This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft File: USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json) Hash identifier: L2NFUqMWSATdU4nKWlyWQag89RCRjs/8LbpvvTmsvqI= Subject key identifier: 54:6C:E8:63:97:77:DC:06:89:0B:16:69:A7:FB:76:30:78:9F:57:1F Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27 Certificate issuer: /CN=51277bc38c12e042eddf56d7e75f50563c4bd227 Certificate serial: 019BB24CB1245DBEEEDA85AB42C48FBEA091 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft Manifest number: 17C1 Signing time: Mon 12 Jan 2026 13:02:09 +0000 Manifest this update: Mon 12 Jan 2026 13:02:09 +0000 Manifest next update: Tue 13 Jan 2026 13:02:09 +0000 Files and hashes: 1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: UQzLBN3tT+0YtC60099feMPlxIgkFN5JmsBIvjG5GL0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b2:4c:b1:24:5d:be:ee:da:85:ab:42:c4:8f:be:a0:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227 Validity Not Before: Jan 12 13:02:09 2026 GMT Not After : Jan 13 13:02:09 2026 GMT Subject: CN=546ce8639777dc06890b1669a7fb7630789f571f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f9:b2:02:5f:ad:14:48:6f:4e:d1:fd:b8:59: 20:0c:ce:09:1e:87:7b:fa:8a:4c:11:59:79:e7:75: 8b:f1:0f:9b:2e:43:5d:eb:30:96:39:68:5b:f1:1b: 77:ef:90:66:70:f7:cf:e7:da:46:66:7b:71:b7:4f: 7e:05:56:38:59:33:a3:17:17:16:1a:d9:51:44:3b: b0:52:da:b0:f4:46:32:8c:4b:8d:f2:20:a8:a5:eb: 12:77:a2:db:49:07:a6:e5:5d:9f:53:b6:6b:5d:fe: e4:64:3c:0f:ed:79:68:c2:8a:71:49:8f:6d:05:56: b0:05:4d:b6:aa:9f:47:49:48:44:4f:4a:2f:61:5d: 8a:21:fc:8c:fb:07:fa:1d:2d:0c:e5:6f:cc:b6:34: ad:e8:ed:f1:d0:68:2e:60:09:3d:78:32:25:9a:50: b1:f4:b6:a8:67:4b:c6:22:5b:c0:bf:59:db:2e:66: 50:ab:a8:8c:bd:75:ad:b6:34:85:d1:08:48:f4:64: 61:a4:11:03:5e:d2:53:94:13:70:21:b8:2a:a6:ea: d0:9e:91:8d:d4:eb:3d:ab:09:b1:f4:14:b3:74:e2: 9b:72:a1:39:08:55:47:10:ad:99:e2:28:34:46:0f: 04:10:14:07:ae:8d:3f:7c:e0:be:b5:b5:fa:ef:08: be:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:6C:E8:63:97:77:DC:06:89:0B:16:69:A7:FB:76:30:78:9F:57:1F X509v3 Authority Key Identifier: keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:ad:f3:79:0b:4f:66:42:3e:7b:64:6e:96:6c:65:5e:94:aa: ce:30:2d:3d:c0:13:51:7e:e3:d7:9f:cb:21:3f:14:1f:d1:cf: 0f:7e:52:af:f0:51:4d:02:58:6c:66:53:82:83:0b:bc:f0:73: 9a:1c:d2:08:fe:2c:f0:d9:e3:d4:66:fa:cc:b1:e4:6b:3a:7b: bd:a7:b9:ef:73:aa:23:53:1d:08:f8:6b:4b:c8:07:04:18:81: 83:7c:9b:5b:2e:be:e2:08:54:53:62:6a:31:56:d8:a4:f5:b4: 27:71:b3:3e:96:9a:11:33:2a:9a:68:d3:65:8f:72:46:16:7c: 77:0a:32:1a:73:f4:b6:d0:19:50:26:24:83:12:cb:b8:9f:e3: 9b:65:d9:49:f4:b5:8b:8a:85:68:56:27:14:07:45:50:0f:b2: 19:c9:3d:17:9f:2a:5e:c3:a0:02:95:59:ea:b7:07:d4:bb:6c: e1:79:00:56:0b:c4:10:05:9e:8b:e5:0b:36:91:1d:36:a4:ac: 43:2a:44:18:6b:ef:81:9c:2b:4e:36:03:de:f7:2c:02:11:b9: b6:5c:ca:5f:8c:fa:e3:29:99:72:3b:84:7e:9f:7b:ed:85:cd: d3:03:a9:80:02:87:77:3e:44:1b:05:80:fd:3e:36:13:c2:92: 5b:c1:77:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuyTLEkXb7u2oWrQsSPvqCRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0 YmQyMjcwHhcNMjYwMTEyMTMwMjA5WhcNMjYwMTEzMTMwMjA5WjAzMTEwLwYDVQQD Eyg1NDZjZTg2Mzk3NzdkYzA2ODkwYjE2NjlhN2ZiNzYzMDc4OWY1NzFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/myAl+tFEhvTtH9uFkgDM4JHod7 +opMEVl553WL8Q+bLkNd6zCWOWhb8Rt375BmcPfP59pGZntxt09+BVY4WTOjFxcW GtlRRDuwUtqw9EYyjEuN8iCopesSd6LbSQem5V2fU7ZrXf7kZDwP7XlowopxSY9t BVawBU22qp9HSUhET0ovYV2KIfyM+wf6HS0M5W/MtjSt6O3x0GguYAk9eDIlmlCx 9LaoZ0vGIlvAv1nbLmZQq6iMvXWttjSF0QhI9GRhpBEDXtJTlBNwIbgqpurQnpGN 1Os9qwmx9BSzdOKbcqE5CFVHEK2Z4ig0Rg8EEBQHro0/fOC+tbX67wi+eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRs6GOXd9wGiQsWaaf7djB4n1cfMB8GA1UdIwQY MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1 LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYq3zeQtP ZkI+e2RulmxlXpSqzjAtPcATUX7j15/LIT8UH9HPD35Sr/BRTQJYbGZTgoMLvPBz mhzSCP4s8Nnj1Gb6zLHkazp7vae573OqI1MdCPhrS8gHBBiBg3ybWy6+4ghUU2Jq MVbYpPW0J3GzPpaaETMqmmjTZY9yRhZ8dwoyGnP0ttAZUCYkgxLLuJ/jm2XZSfS1 i4qFaFYnFAdFUA+yGck9F58qXsOgApVZ6rcH1Lts4XkAVgvEEAWei+ULNpEdNqSs QypEGGvvgZwrTjYD3vcsAhG5tlzKX4z64ymZcjuEfp977YXN0wOpgAKHdz5EGwWA /T42E8KSW8F37g== -----END CERTIFICATE-----Generated at Mon Jan 12 15:47:09 2026 by rpki-client