This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft File: Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft (raw, json) Hash identifier: nF673l+4LD7Uga3Aw+8KRCwdSBErCotZCH6ZqeoKZxk= Subject key identifier: BC:B7:64:E7:4C:4C:8C:73:4F:24:D3:ED:1C:8B:17:BA:07:9C:4A:2A Authority key identifier: 2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED Certificate issuer: /CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Certificate serial: 019BF53F005E66A5F823DE933FF810A40D18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft Manifest number: 03DB Signing time: Sun 25 Jan 2026 13:01:45 +0000 Manifest this update: Sun 25 Jan 2026 13:01:45 +0000 Manifest next update: Mon 26 Jan 2026 13:01:45 +0000 Files and hashes: 1: Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl (hash: JZuSmEc/Dnoig37Y1/yNudX40j/WmUB4MH/UKKiv2hA=) 2: bHxNQUrJC8Eh62QodMXQrjbnmgg.roa (hash: 1d3ZqMZQAbRLtC6TZNo/vpwZQcPk90gTwtcmQgBCgII=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:3f:00:5e:66:a5:f8:23:de:93:3f:f8:10:a4:0d:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Validity Not Before: Jan 25 13:01:45 2026 GMT Not After : Jan 26 13:01:45 2026 GMT Subject: CN=bcb764e74c4c8c734f24d3ed1c8b17ba079c4a2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:57:b0:29:93:98:c3:59:b6:1b:6e:22:43:9f: 3d:ce:33:d6:22:04:1a:df:03:4f:43:91:2c:61:43: 2b:e0:9b:dc:1a:85:4f:1d:26:98:12:64:ab:26:bc: fb:13:af:1b:77:37:21:26:6d:51:92:a6:e4:4f:aa: 76:8d:25:a2:a0:47:9d:14:10:22:b6:48:b3:d6:f6: ac:cc:20:be:67:39:a4:41:84:f2:05:d1:f5:94:e1: 28:18:49:a3:d4:fe:6f:87:53:b0:bb:46:8d:a4:ab: 16:c7:c7:d9:47:ef:4f:f7:56:25:c8:18:51:14:7c: 1a:cc:bf:8a:d7:67:69:01:af:88:1e:0b:79:ed:0d: 58:0a:85:78:68:66:f2:5f:81:5c:49:5d:15:be:76: 0f:47:68:ec:6e:bd:81:90:da:b8:b7:31:e4:a0:c7: 30:1c:77:38:52:34:2d:5c:24:27:58:91:49:6b:96: d6:e0:11:23:cc:ab:ee:29:b3:1f:3c:3a:e7:f7:d3: fa:07:32:b3:c9:4f:40:97:46:7c:8f:df:11:e9:46: 77:a7:0f:15:70:c2:aa:cd:e6:5c:69:b8:cc:2c:fb: c1:9b:71:16:a6:b4:81:95:52:c6:e9:8d:d9:1f:9f: cc:40:62:6f:69:0e:4e:ac:84:58:34:ea:f9:b7:03: d9:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:B7:64:E7:4C:4C:8C:73:4F:24:D3:ED:1C:8B:17:BA:07:9C:4A:2A X509v3 Authority Key Identifier: keyid:2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:be:d6:3f:58:57:a4:fa:22:33:0f:ab:c9:e6:dc:18:90:6f: 8f:9f:72:f2:ec:a0:5a:87:ef:6f:06:06:87:e4:04:3c:33:af: 56:27:7d:4e:e9:4e:a3:b5:7d:3f:17:37:42:1c:cf:84:fa:e3: 4e:39:b7:96:58:62:65:c3:79:28:5e:21:8a:8e:62:dd:8d:b5: e5:ca:05:25:36:57:15:e5:92:9c:8d:da:95:4c:c8:63:76:c3: 42:0b:a9:b0:5f:6d:51:b1:c7:b6:a7:49:43:d8:ea:b0:36:90: e6:ab:a0:98:d2:3a:26:02:0c:61:b2:7d:af:4a:47:31:25:99: 3b:a7:ec:66:35:df:dc:2d:b7:83:bb:5a:10:55:2f:b7:7f:41: a8:5b:d0:f2:a3:61:c1:47:6d:d6:a6:b4:c9:2f:bf:aa:bb:d8: 4f:d7:87:86:8c:c3:55:cb:39:7a:83:b8:f8:b4:44:97:64:3a: 8b:2f:66:d2:d9:d9:ab:07:88:d8:cd:6a:9e:f1:8a:11:52:00: 2a:53:bf:f6:bf:cc:fe:53:af:cf:71:e2:53:a5:38:96:ee:4b: 5f:29:96:ff:b8:02:c3:6f:a6:b0:da:63:d8:a6:55:40:ca:6b: 7d:9d:39:f6:9d:a6:53:87:c2:c4:46:b5:aa:76:6c:20:19:a6: 37:33:ee:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1PwBeZqX4I96TP/gQpA0YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiM2Y2ZmE5ZjAzNzc2NWU3NGJkZjJhYzgyY2NiYWJjN2U0 ZmM4ZWQwHhcNMjYwMTI1MTMwMTQ1WhcNMjYwMTI2MTMwMTQ1WjAzMTEwLwYDVQQD EyhiY2I3NjRlNzRjNGM4YzczNGYyNGQzZWQxYzhiMTdiYTA3OWM0YTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1ewKZOYw1m2G24iQ589zjPWIgQa 3wNPQ5EsYUMr4JvcGoVPHSaYEmSrJrz7E68bdzchJm1RkqbkT6p2jSWioEedFBAi tkiz1vaszCC+ZzmkQYTyBdH1lOEoGEmj1P5vh1Owu0aNpKsWx8fZR+9P91YlyBhR FHwazL+K12dpAa+IHgt57Q1YCoV4aGbyX4FcSV0VvnYPR2jsbr2BkNq4tzHkoMcw HHc4UjQtXCQnWJFJa5bW4BEjzKvuKbMfPDrn99P6BzKzyU9Al0Z8j98R6UZ3pw8V cMKqzeZcabjMLPvBm3EWprSBlVLG6Y3ZH5/MQGJvaQ5OrIRYNOr5twPZcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLy3ZOdMTIxzTyTT7RyLF7oHnEoqMB8GA1UdIwQY MBaAFCs/b6nwN3ZedL3yrILMurx+T8jtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAt NWMwMGZjZDczNjE5LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAtNWMwMGZjZDczNjE5 LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgb7WP1hX pPoiMw+ryebcGJBvj59y8uygWofvbwYGh+QEPDOvVid9TulOo7V9Pxc3QhzPhPrj Tjm3llhiZcN5KF4hio5i3Y215coFJTZXFeWSnI3alUzIY3bDQgupsF9tUbHHtqdJ Q9jqsDaQ5qugmNI6JgIMYbJ9r0pHMSWZO6fsZjXf3C23g7taEFUvt39BqFvQ8qNh wUdt1qa0yS+/qrvYT9eHhozDVcs5eoO4+LREl2Q6iy9m0tnZqweI2M1qnvGKEVIA KlO/9r/M/lOvz3HiU6U4lu5LXymW/7gCw2+msNpj2KZVQMprfZ059p2mU4fCxEa1 qnZsIBmmNzPuOg== -----END CERTIFICATE-----Generated at Sun Jan 25 20:09:41 2026 by rpki-client