This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.mft File: A1KD5iNe2yXotUdJtihfXj74U3E.mft (raw, json) Hash identifier: gLH0XNen8FvsvcmfxpBBY2u8GyRLTkctIMW11CdhlcQ= Subject key identifier: 03:52:C0:41:7A:87:48:59:99:25:9A:DC:1A:F4:8F:14:67:42:F8:C8 Authority key identifier: 03:52:83:E6:23:5E:DB:25:E8:B5:47:49:B6:28:5F:5E:3E:F8:53:71 Certificate issuer: /CN=035283e6235edb25e8b54749b6285f5e3ef85371 Certificate serial: 019B7F3982BBD4667D173F03F8034D420C84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.mft Manifest number: 02F9 Signing time: Fri 02 Jan 2026 15:00:34 +0000 Manifest this update: Fri 02 Jan 2026 15:00:34 +0000 Manifest next update: Sat 03 Jan 2026 15:00:34 +0000 Files and hashes: 1: A1KD5iNe2yXotUdJtihfXj74U3E.crl (hash: g53jFsRnSX07+qBSNfBbtiNcO4oJr+NhvZs6VBJX43E=) 2: yX9ydvOKgI9DtKgtlG1m9Fn2ZI8.roa (hash: qPtAu4bwy3Juh5so6bwqIDZWhOQpRsegMYoucr8NrwE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.crl rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.mft rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:39:82:bb:d4:66:7d:17:3f:03:f8:03:4d:42:0c:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=035283e6235edb25e8b54749b6285f5e3ef85371 Validity Not Before: Jan 2 15:00:34 2026 GMT Not After : Jan 3 15:00:34 2026 GMT Subject: CN=0352c0417a87485999259adc1af48f146742f8c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ca:59:85:9f:77:e1:16:56:5b:6a:ea:cc:b5: f9:3b:cf:e2:2b:2b:86:9c:c0:3a:df:b6:4f:27:5a: 4a:d9:1f:86:78:0f:6c:75:a5:58:89:a2:22:ce:0f: 07:06:b4:78:f3:10:d2:9a:e9:60:11:6e:49:73:01: dd:81:ed:74:0c:40:35:3e:af:36:e2:30:1f:a0:f4: 3b:e1:a1:ae:2f:14:78:fe:25:29:62:4d:36:43:bd: 3b:11:ad:1e:5b:40:d7:fb:a2:4e:21:69:87:88:a5: b7:27:81:4b:35:45:6a:47:b0:12:0b:da:10:4c:07: 15:ed:79:65:69:e9:8b:45:26:1b:0d:06:81:62:9f: 72:85:55:87:0e:04:fd:f2:9a:c2:5f:b8:d4:5b:82: e3:f1:df:94:70:5d:a4:76:a7:75:b3:f5:30:37:15: b7:8b:33:28:9f:55:46:0c:5f:57:0c:67:a0:9c:5f: ad:0f:13:54:b8:3a:83:30:77:5f:d3:e4:ce:ef:8f: f2:ee:a3:69:31:81:a6:60:8d:39:5d:8a:75:3a:8d: ad:1e:df:87:6c:60:fa:84:2a:e3:3a:40:e8:b9:65: 29:9c:3d:20:c8:51:2e:78:65:62:31:78:11:13:fe: 36:72:72:a8:f7:3f:76:2e:0f:31:cc:dd:7f:b2:78: ef:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:52:C0:41:7A:87:48:59:99:25:9A:DC:1A:F4:8F:14:67:42:F8:C8 X509v3 Authority Key Identifier: keyid:03:52:83:E6:23:5E:DB:25:E8:B5:47:49:B6:28:5F:5E:3E:F8:53:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:42:ce:f0:e0:e5:c6:2e:91:fa:f1:d6:79:38:df:d7:b4:48: