This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json) Hash identifier: 3+b935ODXRb5Nq+3p3Ob2P66joIPX2/Jj3coYd0XSKo= Subject key identifier: 47:D4:B8:9B:70:7B:6E:A8:E2:D9:33:0A:7A:D4:DC:8D:05:6C:A4:96 Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019BF9F6EF0C42FCDD19423BC7C1693AE7E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft Manifest number: 1767 Signing time: Mon 26 Jan 2026 11:01:08 +0000 Manifest this update: Mon 26 Jan 2026 11:01:08 +0000 Manifest next update: Tue 27 Jan 2026 11:01:08 +0000 Files and hashes: 1: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: ao+b5jUwr+dW5VvIY8J505vNQYLT0dnF4npZ1S9rBwM=) 2: ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa (hash: soBVeg6Yikd3nUzcvoeLHOcCe6rQjh4SHsU1xYr91hM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:f6:ef:0c:42:fc:dd:19:42:3b:c7:c1:69:3a:e7:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Jan 26 11:01:08 2026 GMT Not After : Jan 27 11:01:08 2026 GMT Subject: CN=47d4b89b707b6ea8e2d9330a7ad4dc8d056ca496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:2c:c4:f7:b5:ab:41:8c:c1:29:29:4a:a8:9b: ad:34:80:e7:0c:4b:f9:19:d0:c4:aa:52:44:68:55: d4:7e:20:ae:7d:5b:26:35:9c:6c:45:7d:f2:ed:7f: 40:ec:86:47:b6:80:1c:86:43:43:d6:d0:ba:62:d1: 09:3c:58:ed:56:45:01:82:70:31:5a:42:65:d3:d9: db:74:b3:29:b3:be:66:6e:02:e0:d5:d1:18:5a:1b: 1b:32:67:01:85:3e:f2:29:a6:53:c5:53:c9:e0:71: ab:0e:af:73:a9:f5:37:09:83:63:0a:27:bc:27:6a: f8:99:64:b7:b4:aa:5d:5f:f3:19:78:8f:c5:41:20: 9e:fa:3d:09:1c:c0:5d:83:1f:92:61:96:10:9e:1e: 3b:58:8f:25:74:e4:fa:9e:81:d5:58:62:3b:67:f9: 07:4d:8a:db:59:a8:4b:a5:2d:3e:e1:58:ec:a2:69: 74:14:f4:96:d1:cb:99:5c:7c:13:b1:fd:da:04:1a: 2d:1c:47:4d:11:d9:20:e9:49:79:41:ca:d9:c3:48: 51:f1:b9:34:68:d2:4e:52:af:a0:c5:e7:fb:5d:f3: 46:8e:a2:17:89:16:be:5e:45:67:2a:b5:cb:6c:b3: 61:49:a6:bc:59:db:f5:ad:68:9d:cd:d4:95:25:e3: 3a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:D4:B8:9B:70:7B:6E:A8:E2:D9:33:0A:7A:D4:DC:8D:05:6C:A4:96 X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:f6:d3:11:b7:44:95:ec:33:02:b5:de:6c:0d:1b:0f:42:6e: 4f:cd:df:ea:97:55:79:3f:db:60:54:f6:a1:4c:78:df:e6:df: f7:c8:01:89:09:0e:18:e6:51:5e:1d:40:ff:96:7a:9b:c8:6b: 60:93:0b:b2:c6:18:ec:09:f7:a6:8e:9f:1d:e5:a8:51:e3:11: 92:14:04:8f:70:09:c9:70:35:50:15:a5:55:1c:a0:b3:f2:84: df:2a:0d:71:a5:3b:40:7c:c6:79:0b:bd:e4:58:52:df:7b:50: 5b:81:b9:a7:8a:84:49:de:de:61:3b:68:7c:d8:63:1b:91:3c: 4f:a2:5c:71:40:96:32:e0:3b:d0:df:40:18:57:10:e1:32:c5: 64:ad:89:c6:99:d4:06:b3:16:e0:68:bf:59:64:10:28:e0:6e: a4:90:56:90:a9:44:fb:0b:bd:2a:e6:ee:7a:31:2c:4b:cc:7c: 49:9e:61:79:6c:5e:f2:8d:8d:20:de:80:2e:60:43:02:e8:4f: 6a:df:f0:81:6d:df:8c:cb:ce:33:44:b9:54:f7:e1:ea:23:12: fd:98:f2:aa:c7:c6:da:c4:d2:b0:6c:10:7f:b8:d7:61:76:e9: 17:66:13:96:f9:3d:09:66:60:cf:57:e2:5e:10:45:7b:79:8e: 3f:1a:5c:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv59u8MQvzdGUI7x8FpOufnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjYwMTI2MTEwMTA4WhcNMjYwMTI3MTEwMTA4WjAzMTEwLwYDVQQD Eyg0N2Q0Yjg5YjcwN2I2ZWE4ZTJkOTMzMGE3YWQ0ZGM4ZDA1NmNhNDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyzE97WrQYzBKSlKqJutNIDnDEv5 GdDEqlJEaFXUfiCufVsmNZxsRX3y7X9A7IZHtoAchkND1tC6YtEJPFjtVkUBgnAx WkJl09nbdLMps75mbgLg1dEYWhsbMmcBhT7yKaZTxVPJ4HGrDq9zqfU3CYNjCie8 J2r4mWS3tKpdX/MZeI/FQSCe+j0JHMBdgx+SYZYQnh47WI8ldOT6noHVWGI7Z/kH TYrbWahLpS0+4Vjsoml0FPSW0cuZXHwTsf3aBBotHEdNEdkg6Ul5QcrZw0hR8bk0 aNJOUq+gxef7XfNGjqIXiRa+XkVnKrXLbLNhSaa8Wdv1rWidzdSVJeM6awIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEfUuJtwe26o4tkzCnrU3I0FbKSWMB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/bTEbdE lewzArXebA0bD0JuT83f6pdVeT/bYFT2oUx43+bf98gBiQkOGOZRXh1A/5Z6m8hr YJMLssYY7An3po6fHeWoUeMRkhQEj3AJyXA1UBWlVRygs/KE3yoNcaU7QHzGeQu9 5FhS33tQW4G5p4qESd7eYTtofNhjG5E8T6JccUCWMuA70N9AGFcQ4TLFZK2JxpnU BrMW4Gi/WWQQKOBupJBWkKlE+wu9KubuejEsS8x8SZ5heWxe8o2NIN6ALmBDAuhP at/wgW3fjMvOM0S5VPfh6iMS/ZjyqsfG2sTSsGwQf7jXYXbpF2YTlvk9CWZgz1fi XhBFe3mOPxpctQ== -----END CERTIFICATE-----Generated at Mon Jan 26 19:39:11 2026 by rpki-client