This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft File: ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft (raw, json) Hash identifier: KShnZXScmMM5vQYS+RGXEe/gvKIkOtLrcz4jkmTCrlk= Subject key identifier: 7C:23:E4:06:F4:AB:00:1E:2D:7F:9A:77:C2:01:29:1F:DB:22:BC:FD Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC Certificate issuer: /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc Certificate serial: 019BB5F18AAD1EB7FD395A51DDA6F478A387 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft Manifest number: 17C9 Signing time: Tue 13 Jan 2026 06:01:04 +0000 Manifest this update: Tue 13 Jan 2026 06:01:04 +0000 Manifest next update: Wed 14 Jan 2026 06:01:04 +0000 Files and hashes: 1: ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl (hash: CHjaFLZSLZplmfW+XR+Iu+up4HLuUUHGm7VqZ4PNXmU=) 2: j_HPqzEYCSbmN4xFIqdJBXQFYPM.roa (hash: yoT1DifOeGVrHGJeSH6umh8rSky2R54pK6MzOeEXpKY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 06:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b5:f1:8a:ad:1e:b7:fd:39:5a:51:dd:a6:f4:78:a3:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc Validity Not Before: Jan 13 06:01:04 2026 GMT Not After : Jan 14 06:01:04 2026 GMT Subject: CN=7c23e406f4ab001e2d7f9a77c201291fdb22bcfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:67:ed:56:d7:f2:84:cf:b6:4f:d6:e1:74:72: 4b:07:c3:a0:cf:51:3c:59:ae:e3:49:93:d3:ee:3f: 7d:8f:cf:f5:dd:22:cb:22:d1:a2:52:2c:40:a8:e0: 2c:2e:35:8e:d1:91:00:98:b1:e7:d9:a5:67:1f:6f: 14:dd:a2:8e:7b:52:bd:ad:1d:4e:a2:41:d2:ed:08: 92:0e:97:72:04:83:64:14:99:97:00:61:28:fe:e5: 6e:de:71:d5:b5:93:4b:ef:d4:ef:30:7a:7f:43:9b: 33:a4:c2:38:5a:aa:4b:f4:c3:31:40:84:d3:f6:93: d3:a7:cd:d6:f2:fd:ba:0c:b7:69:5d:29:9c:80:02: 16:81:c7:ca:8f:b2:a0:17:0f:b3:7b:af:9f:22:e8: 7c:21:29:33:99:a3:54:ac:2a:8d:e1:9c:a5:8a:84: 81:07:6b:7a:83:f4:85:d4:69:9b:74:0f:fa:50:1c: c6:9f:96:8e:79:e7:7a:a8:b9:c5:ac:68:5b:84:73: 03:72:a2:be:4f:b0:1b:a7:21:a4:b2:68:c2:43:2c: 54:52:a1:d2:9d:e0:c3:ec:1a:12:1e:cc:57:3b:0c: ea:bf:a1:26:df:34:27:34:b9:cf:c0:b8:9b:82:b0: 66:e7:df:c2:02:6f:71:7b:59:5b:7a:fc:5e:6e:9c: ea:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:23:E4:06:F4:AB:00:1E:2D:7F:9A:77:C2:01:29:1F:DB:22:BC:FD X509v3 Authority Key Identifier: keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:c2:b7:83:39:2d:86:7d:e1:34:2a:0d:e1:c9:6d:1d:30:bc: 98:ce:18:36:8a:a1:3e:ca:7b:d2:d6:b1:85:26:b6:fb:d3:7d: 85:b3:40:ec:dd:d5:56:f2:2e:6b:ab:7e:36:5d:d9:0b:ae:1b: 75:3d:fd:26:45:57:f7:dc:3c:69:68:e0:a0:a2:82:c0:2b:c1: 3e:b6:d3:72:7d:8d:24:66:0c:0a:46:cf:35:12:40:c7:50:bb: 45:3d:23:22:4f:eb:6f:9c:2b:bb:b0:6e:18:0a:15:1b:5b:07: 47:47:72:27:da:62:61:f7:c2:81:c4:0d:e8:d5:1c:c2:c6:85: d3:e0:38:c8:af:e0:a9:d9:04:36:b1:19:2a:c2:cc:f7:79:c1: df:15:6c:c3:25:97:99:03:4e:74:63:1d:a9:b2:ed:76:96:b2: d6:96:08:0e:2e:17:de:5c:a4:91:27:c4:5e:81:94:cf:cd:ad: 4e:87:8b:92:88:2e:5a:9c:ae:e3:63:3e:fa:1e:5a:0f:33:c7: b4:9b:28:fa:99:b9:09:a6:25:53:49:db:c1:18:2b:59:14:9b: 5c:6f:f1:a2:76:5a:59:c9:bd:a1:1c:38:42:d8:c1:4b:3c:c7: 4e:39:b8:da:cd:96:57:d3:10:24:5b:a7:1e:b1:7d:43:1b:d8: b1:7d:a2:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZu18YqtHrf9OVpR3ab0eKOHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0 ZmI2ZmMwHhcNMjYwMTEzMDYwMTA0WhcNMjYwMTE0MDYwMTA0WjAzMTEwLwYDVQQD Eyg3YzIzZTQwNmY0YWIwMDFlMmQ3ZjlhNzdjMjAxMjkxZmRiMjJiY2ZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2ftVtfyhM+2T9bhdHJLB8Ogz1E8 Wa7jSZPT7j99j8/13SLLItGiUixAqOAsLjWO0ZEAmLHn2aVnH28U3aKOe1K9rR1O okHS7QiSDpdyBINkFJmXAGEo/uVu3nHVtZNL79TvMHp/Q5szpMI4WqpL9MMxQITT 9pPTp83W8v26DLdpXSmcgAIWgcfKj7KgFw+ze6+fIuh8ISkzmaNUrCqN4ZylioSB B2t6g/SF1GmbdA/6UBzGn5aOeed6qLnFrGhbhHMDcqK+T7AbpyGksmjCQyxUUqHS neDD7BoSHsxXOwzqv6Em3zQnNLnPwLibgrBm59/CAm9xe1lbevxebpzqkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHwj5Ab0qwAeLX+ad8IBKR/bIrz9MB8GA1UdIwQY MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt ODk4NjM0OTQyMjg1LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1 LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgMK3gzkt hn3hNCoN4cltHTC8mM4YNoqhPsp70taxhSa2+9N9hbNA7N3VVvIua6t+Nl3ZC64b dT39JkVX99w8aWjgoKKCwCvBPrbTcn2NJGYMCkbPNRJAx1C7RT0jIk/rb5wru7Bu GAoVG1sHR0dyJ9piYffCgcQN6NUcwsaF0+A4yK/gqdkENrEZKsLM93nB3xVswyWX mQNOdGMdqbLtdpay1pYIDi4X3lykkSfEXoGUz82tToeLkoguWpyu42M++h5aDzPH tJso+pm5CaYlU0nbwRgrWRSbXG/xonZaWcm9oRw4QtjBSzzHTjm42s2WV9MQJFun HrF9QxvYsX2iKg== -----END CERTIFICATE-----Generated at Tue Jan 13 14:41:57 2026 by rpki-client