This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft File: G8qoP8mkEL2z4P0thIcgE0dxvs8.mft (raw, json) Hash identifier: gtF254wYwuAr1u2wjlHtP0pBYNy0iCe4IkEQ89RAGpA= Subject key identifier: EF:B1:49:96:A6:A7:30:FF:63:4E:1C:84:45:14:94:D2:BB:F3:AD:70 Authority key identifier: 1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF Certificate issuer: /CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf Certificate serial: 019BA1C641878DDBB413FCBF593E7782C1AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft Manifest number: 174A Signing time: Fri 09 Jan 2026 08:01:23 +0000 Manifest this update: Fri 09 Jan 2026 08:01:23 +0000 Manifest next update: Sat 10 Jan 2026 08:01:23 +0000 Files and hashes: 1: G8qoP8mkEL2z4P0thIcgE0dxvs8.crl (hash: CZQ3sCa3lgJGVE5JL1T3VF5obc3YSlqPBLJ9d3OHm8Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 08:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a1:c6:41:87:8d:db:b4:13:fc:bf:59:3e:77:82:c1:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf Validity Not Before: Jan 9 08:01:23 2026 GMT Not After : Jan 10 08:01:23 2026 GMT Subject: CN=efb14996a6a730ff634e1c84451494d2bbf3ad70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:94:74:c0:dd:c8:8e:94:5b:ec:4e:73:d0:45: 3e:9d:3d:4d:5a:2d:e5:7b:bf:95:87:58:6e:4d:5d: 6d:49:7f:06:32:d0:80:48:05:c5:2c:8d:8e:f9:e4: 58:90:2c:5d:b3:e7:c7:0f:37:8d:d1:e1:10:68:f0: 0c:9b:6a:1c:e7:b8:6d:db:ab:b2:ee:a6:45:19:32: 7e:6f:d8:0f:b0:a3:4c:43:48:f0:63:33:5e:47:c2: 98:63:cd:79:89:50:aa:ec:27:16:35:5e:b2:0f:4e: 39:0f:92:d0:cf:97:3d:65:04:85:b9:26:d7:78:b2: 6b:da:19:4c:d0:7e:6d:42:d4:d3:29:3c:ca:99:63: 7d:13:4a:e9:ab:81:ac:ce:bc:d5:09:7d:3a:38:a2: c6:8e:b7:17:e4:b6:d4:17:2f:cb:32:43:b5:81:d0: 42:8f:d1:6b:79:86:96:c9:07:ec:c9:5d:ea:dc:4f: 9a:f5:01:41:23:b9:1a:71:5a:ad:e0:5f:13:0f:72: d2:38:85:17:44:4c:72:39:0f:a0:df:12:c8:df:36: b5:7a:9d:04:bc:5c:de:cf:94:49:65:4f:3b:cf:02: 65:f2:04:77:fe:06:38:95:ef:7d:5e:7c:ca:8f:d5: 47:f5:44:b6:7c:1e:47:f4:5c:3f:ee:90:55:a4:32: f0:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:B1:49:96:A6:A7:30:FF:63:4E:1C:84:45:14:94:D2:BB:F3:AD:70 X509v3 Authority Key Identifier: keyid:1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:ef:a6:c2:c6:22:04:08:4d:99:f3:06:6f:8b:4b:d2:0b:b4: 8c:6b:e3:7e:f1:e4:8e:2c:56:56:09:cb:87:9f:db:73:3b:07: 66:dd:11:11:c1:90:e8:05:b5:c5:89:61:07:2a:17:cd:ff:9e: c2:59:c8:96:e0:e3:b4:b6:4b:f9:03:3b:b5:da:2a:67:71:b2: 26:ab:4b:64:aa:a9:22:73:eb:b1:d1:7b:b2:e2:73:38:82:01: 0c:67:a2:b3:71:b0:1c:0c:e0:0a:21:d2:36:3a:38:52:60:77: 4a:f4:f7:aa:13:5b:8c:a3:69:c7:ea:a4:ab:ea:ec:61:d4:b1: 6a:d3:10:41:02:a8:ad:42:93:d8:01:d3:19:1e:6d:39:d8:2d: aa:2a:97:4b:ab:97:14:1c:ef:10:51:a9:75:77:b9:cf:75:05: f9:07:71:13:15:42:d6:59:81:d8:92:8d:d2:ab:1d:14:fb:c0: bf:27:9e:6e:a0:38:d7:6c:6b:76:7b:94:2a:be:46:06:c3:10: c4:df:dd:e6:50:e7:67:6a:ba:69:e2:5e:5e:0a:55:8f:26:27: 20:c4:fb:75:eb:19:a5:2f:67:46:eb:d9:37:90:4a:c6:b1:74: ba:ba:46:da:10:3a:28:36:2b:00:82:1e:2f:08:eb:2a:9e:3e: 0f:31:d2:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuhxkGHjdu0E/y/WT53gsGtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiY2FhODNmYzlhNDEwYmRiM2UwZmQyZDg0ODcyMDEzNDc3 MWJlY2YwHhcNMjYwMTA5MDgwMTIzWhcNMjYwMTEwMDgwMTIzWjAzMTEwLwYDVQQD EyhlZmIxNDk5NmE2YTczMGZmNjM0ZTFjODQ0NTE0OTRkMmJiZjNhZDcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5R0wN3IjpRb7E5z0EU+nT1NWi3l e7+Vh1huTV1tSX8GMtCASAXFLI2O+eRYkCxds+fHDzeN0eEQaPAMm2oc57ht26uy 7qZFGTJ+b9gPsKNMQ0jwYzNeR8KYY815iVCq7CcWNV6yD045D5LQz5c9ZQSFuSbX eLJr2hlM0H5tQtTTKTzKmWN9E0rpq4GszrzVCX06OKLGjrcX5LbUFy/LMkO1gdBC j9FreYaWyQfsyV3q3E+a9QFBI7kacVqt4F8TD3LSOIUXRExyOQ+g3xLI3za1ep0E vFzez5RJZU87zwJl8gR3/gY4le99XnzKj9VH9US2fB5H9Fw/7pBVpDLwyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO+xSZampzD/Y04chEUUlNK7861wMB8GA1UdIwQY MBaAFBvKqD/JpBC9s+D9LYSHIBNHcb7PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMt Y2Q3MDEzOGU2MzgzLzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMtY2Q3MDEzOGU2Mzgz LzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAju+mwsYi BAhNmfMGb4tL0gu0jGvjfvHkjixWVgnLh5/bczsHZt0REcGQ6AW1xYlhByoXzf+e wlnIluDjtLZL+QM7tdoqZ3GyJqtLZKqpInPrsdF7suJzOIIBDGeis3GwHAzgCiHS Njo4UmB3SvT3qhNbjKNpx+qkq+rsYdSxatMQQQKorUKT2AHTGR5tOdgtqiqXS6uX FBzvEFGpdXe5z3UF+QdxExVC1lmB2JKN0qsdFPvAvyeebqA412xrdnuUKr5GBsMQ xN/d5lDnZ2q6aeJeXgpVjyYnIMT7desZpS9nRuvZN5BKxrF0urpG2hA6KDYrAIIe LwjrKp4+DzHSWA== -----END CERTIFICATE-----Generated at Fri Jan 9 16:30:01 2026 by rpki-client