This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json) Hash identifier: RSoX7pYlWGTGPgvHBI8U10qVI7+0IijzAcIfk5DktZY= Subject key identifier: CA:33:AD:7D:0D:A4:35:03:7B:FD:47:B5:67:D5:C5:31:98:F6:30:80 Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea Certificate serial: 019BF951FEEB8F3816B28E482EE8DC56A8AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft Manifest number: 17E8 Signing time: Mon 26 Jan 2026 08:00:58 +0000 Manifest this update: Mon 26 Jan 2026 08:00:58 +0000 Manifest next update: Tue 27 Jan 2026 08:00:58 +0000 Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: NOf5gc4xP8rtHc87YbXPj2sc4qUrIcEINsbhwrgRvXU=) 2: Np8PkRIzq2H-mfEgyXXHLw4xA2o.roa (hash: kCme1YTSTXAyOTkajeANzDG66nwpOp5PNkNgd2m+u9c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:51:fe:eb:8f:38:16:b2:8e:48:2e:e8:dc:56:a8:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea Validity Not Before: Jan 26 08:00:58 2026 GMT Not After : Jan 27 08:00:58 2026 GMT Subject: CN=ca33ad7d0da435037bfd47b567d5c53198f63080 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b9:85:90:d8:33:bf:7a:4a:70:1c:fc:c2:e3: d0:1c:52:ca:36:b6:be:66:77:d6:bd:b5:4c:5e:25: e3:bf:ed:a7:bc:28:50:6d:25:2b:d9:ed:4b:8f:19: 3e:25:d2:28:50:02:c9:a4:10:6b:05:8e:7f:16:d6: 6b:bb:c1:7f:45:d1:8b:ba:f7:ae:dd:a1:9d:64:0a: 0e:a4:2e:7d:e5:60:6b:88:1a:86:e5:8a:79:28:4f: 11:cb:7b:5e:97:77:8c:4c:59:e2:a1:6e:19:34:90: 31:fe:8a:47:2e:5d:dc:ad:04:64:2a:fc:bb:ff:21: 98:11:ce:2b:5c:4f:2c:71:a4:47:ae:71:2d:9c:db: f2:c4:1d:9a:a6:e9:ac:c6:cb:2b:f8:46:a7:0c:1c: bf:88:ff:79:e7:84:8f:e2:36:db:72:82:46:bb:8d: 6d:d4:1a:f1:6f:c2:38:ec:ed:82:4f:b1:97:d7:79: 3c:bd:ed:f2:82:a5:03:a1:36:60:49:a0:0d:ce:9d: 7e:42:0b:37:c1:2b:65:2b:b1:4d:ba:cc:11:76:12: f2:06:b0:df:ce:c7:3e:4b:44:49:78:b5:bc:a4:fb: 0c:66:14:69:0e:54:43:c8:ae:65:ed:2e:52:f1:f0: 0a:86:7a:95:42:c5:e5:0c:ac:d9:61:e4:49:e0:ed: 8d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:33:AD:7D:0D:A4:35:03:7B:FD:47:B5:67:D5:C5:31:98:F6:30:80 X509v3 Authority Key Identifier: keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:1b:c4:99:90:fc:b1:35:7e:5f:12:1a:5b:2b:b3:3e:03:4d: b3:87:9c:bd:08:85:76:7f:28:07:7a:44:3c:3b:a6:df:81:58: 98:45:1c:28:fb:98:12:d3:f6:57:99:e0:2e:24:72:68:e4:b7: 1d:a3:92:4c:87:a2:a4:17:8c:cc:b1:05:c6:f3:92:1a:c5:63: 0f:61:ec:2f:87:33:86:17:2e:b4:35:ee:6b:30:4e:9f:4c:8c: 5b:5b:90:c6:ab:4a:c1:4a:74:af:6b:18:9c:a3:b5:e0:0c:61: bf:f8:87:a9:f7:e6:bc:51:e3:0e:c3:3d:46:fe:c5:44:a0:b8: a5:a0:c8:9c:13:f7:78:db:da:22:b7:51:34:07:75:a9:8b:c2: e8:21:6a:9b:73:a5:97:8a:4b:37:26:f5:17:4d:f3:3e:ed:20: 97:4a:41:7a:3e:23:31:21:65:23:91:9b:21:5c:11:ed:30:c1: bc:a6:34:78:56:8e:34:37:46:0f:8e:aa:02:47:1c:a5:8e:58: f0:d7:8a:0c:bd:03:ac:bd:a4:5b:dd:24:5f:c5:d4:1b:1e:49: 21:d9:b3:ab:48:98:bf:6b:2f:7e:8d:a0:a4:0b:98:57:03:52: ac:93:8e:0b:38:a9:2b:72:6c:1c:2f:62:d2:3c:fe:66:8c:f0: 6e:f5:28:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5Uf7rjzgWso5ILujcVqitMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy NDk1ZWEwHhcNMjYwMTI2MDgwMDU4WhcNMjYwMTI3MDgwMDU4WjAzMTEwLwYDVQQD EyhjYTMzYWQ3ZDBkYTQzNTAzN2JmZDQ3YjU2N2Q1YzUzMTk4ZjYzMDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbmFkNgzv3pKcBz8wuPQHFLKNra+ ZnfWvbVMXiXjv+2nvChQbSUr2e1Ljxk+JdIoUALJpBBrBY5/FtZru8F/RdGLuveu 3aGdZAoOpC595WBriBqG5Yp5KE8Ry3tel3eMTFnioW4ZNJAx/opHLl3crQRkKvy7 /yGYEc4rXE8scaRHrnEtnNvyxB2apumsxssr+EanDBy/iP9554SP4jbbcoJGu41t 1Brxb8I47O2CT7GX13k8ve3ygqUDoTZgSaANzp1+Qgs3wStlK7FNuswRdhLyBrDf zsc+S0RJeLW8pPsMZhRpDlRDyK5l7S5S8fAKhnqVQsXlDKzZYeRJ4O2NSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMozrX0NpDUDe/1HtWfVxTGY9jCAMB8GA1UdIwQY MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBvEmZD8 sTV+XxIaWyuzPgNNs4ecvQiFdn8oB3pEPDum34FYmEUcKPuYEtP2V5ngLiRyaOS3 HaOSTIeipBeMzLEFxvOSGsVjD2HsL4czhhcutDXuazBOn0yMW1uQxqtKwUp0r2sY nKO14Axhv/iHqffmvFHjDsM9Rv7FRKC4paDInBP3eNvaIrdRNAd1qYvC6CFqm3Ol l4pLNyb1F03zPu0gl0pBej4jMSFlI5GbIVwR7TDBvKY0eFaONDdGD46qAkccpY5Y 8NeKDL0DrL2kW90kX8XUGx5JIdmzq0iYv2svfo2gpAuYVwNSrJOOCzipK3JsHC9i 0jz+ZozwbvUo2g== -----END CERTIFICATE-----Generated at Mon Jan 26 10:57:38 2026 by rpki-client