This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft File: 3sQzl3xytL5diI9WhT7TGh_x78Y.mft (raw, json) Hash identifier: oEYJiKJGSyEQPFaSNcCHd1ts6A1X/TLAhc0PQ1Dj6YM= Subject key identifier: 19:F7:6F:72:A7:4D:9F:1B:12:4B:52:6F:89:85:89:9C:09:03:77:9B Authority key identifier: DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6 Certificate issuer: /CN=dec433977c72b4be5d888f56853ed31a1ff1efc6 Certificate serial: 019BAD5C5798DEA7D4D75681C016A13F63D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft Manifest number: 0EA2 Signing time: Sun 11 Jan 2026 14:01:08 +0000 Manifest this update: Sun 11 Jan 2026 14:01:08 +0000 Manifest next update: Mon 12 Jan 2026 14:01:08 +0000 Files and hashes: 1: 3sQzl3xytL5diI9WhT7TGh_x78Y.crl (hash: RapWWtgFqOX6LQhD4w992cGCorMnFF5cL3L3TGCfpA0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 14:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:5c:57:98:de:a7:d4:d7:56:81:c0:16:a1:3f:63:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dec433977c72b4be5d888f56853ed31a1ff1efc6 Validity Not Before: Jan 11 14:01:08 2026 GMT Not After : Jan 12 14:01:08 2026 GMT Subject: CN=19f76f72a74d9f1b124b526f8985899c0903779b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:34:03:f3:30:9b:f8:dc:96:29:28:9c:b9:ff: 77:94:e1:f7:75:c3:3d:32:6a:15:d5:b5:c4:03:f8: 39:ba:14:15:01:2c:93:e8:90:42:d7:04:30:f5:68: 25:a4:4e:12:76:5d:fc:26:6d:c4:0b:92:cb:d3:56: 1e:87:57:49:b3:02:86:36:06:84:d4:ff:6a:1f:87: e0:30:2d:04:51:c3:c5:8b:35:67:99:e1:85:ec:54: 08:e6:64:c3:d5:ff:12:bb:69:25:6e:c9:1c:86:bb: 21:04:f5:06:c4:b4:7f:fc:3d:1e:7b:32:18:a9:08: e4:05:09:26:12:4f:62:62:16:9b:6f:66:2e:1b:e8: ca:7f:d6:9c:d8:c7:59:57:b0:48:aa:4a:54:95:a5: 21:35:7a:fc:a7:98:08:db:0c:c0:62:ab:b2:f9:4c: 89:d6:64:28:31:68:6c:af:f6:3b:e0:19:86:ce:84: 25:2a:b5:34:d8:55:e7:5a:b1:fe:f8:ab:48:d8:7e: a3:87:50:68:92:2f:1f:62:ae:a3:87:a5:75:fd:c3: a9:2f:3d:be:f9:a7:08:9a:5d:c8:af:55:fc:bc:91: 2c:d9:f5:b7:f8:87:91:22:62:bc:d1:ff:d0:e8:9f: 49:d4:c8:8d:e1:49:e3:ea:e2:e8:bd:6f:34:29:58: ae:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:F7:6F:72:A7:4D:9F:1B:12:4B:52:6F:89:85:89:9C:09:03:77:9B X509v3 Authority Key Identifier: keyid:DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:f3:7a:a3:52:f7:b6:57:cd:e3:00:ba:30:c0:c6:8e:8e:71: 4f:3b:d2:cb:25:0f:a2:80:c3:4c:9a:4c:2d:35:f5:e8:ef:ed: 61:cf:90:a6:66:60:7b:05:19:07:75:82:68:0b:ea:4a:e9:f2: f5:ed:93:9f:59:40:e1:11:06:5a:08:74:9a:74:16:e0:1a:de: bc:05:2a:e2:b9:ce:51:6d:b0:2b:ef:dd:8f:30:ca:62:2a:75: 45:2b:27:42:d3:d5:ca:9e:67:b3:c8:30:47:bd:69:6b:53:91: c9:0c:a1:19:14:1a:da:95:12:ca:50:4b:17:4b:48:49:2e:29: 53:c0:75:32:aa:e9:9c:0a:bf:19:51:90:db:fe:25:69:a5:38: 12:c0:2c:52:ac:82:9d:c8:5f:6d:99:ec:17:01:e3:5b:e4:47: f8:e8:8f:54:dc:0f:01:f7:16:19:fa:86:b0:b6:01:26:3f:df: e6:b2:93:3e:2c:75:77:47:b4:c4:a6:95:e6:95:2c:65:7b:a4: f2:99:a2:a6:4d:73:de:84:9e:cc:96:a0:f2:85:57:89:78:8f: dd:a6:a6:e8:71:3c:b4:a1:71:75:b3:a7:51:78:6e:e5:8e:3f: 5d:fe:64:97:c8:0d:ab:e3:a0:a3:2a:7b:ba:5c:98:1e:23:36: 21:53:a5:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutXFeY3qfU11aBwBahP2PSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYzQzMzk3N2M3MmI0YmU1ZDg4OGY1Njg1M2VkMzFhMWZm MWVmYzYwHhcNMjYwMTExMTQwMTA4WhcNMjYwMTEyMTQwMTA4WjAzMTEwLwYDVQQD EygxOWY3NmY3MmE3NGQ5ZjFiMTI0YjUyNmY4OTg1ODk5YzA5MDM3NzliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDQD8zCb+NyWKSicuf93lOH3dcM9 MmoV1bXEA/g5uhQVASyT6JBC1wQw9WglpE4Sdl38Jm3EC5LL01Yeh1dJswKGNgaE 1P9qH4fgMC0EUcPFizVnmeGF7FQI5mTD1f8Su2klbskchrshBPUGxLR//D0eezIY qQjkBQkmEk9iYhabb2YuG+jKf9ac2MdZV7BIqkpUlaUhNXr8p5gI2wzAYquy+UyJ 1mQoMWhsr/Y74BmGzoQlKrU02FXnWrH++KtI2H6jh1Boki8fYq6jh6V1/cOpLz2+ +acIml3Ir1X8vJEs2fW3+IeRImK80f/Q6J9J1MiN4Unj6uLovW80KViuJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBn3b3KnTZ8bEktSb4mFiZwJA3ebMB8GA1UdIwQY MBaAFN7EM5d8crS+XYiPVoU+0xof8e/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYt MjIzZjUwOGMwNTVhLzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi80NTZhODUtYjdhMS00MTgzLWE2NGYtMjIzZjUwOGMwNTVh LzEvM3NRemwzeHl0TDVkaUk5V2hUN1RHaF94NzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPN6o1L3 tlfN4wC6MMDGjo5xTzvSyyUPooDDTJpMLTX16O/tYc+QpmZgewUZB3WCaAvqSuny 9e2Tn1lA4REGWgh0mnQW4BrevAUq4rnOUW2wK+/djzDKYip1RSsnQtPVyp5ns8gw R71pa1ORyQyhGRQa2pUSylBLF0tISS4pU8B1MqrpnAq/GVGQ2/4laaU4EsAsUqyC nchfbZnsFwHjW+RH+OiPVNwPAfcWGfqGsLYBJj/f5rKTPix1d0e0xKaV5pUsZXuk 8pmipk1z3oSezJag8oVXiXiP3aam6HE8tKFxdbOnUXhu5Y4/Xf5kl8gNq+Ogoyp7 ulyYHiM2IVOlGg== -----END CERTIFICATE-----Generated at Sun Jan 11 23:20:54 2026 by rpki-client