This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json) Hash identifier: mfkrYKaD7xkaUZFNdn3BcNFwcR/1jNKxQsv3NctvV5I= Subject key identifier: 94:05:13:C6:BB:36:A5:4D:CA:81:31:05:8E:11:C7:D9:EA:6B:C9:71 Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Certificate serial: 019BF6F5EE24CE0954A365FF382369220F27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft Manifest number: 0D41 Signing time: Sun 25 Jan 2026 21:01:10 +0000 Manifest this update: Sun 25 Jan 2026 21:01:10 +0000 Manifest next update: Mon 26 Jan 2026 21:01:10 +0000 Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: V3SdriIWOg0tDQPEKVhQ/Wn4jGXA5hcpLL67cQ9ytiU=) 2: 55I-KJfDZCQf3-WIzaOmHLDw0UA.roa (hash: CHL8cZMB7OLAW5NGioo9AKdHll+9RPJn2SB7b3DCiOk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:f5:ee:24:ce:09:54:a3:65:ff:38:23:69:22:0f:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Validity Not Before: Jan 25 21:01:10 2026 GMT Not After : Jan 26 21:01:10 2026 GMT Subject: CN=940513c6bb36a54dca8131058e11c7d9ea6bc971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:9b:51:61:c8:03:28:da:86:1f:ab:fa:66:3e: b5:21:00:d2:52:01:2d:ff:5d:c6:0d:d4:d7:2f:ed: 9f:ee:23:97:34:a7:56:80:15:01:a3:57:c7:1f:a0: 08:c4:9d:76:11:2d:29:f3:66:f0:66:32:35:73:af: d0:d4:1a:c2:3b:28:3d:c2:d6:55:e2:cf:a0:86:6e: 29:14:4e:f6:d7:65:5c:d5:e0:0c:9b:48:18:d7:55: 19:6f:1d:92:21:2a:f8:a5:01:de:cc:d8:dd:9b:47: 95:7f:f0:28:c5:54:4d:d7:00:8f:68:ce:9e:49:05: 89:f6:c6:aa:31:4b:32:ef:f8:b6:ad:51:3e:1a:3b: e6:9f:0a:b8:ea:46:a7:64:8d:2b:4b:ea:92:78:7c: 0d:93:d9:0f:ed:0c:72:96:65:b3:2f:df:73:93:00: 3f:01:10:22:d9:17:ab:ea:70:b2:8f:bf:a4:ef:6a: 28:d6:e3:da:be:de:b8:64:4a:8c:4f:9f:ef:2e:b0: 88:72:30:f8:c4:0a:8e:08:b6:b3:80:88:79:38:c5: d5:85:ca:0a:4a:81:6a:f1:45:a6:a8:a1:1f:23:c3: 36:13:7c:9f:2a:79:9a:3c:5b:3f:be:b8:74:71:54: 35:06:f0:db:6c:95:22:21:fa:a9:e7:8b:a6:d8:7e: d5:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:05:13:C6:BB:36:A5:4D:CA:81:31:05:8E:11:C7:D9:EA:6B:C9:71 X509v3 Authority Key Identifier: keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:16:52:fa:5f:88:01:53:d3:48:46:6a:de:48:c6:db:15:34: 78:35:88:8b:69:11:5e:f2:fa:6e:74:18:8b:c1:c4:10:9f:4f: a4:78:85:66:ac:12:67:ef:a8:13:4e:f2:56:b8:0b:74:4d:c2: e4:32:df:94:6a:53:1f:dc:05:7e:e0:a9:23:3b:9c:53:41:be: b6:ad:89:df:e8:78:64:9c:d0:3b:06:50:b4:db:e9:fa:de:30: 7c:76:9e:a9:89:cc:3c:e2:86:69:24:bc:d0:eb:9f:56:02:fd: 38:8c:79:9b:03:a9:45:a3:97:b2:1d:5b:f2:78:4d:fe:56:44: 31:8d:3e:55:0d:cc:c0:96:72:ea:f1:09:cf:c8:95:d8:06:f1: 80:a6:5c:c8:ff:68:3f:18:48:ea:43:af:f3:53:a3:e1:d3:4e: 62:e2:72:36:1f:42:4c:3a:68:4d:af:38:74:62:0e:a4:ce:5a: 52:70:b6:f3:38:5e:40:93:ac:48:0b:fa:ed:fe:ea:bb:5b:79: d7:f8:08:79:b6:7a:d0:0c:02:e8:d5:d6:08:03:8b:8d:f5:3d: 80:d4:51:98:12:12:0e:7e:37:bd:19:6f:1b:74:b6:4a:af:68: c3:74:cd:16:ae:0e:b5:5b:2c:3a:c7:4f:35:55:54:0f:4a:d9: 6b:d5:8c:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv29e4kzglUo2X/OCNpIg8nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3 NWU5NTUwHhcNMjYwMTI1MjEwMTEwWhcNMjYwMTI2MjEwMTEwWjAzMTEwLwYDVQQD Eyg5NDA1MTNjNmJiMzZhNTRkY2E4MTMxMDU4ZTExYzdkOWVhNmJjOTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JtRYcgDKNqGH6v6Zj61IQDSUgEt /13GDdTXL+2f7iOXNKdWgBUBo1fHH6AIxJ12ES0p82bwZjI1c6/Q1BrCOyg9wtZV 4s+ghm4pFE7212Vc1eAMm0gY11UZbx2SISr4pQHezNjdm0eVf/AoxVRN1wCPaM6e SQWJ9saqMUsy7/i2rVE+Gjvmnwq46kanZI0rS+qSeHwNk9kP7QxylmWzL99zkwA/ ARAi2Rer6nCyj7+k72oo1uPavt64ZEqMT5/vLrCIcjD4xAqOCLazgIh5OMXVhcoK SoFq8UWmqKEfI8M2E3yfKnmaPFs/vrh0cVQ1BvDbbJUiIfqp54um2H7V/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJQFE8a7NqVNyoExBY4Rx9nqa8lxMB8GA1UdIwQY MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5 LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxZS+l+I AVPTSEZq3kjG2xU0eDWIi2kRXvL6bnQYi8HEEJ9PpHiFZqwSZ++oE07yVrgLdE3C 5DLflGpTH9wFfuCpIzucU0G+tq2J3+h4ZJzQOwZQtNvp+t4wfHaeqYnMPOKGaSS8 0OufVgL9OIx5mwOpRaOXsh1b8nhN/lZEMY0+VQ3MwJZy6vEJz8iV2AbxgKZcyP9o PxhI6kOv81Oj4dNOYuJyNh9CTDpoTa84dGIOpM5aUnC28zheQJOsSAv67f7qu1t5 1/gIebZ60AwC6NXWCAOLjfU9gNRRmBISDn43vRlvG3S2Sq9ow3TNFq4OtVssOsdP NVVUD0rZa9WMEw== -----END CERTIFICATE-----Generated at Mon Jan 26 05:37:11 2026 by rpki-client