This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.mft File: aHmbdytVHbeE7rqLDhFaDEM807o.mft (raw, json) Hash identifier: ncKoI/ciWZwz1tror3hgbBRloWSU8ThgqhpZ4BA1Dwk= Subject key identifier: 99:6A:08:3D:28:07:DB:9B:6C:06:5E:10:46:CB:54:CB:89:A1:05:CE Authority key identifier: 68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA Certificate issuer: /CN=68799b772b551db784eeba8b0e115a0c433cd3ba Certificate serial: 019B78C9DC36459CEFDBAF6E7A931134C179 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.mft Manifest number: 17A9 Signing time: Thu 01 Jan 2026 09:00:53 +0000 Manifest this update: Thu 01 Jan 2026 09:00:53 +0000 Manifest next update: Fri 02 Jan 2026 09:00:53 +0000 Files and hashes: 1: QIpPOWuJUQR17x2KgabcF3hdBpY.roa (hash: DGCugI0Fd9+HXtUvL1bfCetCLc7iYLKfDAKTqy9sWJY=) 2: aHmbdytVHbeE7rqLDhFaDEM807o.crl (hash: SLzFzzdwV3j9zVhncUJqPG9Rt3/T0UC2svfF7/DN484=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.mft rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:c9:dc:36:45:9c:ef:db:af:6e:7a:93:11:34:c1:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68799b772b551db784eeba8b0e115a0c433cd3ba Validity Not Before: Jan 1 09:00:53 2026 GMT Not After : Jan 2 09:00:53 2026 GMT Subject: CN=996a083d2807db9b6c065e1046cb54cb89a105ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:79:a0:ff:ab:7b:96:c7:44:f5:66:cc:07:a9: a2:f7:1d:f0:a9:24:34:ae:d2:1d:13:70:22:0e:35: 39:c9:2d:ba:c8:80:c7:d4:da:00:66:9e:69:9f:dd: 1f:fc:c1:45:4e:ce:dd:95:14:cc:bf:db:f4:6b:cb: 8d:d0:e4:26:e7:c2:ad:0e:03:91:96:4d:78:bf:69: 9e:01:0e:29:23:d5:18:31:f6:fb:78:22:72:a5:da: 0d:29:73:84:f1:48:68:86:59:90:23:1b:b3:39:5b: b8:f3:c0:2f:a2:64:d2:01:01:05:4f:83:ab:70:ae: 1b:37:75:3d:8a:29:d7:c4:c0:37:55:b2:85:2f:dd: 59:28:16:8d:a5:bb:d3:5a:c2:9e:5f:08:89:2d:02: c0:bc:04:25:f7:fe:d2:e5:33:49:2b:94:56:b4:ff: 0d:5c:32:d2:7b:48:a0:f8:ab:31:ba:54:07:0e:42: 23:ba:00:9e:d4:13:a5:ee:91:fb:63:d0:e8:69:e5: 53:48:b4:42:e9:34:43:85:e8:8b:dc:90:d5:a5:53: bf:cd:87:c8:2c:f8:e8:4e:a7:f3:84:7c:13:44:65: 4d:29:8f:cf:3d:40:45:83:d8:56:c0:4a:d0:81:8c: 22:5a:67:83:79:6a:d1:fd:06:5a:da:8d:8f:4b:7a: dc:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:6A:08:3D:28:07:DB:9B:6C:06:5E:10:46:CB:54:CB:89:A1:05:CE X509v3 Authority Key Identifier: keyid:68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:41:6f:ce:14:28:95:df:18:95:58:dc:10:35:98:a8:06:8c: