This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft File: siDZG06dcPA0-hahaoh9QlV5Kt4.mft (raw, json) Hash identifier: kvyLpmzgTBlesY1Aqn1RwztVjnQ30R7Iy++cefSWOr4= Subject key identifier: 4D:80:F3:1B:29:DF:8A:FB:2D:54:32:36:28:CF:08:7F:82:CC:CE:9E Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade Certificate serial: 019B796E8B1EEDBDFBB3BB4EC6410E5AEC4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft Manifest number: 17A8 Signing time: Thu 01 Jan 2026 12:00:46 +0000 Manifest this update: Thu 01 Jan 2026 12:00:46 +0000 Manifest next update: Fri 02 Jan 2026 12:00:46 +0000 Files and hashes: 1: mCm-KBIMQ6gtgsW9oEUxZqdGcRM.roa (hash: ItOlCehgUekOH/ud/IMp3e9dVCyKMOt54wV1YDUzoCg=) 2: siDZG06dcPA0-hahaoh9QlV5Kt4.crl (hash: Xp24V4uasfsTr6l5pHv9dSVyfJdDbV6g6m6DVp1/Yaw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:6e:8b:1e:ed:bd:fb:b3:bb:4e:c6:41:0e:5a:ec:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade Validity Not Before: Jan 1 12:00:46 2026 GMT Not After : Jan 2 12:00:46 2026 GMT Subject: CN=4d80f31b29df8afb2d54323628cf087f82ccce9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4c:4c:e4:ed:ff:fb:9f:08:1b:26:59:07:b5: a9:30:dd:26:ba:bd:9a:1c:b8:a1:05:c5:0c:c7:ee: 85:ba:63:41:d7:89:62:71:04:9d:bf:30:c1:48:5a: 94:2a:eb:79:51:32:17:71:da:2e:ee:ad:23:12:2e: fa:e6:cb:d9:fa:df:60:60:02:5f:68:00:66:c4:f2: 24:c8:d1:b1:58:09:ae:14:bc:bc:d7:c8:23:aa:46: 14:d5:f6:84:3f:e8:f3:6c:8a:e6:b0:c8:aa:26:2c: 7e:02:a0:3e:53:ec:3c:51:13:4f:9b:f5:3c:30:34: 01:12:01:52:04:3a:33:f5:53:3c:51:8f:26:57:e2: fc:32:8e:39:2f:f9:21:0d:3d:fd:95:94:9e:ff:3f: d6:bf:d9:83:7f:59:cb:a8:74:ae:44:4a:93:ce:2e: 38:fc:86:2d:17:6f:12:1f:2e:03:24:68:78:97:85: a3:6a:77:97:98:70:42:37:80:18:1f:50:50:0e:f2: d0:1c:b7:31:12:cb:09:69:de:93:65:fb:d4:7c:48: 59:11:f4:bc:ea:02:48:df:df:cd:10:89:62:a1:0c: 26:c0:f8:ad:87:60:fe:41:5d:e9:f1:8c:61:ac:5f: a5:48:1e:27:94:1d:0f:a4:b5:52:63:a4:2b:b2:7c: 80:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:80:F3:1B:29:DF:8A:FB:2D:54:32:36:28:CF:08:7F:82:CC:CE:9E X509v3 Authority Key Identifier: keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:ac:2d:02:29:97:65:38:af:dc:47:e0:a7:51:de:b9:e3:6f: 2f:a1:70:5e:ab:78:2b:d6:cf:f4:d0:f8:1d:91:31:34:c2:eb: 3a:34:2d:9e:c7:81:d5:16:53:93:5e:d2:df:22:06:ba:84:09: 9f:7a:79:22:94:7e:5d:07:c1:e5:9a:ab:9d:19:19:01:31:ad: 7e:3b:26:f8:fa:4e:90:1e:fb:a2:11:21:f3:82:51:5c:99:4f: 01:e9:fb:5c:01:6e:f5:b4:fc:5c:4b:0c:6e:d2:f0:1b:17:a0: 7a:dc:c1:b6:59:af:7b:1c:37:83:24:93:57:c8:85:9e:a9:a2: db:fa:32:98:c1:64:41:e9:d7:5a:50:5f:4c:9b:62:f5:53:9e: 85:16:b6:f9:20:71:a1:f7:bb:29:02:7f:22:fa:87:64:d2:76: 2b:cd:a6:19:5d:ce:a3:21:3c:6b:41:0f:11:71:66:e7:35:e7: a3:6b:bd:da:ed:33:48:7c:ea:82:18:96:3d:1a:97:d6:5d:a5: 2a:32:5d:e3:d4:7b:46:4e:95:0d:9d:b0:fd:b2:0c:bd:56:2a: c8:b5:69:a4:07:e7:b5:eb:50:a8:0f:b0:e4:c9:88:e3:46:99: d4:0e:a9:0d:0b:8e:31:df:04:ab:1b:50:a5:cd:6a:82:12:ae: 00:50:11:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt5bose7b37s7tOxkEOWuxPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3 OTJhZGUwHhcNMjYwMTAxMTIwMDQ2WhcNMjYwMTAyMTIwMDQ2WjAzMTEwLwYDVQQD Eyg0ZDgwZjMxYjI5ZGY4YWZiMmQ1NDMyMzYyOGNmMDg3ZjgyY2NjZTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0xM5O3/+58IGyZZB7WpMN0mur2a HLihBcUMx+6FumNB14licQSdvzDBSFqUKut5UTIXcdou7q0jEi765svZ+t9gYAJf aABmxPIkyNGxWAmuFLy818gjqkYU1faEP+jzbIrmsMiqJix+AqA+U+w8URNPm/U8 MDQBEgFSBDoz9VM8UY8mV+L8Mo45L/khDT39lZSe/z/Wv9mDf1nLqHSuREqTzi44 /IYtF28SHy4DJGh4l4WjaneXmHBCN4AYH1BQDvLQHLcxEssJad6TZfvUfEhZEfS8 6gJI39/NEIlioQwmwPith2D+QV3p8YxhrF+lSB4nlB0PpLVSY6QrsnyAMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE2A8xsp34r7LVQyNijPCH+CzM6eMB8GA1UdIwQY MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt OTg3MTczYjllOTg3LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3 LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHKwtAimX ZTiv3Efgp1HeueNvL6FwXqt4K9bP9ND4HZExNMLrOjQtnseB1RZTk17S3yIGuoQJ n3p5IpR+XQfB5ZqrnRkZATGtfjsm+PpOkB77ohEh84JRXJlPAen7XAFu9bT8XEsM btLwGxegetzBtlmvexw3gySTV8iFnqmi2/oymMFkQenXWlBfTJti9VOehRa2+SBx ofe7KQJ/IvqHZNJ2K82mGV3OoyE8a0EPEXFm5zXno2u92u0zSHzqghiWPRqX1l2l KjJd49R7Rk6VDZ2w/bIMvVYqyLVppAfntetQqA+w5MmI40aZ1A6pDQuOMd8EqxtQ pc1qghKuAFARcQ== -----END CERTIFICATE-----Generated at Thu Jan 1 18:04:39 2026 by rpki-client