This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft File: rjRcTQnm4iTh2vRmV9PHEYewIjY.mft (raw, json) Hash identifier: kWapWK2+N+5robklFIaAxqxL/NM3hEmufu+KdApO5n8= Subject key identifier: A7:EE:A0:11:6F:2F:5C:4D:E6:6C:31:57:7B:C2:0D:A7:8D:24:E2:5F Authority key identifier: AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 Certificate issuer: /CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Certificate serial: 019B796E59A924519C851F3320E554A6A37D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft Manifest number: 06F1 Signing time: Thu 01 Jan 2026 12:00:33 +0000 Manifest this update: Thu 01 Jan 2026 12:00:33 +0000 Manifest next update: Fri 02 Jan 2026 12:00:33 +0000 Files and hashes: 1: rjRcTQnm4iTh2vRmV9PHEYewIjY.crl (hash: +u7C9c9vL/py8mRpw5V4gOixS6X8kOhjuHH/TRLFpYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 12:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:6e:59:a9:24:51:9c:85:1f:33:20:e5:54:a6:a3:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Validity Not Before: Jan 1 12:00:33 2026 GMT Not After : Jan 2 12:00:33 2026 GMT Subject: CN=a7eea0116f2f5c4de66c31577bc20da78d24e25f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d6:58:59:96:89:5e:9b:e3:42:1b:a8:dd:62: 3c:c0:a6:85:6c:d2:95:48:8b:e2:aa:71:4c:18:5e: c6:7a:d9:f5:5e:b9:66:60:23:f5:20:bd:f0:9e:00: 6d:b0:ba:7c:cb:9b:e9:be:7d:ee:a3:72:d0:11:38: d8:f6:c3:ae:a1:ae:ec:90:dc:48:70:85:1d:ba:60: 92:96:4f:11:c4:10:d9:6f:31:1d:c4:74:70:43:30: 98:2e:ac:3b:84:e7:bf:c4:06:5d:2b:41:5b:f2:eb: 8c:a3:93:ca:d8:9c:19:ec:9f:a8:05:62:df:a6:86: 2b:21:ce:81:8c:00:46:14:b5:52:0c:88:68:80:2e: 6d:6e:55:72:0f:30:bc:d8:81:9d:20:97:89:7d:75: b0:06:3f:67:df:9c:45:c0:80:fe:a1:f6:eb:61:09: 85:41:a9:bf:09:37:09:f2:f2:af:e0:95:4a:22:6e: d3:d4:34:01:11:0c:e1:5f:52:75:93:b5:cb:cd:fb: 55:aa:22:93:d9:76:6f:ac:6b:e0:b4:9d:c7:be:07: 8b:7d:b0:69:28:02:ed:9e:58:39:b6:59:fe:4a:19: 62:49:57:a7:48:31:5e:c0:36:65:08:21:05:45:94: b4:9f:94:e9:23:74:b1:4b:6e:c2:a4:d1:aa:5c:c1: e5:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:EE:A0:11:6F:2F:5C:4D:E6:6C:31:57:7B:C2:0D:A7:8D:24:E2:5F X509v3 Authority Key Identifier: keyid:AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:4b:66:28:d3:e8:0f:3b:b0:99:36:72:21:a9:7e:85:87:bd: fa:d3:c7:0e:cb:80:55:3b:4a:ed:c8:c3:19:12:0f:3d:0d:41: 69:e9:0f:75:3e:d2:fd:f9:bf:9d:bb:64:d6:c1:29:89:f5:b5: 90:d9:5b:d0:d2:20:a3:c0:f0:82:55:d4:39:06:d5:99:7a:a4: b8:3e:2a:a8:f5:e3:9c:5c:ce:c2:f9:16:e7:44:2e:16:65:f2: e9:8f:1e:03:e8:58:d0:1b:ae:79:23:4a:24:7a:00:93:a8:33: 30:ee:70:7f:31:11:ec:3d:17:18:97:b1:60:dc:27:66:c7:9c: c9:65:1d:b5:31:f7:d3:be:d4:e2:c6:86:6f:e0:98:25:a8:f7: 39:5d:25:8b:d4:63:b8:04:93:00:46:74:0d:db:02:80:8e:e9: 8f:b3:3f:02:33:31:82:49:a8:19:77:e0:e5:e6:85:7a:d4:a1: 9b:3d:3a:63:de:1b:64:09:10:f1:81:b4:7f:33:33:f9:7f:fc: 8c:53:45:58:01:51:46:a5:02:b5:3e:5a:9e:05:a3:da:f7:78: 80:33:88:0e:b8:a6:34:a1:0b:d0:b5:3a:a9:e3:89:45:eb:a7: f9:44:e7:d5:70:54:a9:49:43:01:9c:e6:ee:08:4a:cf:7a:39: 35:0e:56:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt5blmpJFGchR8zIOVUpqN9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlMzQ1YzRkMDllNmUyMjRlMWRhZjQ2NjU3ZDNjNzExODdi MDIyMzYwHhcNMjYwMTAxMTIwMDMzWhcNMjYwMTAyMTIwMDMzWjAzMTEwLwYDVQQD EyhhN2VlYTAxMTZmMmY1YzRkZTY2YzMxNTc3YmMyMGRhNzhkMjRlMjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NZYWZaJXpvjQhuo3WI8wKaFbNKV SIviqnFMGF7Getn1XrlmYCP1IL3wngBtsLp8y5vpvn3uo3LQETjY9sOuoa7skNxI cIUdumCSlk8RxBDZbzEdxHRwQzCYLqw7hOe/xAZdK0Fb8uuMo5PK2JwZ7J+oBWLf poYrIc6BjABGFLVSDIhogC5tblVyDzC82IGdIJeJfXWwBj9n35xFwID+ofbrYQmF Qam/CTcJ8vKv4JVKIm7T1DQBEQzhX1J1k7XLzftVqiKT2XZvrGvgtJ3HvgeLfbBp KALtnlg5tln+ShliSVenSDFewDZlCCEFRZS0n5TpI3SxS27CpNGqXMHl0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKfuoBFvL1xN5mwxV3vCDaeNJOJfMB8GA1UdIwQY MBaAFK40XE0J5uIk4dr0ZlfTxxGHsCI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDkt M2JmNjE3NzlkZGM3LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDktM2JmNjE3NzlkZGM3 LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkktmKNPo DzuwmTZyIal+hYe9+tPHDsuAVTtK7cjDGRIPPQ1BaekPdT7S/fm/nbtk1sEpifW1 kNlb0NIgo8DwglXUOQbVmXqkuD4qqPXjnFzOwvkW50QuFmXy6Y8eA+hY0BuueSNK JHoAk6gzMO5wfzER7D0XGJexYNwnZsecyWUdtTH3077U4saGb+CYJaj3OV0li9Rj uASTAEZ0DdsCgI7pj7M/AjMxgkmoGXfg5eaFetShmz06Y94bZAkQ8YG0fzMz+X/8 jFNFWAFRRqUCtT5angWj2vd4gDOIDrimNKEL0LU6qeOJReun+UTn1XBUqUlDAZzm 7ghKz3o5NQ5W0A== -----END CERTIFICATE-----Generated at Thu Jan 1 19:46:48 2026 by rpki-client