This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft File: kBZCwNRvjU5MI0wzr771pIOcaiI.mft (raw, json) Hash identifier: dK9ErDOfvmOMpbo+LUM0h3sgE2cSCg+91K4nKDnvItM= Subject key identifier: 23:C4:87:10:36:1F:C3:C5:A1:F8:04:C9:6C:B3:18:13:EC:BE:0C:65 Authority key identifier: 90:16:42:C0:D4:6F:8D:4E:4C:23:4C:33:AF:BE:F5:A4:83:9C:6A:22 Certificate issuer: /CN=901642c0d46f8d4e4c234c33afbef5a4839c6a22 Certificate serial: 019BF72C8D5F13D29503B4A9DA50ECABB064 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft Manifest number: 24 Signing time: Sun 25 Jan 2026 22:00:50 +0000 Manifest this update: Sun 25 Jan 2026 22:00:50 +0000 Manifest next update: Mon 26 Jan 2026 22:00:50 +0000 Files and hashes: 1: A9-wOdp_rVCM0ESzhr89kQtrxAk.roa (hash: EEXrwqrXm4OhbrVH1e+ftGoZf1df8IiOvwtrHVI9K44=) 2: kBZCwNRvjU5MI0wzr771pIOcaiI.crl (hash: gUw9HzhFKPG5T3kmkpJmobGOdxfFFkHf1tnxmIY+DPQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2c:8d:5f:13:d2:95:03:b4:a9:da:50:ec:ab:b0:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=901642c0d46f8d4e4c234c33afbef5a4839c6a22 Validity Not Before: Jan 25 22:00:50 2026 GMT Not After : Jan 26 22:00:50 2026 GMT Subject: CN=23c48710361fc3c5a1f804c96cb31813ecbe0c65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a6:87:c3:53:17:7d:2d:5a:d8:28:5c:3c:f8: ce:53:91:b2:73:cb:6e:bb:86:42:73:2c:49:43:fb: 25:65:70:1e:da:f3:ba:b4:f0:e4:d1:a0:46:ba:b4: 63:82:93:de:e5:76:cd:89:4b:16:be:06:32:d3:d4: da:f6:72:3b:3d:7a:77:cc:7c:ca:76:e7:0f:11:6e: b2:f9:24:d9:fa:58:b9:d0:09:bb:99:dc:22:15:77: 6b:ec:0b:a9:43:65:27:30:57:d2:ae:8e:ac:d6:82: 38:5c:45:c3:91:2c:6f:6c:e8:28:b3:97:3a:20:d5: 9d:2b:05:96:65:12:b4:72:32:30:7d:dc:63:75:7b: 25:78:85:b2:6c:7c:0e:ea:fd:33:40:3b:df:cf:b2: d6:ac:00:9f:ca:b8:1a:30:cb:ba:37:37:f6:84:d6: eb:a2:03:21:e4:8d:8f:b4:5a:3d:80:c2:a4:28:6c: 5c:d8:55:8b:d5:ee:1b:55:95:9f:8d:c8:4c:a7:fc: 44:a8:74:c3:b6:ef:ec:7b:d0:19:9c:f4:f0:3f:cf: db:5a:1e:f7:30:06:29:3c:ae:08:c4:91:0a:49:f3: 3d:77:9b:82:cd:88:87:f8:51:a5:ef:c4:1d:49:71: 1d:12:82:ae:6c:ac:0c:df:21:24:a4:7e:55:33:5f: 93:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:C4:87:10:36:1F:C3:C5:A1:F8:04:C9:6C:B3:18:13:EC:BE:0C:65 X509v3 Authority Key Identifier: keyid:90:16:42:C0:D4:6F:8D:4E:4C:23:4C:33:AF:BE:F5:A4:83:9C:6A:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:e2:aa:84:42:b0:f4:0c:e5:4d:de:f0:02:2a:ab:99:1e:cb: