This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft File: hn3QWtctwi--owKfzukOb7BjiQQ.mft (raw, json) Hash identifier: fBBtV7bAPeqhG40SNAftXlewDiTr8gO/11TzlRiCBWs= Subject key identifier: D7:78:14:1C:2A:41:CA:59:9C:8D:6B:CD:D1:7E:D3:7C:79:91:46:DB Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04 Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904 Certificate serial: 019B7E5E4CE9984E646B4BEBF2C814B0738B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft Manifest number: 17AA Signing time: Fri 02 Jan 2026 11:01:07 +0000 Manifest this update: Fri 02 Jan 2026 11:01:07 +0000 Manifest next update: Sat 03 Jan 2026 11:01:07 +0000 Files and hashes: 1: RRtvAei28-EijoPUYUDN7514nwo.roa (hash: D/rcxbsVh++CM30mNeuIG2vWOtaiLF/fHXsAMj0/18k=) 2: hn3QWtctwi--owKfzukOb7BjiQQ.crl (hash: C9h2Lvn+/9VyPbmkC96MAcLBVG29fDQcJkNF8A9Kbos=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 11:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:5e:4c:e9:98:4e:64:6b:4b:eb:f2:c8:14:b0:73:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904 Validity Not Before: Jan 2 11:01:07 2026 GMT Not After : Jan 3 11:01:07 2026 GMT Subject: CN=d778141c2a41ca599c8d6bcdd17ed37c799146db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:79:14:cc:70:73:59:f1:d5:4e:92:62:ba:90: 9e:fa:e7:d3:82:e5:c9:88:d5:56:4e:d6:f6:fc:fd: 02:22:91:86:10:d4:8f:9a:a9:a6:56:83:4b:4c:2d: a8:73:63:67:f3:c5:97:c1:4c:cc:43:5d:99:e7:17: cb:99:88:6d:fd:a1:a2:ca:35:97:0c:1f:47:eb:6c: b0:0b:c6:25:4c:51:d6:fc:00:26:80:40:06:50:94: b0:3d:ba:37:ce:80:a0:d6:e8:63:5b:5d:e8:39:55: 4c:17:78:76:a5:db:1a:e5:b5:fb:49:00:df:fb:75: 5c:f3:2c:e4:08:e1:36:41:65:bf:1b:78:dc:7f:2d: 99:2c:a6:0d:a2:14:39:64:0d:80:f8:a8:aa:8a:19: 9d:5b:b1:a5:51:f9:72:34:32:21:fa:ef:78:ef:f5: 08:be:4a:b4:20:34:d3:e3:3b:29:57:45:ff:67:a4: a7:3a:51:05:48:11:00:0a:82:36:00:db:67:9d:c3: d4:a9:ea:07:87:f2:cd:b7:d6:31:49:53:88:9b:83: e0:4e:72:04:df:cb:b2:91:8f:d5:67:bd:db:45:df: d3:a2:99:73:17:94:9a:77:c1:52:32:7f:c3:d6:6d: 8c:2e:d7:3c:46:a9:38:66:af:1d:41:57:c3:da:89: 12:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:78:14:1C:2A:41:CA:59:9C:8D:6B:CD:D1:7E:D3:7C:79:91:46:DB X509v3 Authority Key Identifier: keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:6a:ca:59:a1:2d:b3:fe:78:bb:64:8e:cb:cd:3b:bc:0d:f3: d6:f2:6a:53:6d:eb:c1:c1:da:ec:9b:db:30:c0:d8:50:32:9a: 42:34:16:59:94:44:26:85:32:98:29:22:91:16:07:fe:16:cc: 0b:7e:c8:01:e4:55:9f:1c:79:10:20:3a:bc:26:52:ac:87:0b: 7d:cf:9c:05:42:33:92:c7:1e:6f:45:a7:76:a9:7c:ce:4b:de: 6e:71:c2:86:fa:69:a6:a9:91:23:e9:6c:bc:a0:6b:cf:7d:ac: d5:b6:f5:ab:fd:0c:7d:4a:9c:4e:5b:ca:ce:98:41:6a:91:f6: b9:9b:96:e6:4c:63:00:01:07:1c:88:7b:a1:6c:b5:49:6e:c2: 29:e0:08:07:d3:15:90:21:71:8f:b0:ab:49:3f:24:1a:89:f0: 63:c3:f4:65:b7:30:4c:36:a0:21:f0:c4:03:f3:c6:1e:d2:00: 0f:3f:b7:70:06:5a:de:3e:8c:64:f9:c5:8c:ad:ae:59:3b:47: f6:2b:0d:a9:60:a5:d6:88:4f:4a:57:f2:c9:b9:a1:8f:96:2f: e8:f0:bc:e0:be:6b:04:61:36:45:89:8e:40:15:03:22:a2:b0: 5d:4f:84:f0:d6:37:35:a1:b8:ab:03:59:c8:f5:02:a4:f6:90: 3e:19:20:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt+XkzpmE5ka0vr8sgUsHOLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2 Mzg5MDQwHhcNMjYwMTAyMTEwMTA3WhcNMjYwMTAzMTEwMTA3WjAzMTEwLwYDVQQD EyhkNzc4MTQxYzJhNDFjYTU5OWM4ZDZiY2RkMTdlZDM3Yzc5OTE0NmRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3kUzHBzWfHVTpJiupCe+ufTguXJ iNVWTtb2/P0CIpGGENSPmqmmVoNLTC2oc2Nn88WXwUzMQ12Z5xfLmYht/aGiyjWX DB9H62ywC8YlTFHW/AAmgEAGUJSwPbo3zoCg1uhjW13oOVVMF3h2pdsa5bX7SQDf +3Vc8yzkCOE2QWW/G3jcfy2ZLKYNohQ5ZA2A+KiqihmdW7GlUflyNDIh+u947/UI vkq0IDTT4zspV0X/Z6SnOlEFSBEACoI2ANtnncPUqeoHh/LNt9YxSVOIm4PgTnIE 38uykY/VZ73bRd/ToplzF5Sad8FSMn/D1m2MLtc8Rqk4Zq8dQVfD2okSowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNd4FBwqQcpZnI1rzdF+03x5kUbbMB8GA1UdIwQY MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt MjM5ZTVhYmZjYzZhLzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKGrKWaEt s/54u2SOy807vA3z1vJqU23rwcHa7JvbMMDYUDKaQjQWWZREJoUymCkikRYH/hbM C37IAeRVnxx5ECA6vCZSrIcLfc+cBUIzksceb0Wndql8zkvebnHChvpppqmRI+ls vKBrz32s1bb1q/0MfUqcTlvKzphBapH2uZuW5kxjAAEHHIh7oWy1SW7CKeAIB9MV kCFxj7CrST8kGonwY8P0ZbcwTDagIfDEA/PGHtIADz+3cAZa3j6MZPnFjK2uWTtH 9isNqWCl1ohPSlfyybmhj5Yv6PC84L5rBGE2RYmOQBUDIqKwXU+E8NY3NaG4qwNZ yPUCpPaQPhkg5A== -----END CERTIFICATE-----Generated at Fri Jan 2 17:06:28 2026 by rpki-client