ed:aa:25:9d:68:f6:99:b3:8a:59:62:9c:17:13:89:c6:fd:b0: 74:b2:90:e2:ea:8d:54:55:0e:6f:a1:da:03:f3:68:de:96:fd: 19:81:81:39:9e:1a:35:50:ef:7c:90:6e:1d:40:a5:bf:a1:ba: f9:1d:78:ac:f6:c9:c6:1f:17:c2:fc:90:74:47:ad:f5:65:c2: 86:68:cc:a1:bc:d3:b0:8d:be:5c:49:83:28:ee:57:61:79:f0: 46:36:3f:35:87:43:c2:dc:d1:d2:db:38:19:ca:09:de:46:ee: 82:1c:39:f7:ce:97:97:95:a8:24:e9:99:fc:7f:fc:b5:db:fe: 20:28:63:c5:77:5d:f1:92:25:ac:59:4c:c9:26:80:24:e4:12: 75:33:2a:14:30:d3:cc:b0:2a:15:69:09:32:9d:5c:40:dc:dd: f3:98:ae:33:ce:25:24:55:4d:f7:a5:7d:c2:4f:75:b0:98:aa: 7f:77:57:5e:97:97:38:b9:06:fe:cc:60:09:2d:7a:b7:23:c7: 9c:df:88:c6:81:ad:48:a1:87:3c:9b:24:d6:a0:cb:35:e3:24: 06:77:32:dd:68:9e:b5:cd:ec:4c:88:b6:e6:df:b8:f9:de:c8: cb:b8:b1:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt4ydw2RZzv269uepMRNMF5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4Nzk5Yjc3MmI1NTFkYjc4NGVlYmE4YjBlMTE1YTBjNDMz Y2QzYmEwHhcNMjYwMTAxMDkwMDUzWhcNMjYwMTAyMDkwMDUzWjAzMTEwLwYDVQQD Eyg5OTZhMDgzZDI4MDdkYjliNmMwNjVlMTA0NmNiNTRjYjg5YTEwNWNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3mg/6t7lsdE9WbMB6mi9x3wqSQ0 rtIdE3AiDjU5yS26yIDH1NoAZp5pn90f/MFFTs7dlRTMv9v0a8uN0OQm58KtDgOR lk14v2meAQ4pI9UYMfb7eCJypdoNKXOE8UhohlmQIxuzOVu488AvomTSAQEFT4Or cK4bN3U9iinXxMA3VbKFL91ZKBaNpbvTWsKeXwiJLQLAvAQl9/7S5TNJK5RWtP8N XDLSe0ig+KsxulQHDkIjugCe1BOl7pH7Y9DoaeVTSLRC6TRDheiL3JDVpVO/zYfI LPjoTqfzhHwTRGVNKY/PPUBFg9hWwErQgYwiWmeDeWrR/QZa2o2PS3rcnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJlqCD0oB9ubbAZeEEbLVMuJoQXOMB8GA1UdIwQY MBaAFGh5m3crVR23hO66iw4RWgxDPNO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUhtYmR5dFZIYmVFN3JxTERoRmFERU04MDdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85NjJmMmQtNzI4Mi00MjFlLWE2MzEt MGM3NmEzMTZiNTJlLzEvYUhtYmR5dFZIYmVFN3JxTERoRmFERU04MDdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi85NjJmMmQtNzI4Mi00MjFlLWE2MzEtMGM3NmEzMTZiNTJl LzEvYUhtYmR5dFZIYmVFN3JxTERoRmFERU04MDdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPEFvzhQo ld8YlVjcEDWYqAaM7aolnWj2mbOKWWKcFxOJxv2wdLKQ4uqNVFUOb6HaA/No3pb9 GYGBOZ4aNVDvfJBuHUClv6G6+R14rPbJxh8XwvyQdEet9WXChmjMobzTsI2+XEmD KO5XYXnwRjY/NYdDwtzR0ts4GcoJ3kbughw5986Xl5WoJOmZ/H/8tdv+IChjxXdd 8ZIlrFlMySaAJOQSdTMqFDDTzLAqFWkJMp1cQNzd85iuM84lJFVN96V9wk91sJiq f3dXXpeXOLkG/sxgCS16tyPHnN+IxoGtSKGHPJsk1qDLNeMkBncy3Wietc3sTIi2 5t+4+d7Iy7ixQw== -----END CERTIFICATE-----Generated at Thu Jan 1 11:02:59 2026 by rpki-client