a0:17:da:12:90:bb:d3:f8:33:e5:72:ea:aa:c0:fb:e1:85:f3: ed:69:68:6d:79:d9:21:64:6d:10:eb:b0:86:1c:f6:53:77:8a: 04:1a:ac:15:c6:5b:21:67:0b:96:b3:77:af:73:85:15:12:31: 7e:ce:63:3d:f9:e2:fe:ff:26:fe:2f:0f:3a:07:da:8a:55:cd: 00:7f:a8:a8:a8:ab:51:5a:a7:98:5a:fa:8d:89:88:2c:67:5f: c0:3d:e5:0b:a9:8a:13:36:76:73:7c:0a:4b:4a:9d:16:2d:57: 9b:e0:38:79:70:f6:77:db:9e:98:78:d2:67:59:77:38:a1:9d: c9:af:45:2b:ea:7c:0e:1f:36:c6:91:ad:1f:ac:ed:31:37:df: 7a:f2:75:17:e4:2d:25:11:2f:e5:a5:0c:a9:0a:05:7b:db:ca: 7c:2b:72:21:9e:9f:b1:ee:34:7b:82:17:f4:de:c2:39:2a:6f: fa:47:84:37:4d:05:c8:6c:ba:9f:f4:25:33:40:b4:8b:20:b9: 5a:03:5e:ad:e7:36:02:3d:60:59:b9:c8:06:19:01:fc:50:02: 38:17:ce:50:93:f4:dd:c7:a0:0e:d7:c1:c6:47:1f:ba:d7:ac: 03:c7:04:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LI1fE9KVA7Sp2lDsq7BkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwMTY0MmMwZDQ2ZjhkNGU0YzIzNGMzM2FmYmVmNWE0ODM5 YzZhMjIwHhcNMjYwMTI1MjIwMDUwWhcNMjYwMTI2MjIwMDUwWjAzMTEwLwYDVQQD EygyM2M0ODcxMDM2MWZjM2M1YTFmODA0Yzk2Y2IzMTgxM2VjYmUwYzY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qaHw1MXfS1a2ChcPPjOU5Gyc8tu u4ZCcyxJQ/slZXAe2vO6tPDk0aBGurRjgpPe5XbNiUsWvgYy09Ta9nI7PXp3zHzK ducPEW6y+STZ+li50Am7mdwiFXdr7AupQ2UnMFfSro6s1oI4XEXDkSxvbOgos5c6 INWdKwWWZRK0cjIwfdxjdXsleIWybHwO6v0zQDvfz7LWrACfyrgaMMu6Nzf2hNbr ogMh5I2PtFo9gMKkKGxc2FWL1e4bVZWfjchMp/xEqHTDtu/se9AZnPTwP8/bWh73 MAYpPK4IxJEKSfM9d5uCzYiH+FGl78QdSXEdEoKubKwM3yEkpH5VM1+T3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPEhxA2H8PFofgEyWyzGBPsvgxlMB8GA1UdIwQY MBaAFJAWQsDUb41OTCNMM6++9aSDnGoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mMTZiNTEtNWEyMi00ZGI0LWI4OTAt NDMxMjViZjA5NmIxLzEva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy9mMTZiNTEtNWEyMi00ZGI0LWI4OTAtNDMxMjViZjA5NmIx LzEva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfeKqhEKw 9AzlTd7wAiqrmR7LoBfaEpC70/gz5XLqqsD74YXz7WlobXnZIWRtEOuwhhz2U3eK BBqsFcZbIWcLlrN3r3OFFRIxfs5jPfni/v8m/i8POgfailXNAH+oqKirUVqnmFr6 jYmILGdfwD3lC6mKEzZ2c3wKS0qdFi1Xm+A4eXD2d9uemHjSZ1l3OKGdya9FK+p8 Dh82xpGtH6ztMTffevJ1F+QtJREv5aUMqQoFe9vKfCtyIZ6fse40e4IX9N7COSpv +keEN00FyGy6n/QlM0C0iyC5WgNerec2Aj1gWbnIBhkB/FACOBfOUJP03cegDtfB xkcfutesA8cE9Q== -----END CERTIFICATE-----Generated at Mon Jan 26 08:43:01 2026 by rpki-client