This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft File: kN_zHRsERNQgTeFYTQDd-WjQsBI.mft (raw, json) Hash identifier: GkMIGhI7wLcXbnAFkdSOPvly3WoRDGwOCg0p1lkx0bc= Subject key identifier: BD:08:28:64:3E:F0:D9:F6:A0:93:43:A0:AF:84:35:72:C6:E8:DF:5A Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12 Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012 Certificate serial: 019BF5ABC21ECCD4D8A43A9F40233AEFBEC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft Manifest number: 0C5D Signing time: Sun 25 Jan 2026 15:00:32 +0000 Manifest this update: Sun 25 Jan 2026 15:00:32 +0000 Manifest next update: Mon 26 Jan 2026 15:00:32 +0000 Files and hashes: 1: SwQK8a0RuGojFMRd-1GGkonnT-U.roa (hash: 7GJC22Eus5d8mAhvDyq0PoK19aG3z12w1E45uuUpyP4=) 2: kN_zHRsERNQgTeFYTQDd-WjQsBI.crl (hash: MbQMTxZl8aPo/LoHucQh07ihKDZ7NkY79/xi3dyb/kY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f5:ab:c2:1e:cc:d4:d8:a4:3a:9f:40:23:3a:ef:be:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012 Validity Not Before: Jan 25 15:00:32 2026 GMT Not After : Jan 26 15:00:32 2026 GMT Subject: CN=bd0828643ef0d9f6a09343a0af843572c6e8df5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:c4:85:79:a9:cb:3a:f7:44:07:65:44:2b:fd: 55:0b:3f:e5:7f:39:45:48:7a:12:f6:bc:e7:78:05: e8:4d:65:f0:d7:2c:c6:d8:50:3c:ef:ec:42:3e:d9: 40:d0:c7:23:b0:e6:1a:bb:44:42:63:a4:99:10:ac: aa:e3:4d:72:ba:fe:f7:ae:c1:88:d5:71:b6:70:66: 37:2d:34:5d:98:ff:3b:08:dc:2c:36:ce:73:72:0e: 6a:83:04:da:8f:32:12:c9:74:10:cc:49:00:23:54: eb:7e:dc:b5:67:89:d1:a1:b9:94:2b:dc:a0:4d:27: bb:32:23:15:12:d5:0b:67:4f:34:73:8d:ca:3d:62: 9d:2d:dd:bf:98:5e:7f:35:9c:9c:c0:fe:94:4c:b4: da:ef:52:17:75:f7:80:f5:c2:72:25:1d:32:e4:94: 0c:35:43:0b:0c:25:0e:68:0e:93:3c:b8:cc:1e:9f: 39:75:6b:b5:b4:49:a3:a1:c8:16:86:66:ca:53:69: 43:4c:cb:18:ac:2a:04:88:50:50:14:10:1a:9d:a0: 92:cf:56:56:fe:9d:38:ca:88:7b:d4:c5:b6:11:f8: 3d:d4:56:73:e8:90:51:87:b1:13:3b:96:cd:ce:80: c2:59:85:73:67:ae:63:d0:c8:5a:81:d5:19:41:d4: fa:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:08:28:64:3E:F0:D9:F6:A0:93:43:A0:AF:84:35:72:C6:E8:DF:5A X509v3 Authority Key Identifier: keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:c4:78:b3:ff:4c:0a:93:49:f3:47:4c:10:6e:5a:f9:90:9d: 8b:ea:3c:0c:3c:4a:8e:1c:3b:89:b4:06:67:05:b2:df:0e:a8: fc:6f:8c:88:89:56:a5:e7:20:d6:6b:8b:c7:fb:d3:75:4b:46: 00:b3:9f:2c:40:e0:4d:38:4b:a4:fc:fb:18:a4:89:a1:ac:89: 5f:36:47:37:8b:18:45:bf:81:84:d9:b8:67:a0:23:d8:02:a8: 0a:7d:c3:13:69:35:0d:2d:d8:c5:72:44:59:92:1b:8a:af:3f: de:ea:f7:64:0e:3c:b7:ac:48:73:9e:8d:5b:ac:02:81:c3:8b: 4f:df:e9:ee:58:3d:d8:59:aa:04:ae:d3:1b:42:88:89:4b:b7: a8:31:21:3a:e5:57:43:ac:25:d7:fe:00:b9:65:d2:e3:bb:2d: 74:d6:b6:de:2b:02:cd:e8:d2:b8:31:d2:5e:5d:be:8e:a8:13: ba:f2:fc:3c:12:aa:ea:4e:30:72:8d:b3:94:80:23:43:97:de: da:f6:a0:a5:61:5d:d8:ab:7a:53:95:f0:f2:79:54:12:d3:6d: 06:c7:2e:2c:f2:cd:2a:d9:16:3d:4f:de:c3:ba:0b:9c:9a:76: 1e:11:63:e2:58:f5:49:81:05:40:da:50:a1:dd:26:d5:ca:13: d6:24:a5:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv1q8IezNTYpDqfQCM6777EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk MGIwMTIwHhcNMjYwMTI1MTUwMDMyWhcNMjYwMTI2MTUwMDMyWjAzMTEwLwYDVQQD EyhiZDA4Mjg2NDNlZjBkOWY2YTA5MzQzYTBhZjg0MzU3MmM2ZThkZjVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMSFeanLOvdEB2VEK/1VCz/lfzlF SHoS9rzneAXoTWXw1yzG2FA87+xCPtlA0McjsOYau0RCY6SZEKyq401yuv73rsGI 1XG2cGY3LTRdmP87CNwsNs5zcg5qgwTajzISyXQQzEkAI1Trfty1Z4nRobmUK9yg TSe7MiMVEtULZ080c43KPWKdLd2/mF5/NZycwP6UTLTa71IXdfeA9cJyJR0y5JQM NUMLDCUOaA6TPLjMHp85dWu1tEmjocgWhmbKU2lDTMsYrCoEiFBQFBAanaCSz1ZW /p04yoh71MW2Efg91FZz6JBRh7ETO5bNzoDCWYVzZ65j0MhagdUZQdT6kwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL0IKGQ+8Nn2oJNDoK+ENXLG6N9aMB8GA1UdIwQY MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt OWYyMTRkMWJhOTM0LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0 LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMR4s/9M CpNJ80dMEG5a+ZCdi+o8DDxKjhw7ibQGZwWy3w6o/G+MiIlWpecg1muLx/vTdUtG ALOfLEDgTThLpPz7GKSJoayJXzZHN4sYRb+BhNm4Z6Aj2AKoCn3DE2k1DS3YxXJE WZIbiq8/3ur3ZA48t6xIc56NW6wCgcOLT9/p7lg92FmqBK7TG0KIiUu3qDEhOuVX Q6wl1/4AuWXS47stdNa23isCzejSuDHSXl2+jqgTuvL8PBKq6k4wco2zlIAjQ5fe 2vagpWFd2Kt6U5Xw8nlUEtNtBscuLPLNKtkWPU/ew7oLnJp2HhFj4lj1SYEFQNpQ od0m1coT1iSl9Q== -----END CERTIFICATE-----Generated at Mon Jan 26 01:47:24 2026 by rpki-client