This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft File: 6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json) Hash identifier: 2h6sjgkCUg88KiGl7AMHp8TYZiltTFXWYruaAGVKngQ= Subject key identifier: 79:4D:4D:E0:72:30:33:A6:ED:EC:4C:D6:48:30:BE:66:D8:B9:1A:47 Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78 Certificate issuer: /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78 Certificate serial: 019BAE6F883C3A32FB91321F112EB99955B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft Manifest number: 0412 Signing time: Sun 11 Jan 2026 19:01:43 +0000 Manifest this update: Sun 11 Jan 2026 19:01:43 +0000 Manifest next update: Mon 12 Jan 2026 19:01:43 +0000 Files and hashes: 1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: OvCyGxKWIcAZvyJ2wqvKnR+1ydufhlSHUPq0gwRbD24=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:6f:88:3c:3a:32:fb:91:32:1f:11:2e:b9:99:55:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78 Validity Not Before: Jan 11 19:01:43 2026 GMT Not After : Jan 12 19:01:43 2026 GMT Subject: CN=794d4de0723033a6edec4cd64830be66d8b91a47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a6:b5:54:72:eb:37:6f:33:3e:b4:27:35:4e: d8:3e:2b:9d:04:e4:96:87:11:1a:8b:d7:d1:52:05: 0b:c9:d6:5d:69:f3:3a:99:09:10:39:e6:0e:1c:a9: 0c:89:12:0f:6b:35:a8:ac:1a:f4:0a:29:ef:de:5f: 18:82:f8:0e:cd:19:6e:cc:19:58:c8:68:49:47:fe: 2e:02:1e:7d:4b:b1:bd:3d:69:b6:89:fb:e7:a9:2c: 87:93:39:7e:f4:3c:c4:7e:02:bd:ba:bf:68:fe:49: 2f:24:cb:b1:7b:61:ab:26:c0:de:c4:bf:01:e1:14: cd:58:dd:b8:40:82:c3:31:ce:10:b9:dc:fe:36:a5: f0:26:b2:1d:a3:8f:dd:9c:87:a2:69:3c:9c:c0:e4: 7e:1f:d6:af:bf:ef:73:8a:5c:9c:c7:1a:27:31:49: 73:c6:83:44:f9:f0:cb:3b:04:b1:c4:74:a0:65:e5: 9c:b8:de:0b:b6:d2:49:dd:7f:87:5f:e0:68:11:e7: ac:7a:40:26:e1:af:2b:98:20:f5:b4:1d:29:93:d5: 0f:b4:12:fa:b2:66:86:de:f2:fb:5a:61:f9:69:d1: 4f:26:9f:97:c0:f9:95:a7:d4:78:3d:61:ac:63:5d: e8:3d:6d:62:7c:0c:82:c3:0c:cf:d6:b0:b3:58:f6: c6:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:4D:4D:E0:72:30:33:A6:ED:EC:4C:D6:48:30:BE:66:D8:B9:1A:47 X509v3 Authority Key Identifier: keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:b6:34:ed:48:1e:5c:64:73:fd:f1:a2:2e:72:22:cb:4b:15: b4:48:71:33:ab:34:a7:f9:ff:da:be:c9:d4:01:07:dd:7c:81: 69:b9:93:96:d5:f4:70:da:d6:eb:8a:06:a7:91:18:e4:4e:01: 39:c8:87:8c:1d:d2:56:fb:24:fc:58:c3:c2:79:a8:aa:c4:a7: b2:1b:4a:42:80:11:ef:00:02:22:d5:7f:20:4a:9b:e9:ee:c3: d9:b6:99:74:4f:b9:ab:25:cb:cb:48:10:50:05:92:dd:c9:96: a9:ed:c3:90:54:8e:27:7a:06:cb:10:90:6c:1b:e5:85:7f:a8: ed:dd:89:7e:71:27:9d:d2:34:71:75:9b:c8:1e:6a:14:07:8e: af:56:80:58:8f:de:d5:84:20:a2:72:93:f1:fe:39:c4:1c:83: 24:b1:c8:c3:1d:db:bc:58:fa:39:b6:9c:f0:72:59:6f:d6:3e: 91:91:b1:40:6a:ec:53:9e:d0:20:c0:c7:42:df:b8:5e:a3:1c: 4e:d6:22:5d:73:9e:2e:3e:55:16:7c:0d:8c:22:28:16:b2:14: ea:73:28:37:d8:b2:21:f6:f3:be:db:8e:9d:94:cf:5c:18:37: 76:be:ca:ef:fa:0b:eb:0b:74:24:53:fe:75:b3:09:79:a0:b7: 45:c5:8c:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuub4g8OjL7kTIfES65mVW2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm ZTNiNzgwHhcNMjYwMTExMTkwMTQzWhcNMjYwMTEyMTkwMTQzWjAzMTEwLwYDVQQD Eyg3OTRkNGRlMDcyMzAzM2E2ZWRlYzRjZDY0ODMwYmU2NmQ4YjkxYTQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6a1VHLrN28zPrQnNU7YPiudBOSW hxEai9fRUgULydZdafM6mQkQOeYOHKkMiRIPazWorBr0Cinv3l8YgvgOzRluzBlY yGhJR/4uAh59S7G9PWm2ifvnqSyHkzl+9DzEfgK9ur9o/kkvJMuxe2GrJsDexL8B 4RTNWN24QILDMc4Qudz+NqXwJrIdo4/dnIeiaTycwOR+H9avv+9zilycxxonMUlz xoNE+fDLOwSxxHSgZeWcuN4LttJJ3X+HX+BoEeesekAm4a8rmCD1tB0pk9UPtBL6 smaG3vL7WmH5adFPJp+XwPmVp9R4PWGsY13oPW1ifAyCwwzP1rCzWPbGgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHlNTeByMDOm7exM1kgwvmbYuRpHMB8GA1UdIwQY MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7Y07Uge XGRz/fGiLnIiy0sVtEhxM6s0p/n/2r7J1AEH3XyBabmTltX0cNrW64oGp5EY5E4B OciHjB3SVvsk/FjDwnmoqsSnshtKQoAR7wACItV/IEqb6e7D2baZdE+5qyXLy0gQ UAWS3cmWqe3DkFSOJ3oGyxCQbBvlhX+o7d2JfnEnndI0cXWbyB5qFAeOr1aAWI/e 1YQgonKT8f45xByDJLHIwx3bvFj6Obac8HJZb9Y+kZGxQGrsU57QIMDHQt+4XqMc TtYiXXOeLj5VFnwNjCIoFrIU6nMoN9iyIfbzvtuOnZTPXBg3dr7K7/oL6wt0JFP+ dbMJeaC3RcWMnA== -----END CERTIFICATE-----Generated at Mon Jan 12 02:56:39 2026 by rpki-client