRbnUh2OlHABR6PdlgTxd0ifh7jYhu+ycUXykLHc6hXI2RnHJW CSpqfx4cDQEdTyc2GUYk4TAl1h2B/tTSFpNgsz6bbVqrAYi2APyAzJvuhVR6LRZw rVaOXTxR5KS6uTJb/KLuPwZbVkpeCjqY3NR5CrKPssrOIyu+YRAb087QnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKNqSMhY+K6h4zcHXBL7CwIo+I+SMB8GA1UdIwQY MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB5zHgyc5 hJjynvgmmbG1vDjjzXtqhPBd6FUccsbj0e0hGglDW3zu5Z4q31Xo3taimYexbAsW I+pTrkD0ubsLNQI3eC43B/0nCIQBapBDjGoR8G3VENf4i8ZOeHEu7rTT9X3WJU8p CKjaRemdz6i+3MtVM39UN61/3xNU1VRB6PW8bScYv+98c2vm7duwkYoa5CJ+yRqs V/rkwcBKO9EaRVcyNMj3c/z2rc9gqjWj3TNoBPsV5we9tYYeTNYGace2IfoSf3P8 jbnIZzQGbPcjIDRlKx5iB79Nd/hNhI0+zw++fZrCOlCMOkIfbT3l/ru66riY03JQ Q5gFypzdDSVYGQ== -----END CERTIFICATE-----Generated at Mon Jan 12 10:20:41 2026 by rpki-client