f9:d2:9d:de:f8:00:cf:f8:c0:77:d7:df:28:55:1f:26:16:78: a3:90:c5:c3:4e:e5:fc:e9:9c:ef:cf:ec:db:36:15:e8:40:cd: d9:46:22:74:01:1e:73:5f:1c:1b:75:31:a6:c9:4f:6c:f7:af: 66:98:a0:85:98:d1:14:0f:27:cf:0f:18:23:da:27:81:0d:e9: 49:dd:ad:a3:31:dd:8f:d1:5a:4b:44:d2:f5:02:c9:49:0c:8b: a7:f4:c8:ed:96:07:2a:7d:fb:8c:3f:7f:9c:91:71:f4:74:0c: 7c:54:4a:b1:a3:ed:ef:9f:ac:3c:90:be:6d:ac:58:15:cc:3c: 98:1e:6d:2d:41:51:87:d3:88:59:1f:00:33:06:3d:bd:0a:3e: 2e:19:b2:38:46:49:3a:78:e1:38:31:0e:1f:7e:11:11:b8:18: 0e:d5:9a:b3:df:98:db:ff:c9:79:50:ae:84:f9:1f:66:7b:52: d0:ef:3b:f7:bb:5f:b8:a6:94:99:62:48:01:6b:a5:88:e8:06: 3f:04:e6:33:72:c2:d3:fc:ea:91:16:fd:fb:76:17:5d:53:d8: 56:ca:21:e8:74:ed:b0:3c:3c:62:3e:34:89:2d:7d:ea:0f:f0: aa:e8:18:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt/OYK71GZ9Fz8D+ANNQgyEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNTI4M2U2MjM1ZWRiMjVlOGI1NDc0OWI2Mjg1ZjVlM2Vm ODUzNzEwHhcNMjYwMTAyMTUwMDM0WhcNMjYwMTAzMTUwMDM0WjAzMTEwLwYDVQQD EygwMzUyYzA0MTdhODc0ODU5OTkyNTlhZGMxYWY0OGYxNDY3NDJmOGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocpZhZ934RZWW2rqzLX5O8/iKyuG nMA637ZPJ1pK2R+GeA9sdaVYiaIizg8HBrR48xDSmulgEW5JcwHdge10DEA1Pq82 4jAfoPQ74aGuLxR4/iUpYk02Q707Ea0eW0DX+6JOIWmHiKW3J4FLNUVqR7ASC9oQ TAcV7XllaemLRSYbDQaBYp9yhVWHDgT98prCX7jUW4Lj8d+UcF2kdqd1s/UwNxW3 izMon1VGDF9XDGegnF+tDxNUuDqDMHdf0+TO74/y7qNpMYGmYI05XYp1Oo2tHt+H bGD6hCrjOkDouWUpnD0gyFEueGViMXgRE/42cnKo9z92Lg8xzN1/snjvZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFANSwEF6h0hZmSWa3Br0jxRnQvjIMB8GA1UdIwQY MBaAFANSg+YjXtsl6LVHSbYoX14++FNxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTFLRDVpTmUyeVhvdFVkSnRpaGZYajc0VTNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zMTFmNTctNjQwNC00NDZhLTlmMDgt MTFiOTI5MDY0MDZkLzEvQTFLRDVpTmUyeVhvdFVkSnRpaGZYajc0VTNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8zMTFmNTctNjQwNC00NDZhLTlmMDgtMTFiOTI5MDY0MDZk LzEvQTFLRDVpTmUyeVhvdFVkSnRpaGZYajc0VTNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs0LO8ODl xi6R+vHWeTjf17RI+dKd3vgAz/jAd9ffKFUfJhZ4o5DFw07l/Omc78/s2zYV6EDN 2UYidAEec18cG3UxpslPbPevZpighZjRFA8nzw8YI9ongQ3pSd2tozHdj9FaS0TS 9QLJSQyLp/TI7ZYHKn37jD9/nJFx9HQMfFRKsaPt75+sPJC+baxYFcw8mB5tLUFR h9OIWR8AMwY9vQo+LhmyOEZJOnjhODEOH34REbgYDtWas9+Y2//JeVCuhPkfZntS 0O8797tfuKaUmWJIAWuliOgGPwTmM3LC0/zqkRb9+3YXXVPYVsoh6HTtsDw8Yj40 iS196g/wqugYrA== -----END CERTIFICATE-----Generated at Fri Jan 2 17:08:22 2026 by rpki-client