This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft File: uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json) Hash identifier: In7/QaAuk0fUxG3oCaJuffTcu37Z22Ub/MLcxuhRHss= Subject key identifier: 39:BD:05:D1:0D:CD:B7:7B:A0:5D:2E:1D:2C:D9:B5:D0:94:88:72:4D Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E Certificate issuer: /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e Certificate serial: 019BB439FCDAE47E698FEC5D8E2081787582 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft Manifest number: 0FA3 Signing time: Mon 12 Jan 2026 22:00:57 +0000 Manifest this update: Mon 12 Jan 2026 22:00:57 +0000 Manifest next update: Tue 13 Jan 2026 22:00:57 +0000 Files and hashes: 1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: uKJWSe3AXvnrgixE9lOSHF0cilLAGCPAbO2sI/fPSbQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 22:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b4:39:fc:da:e4:7e:69:8f:ec:5d:8e:20:81:78:75:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e Validity Not Before: Jan 12 22:00:57 2026 GMT Not After : Jan 13 22:00:57 2026 GMT Subject: CN=39bd05d10dcdb77ba05d2e1d2cd9b5d09488724d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1a:1a:ea:d3:e6:c2:60:de:f7:b6:05:34:32: ed:43:35:f7:3f:57:da:82:a3:18:0f:29:26:5c:9b: 9b:6a:46:c1:72:e5:f7:5e:a6:2e:31:cf:fc:93:e7: c5:00:63:6e:b9:78:45:09:e5:ee:b9:47:f0:19:4e: 95:47:66:81:7f:7c:1a:9a:1a:cf:0f:e2:4a:5d:f1: b6:68:c8:17:97:ff:18:4f:fc:20:0e:09:96:08:1c: 23:fb:31:7c:69:6c:1e:ce:cd:c6:fe:8a:89:e9:51: 82:c5:ae:72:79:9b:47:99:5d:07:c8:ce:6a:7d:4f: 6e:53:72:93:c1:da:d6:9a:18:90:3d:ef:2b:30:a5: 75:94:94:d9:ae:73:99:ef:f2:b8:cc:df:9e:b6:bf: 56:1c:40:9f:42:67:35:d2:dc:84:26:d9:cd:49:8c: 15:cf:cc:0f:39:6b:06:02:2b:a5:49:e8:27:91:f5: ce:f0:f1:a7:83:ed:5b:8a:f4:ef:7d:bc:47:e4:fe: 3d:19:7d:d1:13:73:a6:f9:9e:c0:b5:e7:61:9d:e1: 5d:6b:84:ea:52:85:7e:2d:6a:ee:68:99:4d:d7:44: 07:86:7d:40:0f:7e:b0:9d:b2:e2:f2:0f:cb:13:8e: 95:c7:28:53:c8:81:b6:db:78:b9:60:aa:32:86:b6: 15:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:BD:05:D1:0D:CD:B7:7B:A0:5D:2E:1D:2C:D9:B5:D0:94:88:72:4D X509v3 Authority Key Identifier: keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:17:0a:44:b2:a4:44:53:50:f4:f6:47:be:b2:0a:44:01:57: 27:6c:e7:4a:11:e5:41:b2:39:3f:4c:e5:fe:ee:11:12:ad:f0: 83:0f:5e:49:9f:1e:d1:cf:0f:b2:f3:c1:5e:c7:3f:e4:40:a3: 01:fb:ba:7b:97:a4:e2:3e:6e:0c:c7:19:e9:1f:60:7f:84:98: ab:90:bc:fc:d2:15:6d:65:27:39:e7:21:2b:2f:24:a4:6d:f3: 2b:57:52:e3:13:b4:1a:12:af:4d:b9:3b:3f:e5:18:57:f3:58: fc:43:ed:09:1a:70:de:49:fa:f7:d4:85:89:f2:bb:b6:5d:08: 39:f0:59:97:e5:14:0c:f7:f6:7c:28:cc:74:69:30:9a:ac:26: 21:c0:96:68:4f:70:94:46:0b:86:d7:6e:91:80:1e:0b:4f:ea: 3b:97:e8:d6:26:d0:3a:96:1d:9b:d7:42:40:bf:f6:14:94:97: 3c:f6:12:1d:13:19:6b:17:7c:31:17:97:7f:34:dd:e4:b4:57: a7:ba:04:a7:3a:8d:22:d1:10:56:7e:6c:c8:a4:60:7f:d8:ed: e3:48:d5:90:1d:98:7d:b6:cf:c8:fd:76:f8:58:d0:99:3f:a8: 23:38:5d:45:4a:7f:31:2e:52:f4:ba:6b:9b:25:52:f9:0d:94: 8e:87:fc:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZu0Ofza5H5pj+xdjiCBeHWCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3 NGE0MGUwHhcNMjYwMTEyMjIwMDU3WhcNMjYwMTEzMjIwMDU3WjAzMTEwLwYDVQQD EygzOWJkMDVkMTBkY2RiNzdiYTA1ZDJlMWQyY2Q5YjVkMDk0ODg3MjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBoa6tPmwmDe97YFNDLtQzX3P1fa gqMYDykmXJubakbBcuX3XqYuMc/8k+fFAGNuuXhFCeXuuUfwGU6VR2aBf3wamhrP D+JKXfG2aMgXl/8YT/wgDgmWCBwj+zF8aWwezs3G/oqJ6VGCxa5yeZtHmV0HyM5q fU9uU3KTwdrWmhiQPe8rMKV1lJTZrnOZ7/K4zN+etr9WHECfQmc10tyEJtnNSYwV z8wPOWsGAiulSegnkfXO8PGng+1bivTvfbxH5P49GX3RE3Om+Z7AtedhneFda4Tq UoV+LWruaJlN10QHhn1AD36wnbLi8g/LE46VxyhTyIG223i5YKoyhrYVnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDm9BdENzbd7oF0uHSzZtdCUiHJNMB8GA1UdIwQY MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADRcKRLKk RFNQ9PZHvrIKRAFXJ2znShHlQbI5P0zl/u4REq3wgw9eSZ8e0c8PsvPBXsc/5ECj Afu6e5ek4j5uDMcZ6R9gf4SYq5C8/NIVbWUnOechKy8kpG3zK1dS4xO0GhKvTbk7 P+UYV/NY/EPtCRpw3kn699SFifK7tl0IOfBZl+UUDPf2fCjMdGkwmqwmIcCWaE9w lEYLhtdukYAeC0/qO5fo1ibQOpYdm9dCQL/2FJSXPPYSHRMZaxd8MReXfzTd5LRX p7oEpzqNItEQVn5syKRgf9jt40jVkB2YfbbPyP12+FjQmT+oIzhdRUp/MS5S9Lpr myVS+Q2Ujof8sQ== -----END CERTIFICATE-----Generated at Tue Jan 13 07:00:47 2026 by rpki-client