This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft File: KqJOWBL8wxBrnrCusA5ie6I10FY.mft (raw, json) Hash identifier: fcE39KCwrKh9n2LeV/Rc65nJWfnOQ5ZIF5hMGSEy8xc= Subject key identifier: 5A:18:40:C0:FD:A8:2C:B3:CB:45:47:49:7E:8A:96:2C:68:EA:94:60 Authority key identifier: 2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56 Certificate issuer: /CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056 Certificate serial: 019BF951CAB76BC8137876951638734F5BB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft Manifest number: 0A7E Signing time: Mon 26 Jan 2026 08:00:45 +0000 Manifest this update: Mon 26 Jan 2026 08:00:45 +0000 Manifest next update: Tue 27 Jan 2026 08:00:45 +0000 Files and hashes: 1: KqJOWBL8wxBrnrCusA5ie6I10FY.crl (hash: 07KUa4w5VpL/plGpAwv01KVEofu+5pbFOFjY8Orl5UU=) 2: yXEtTJb7Q9QNq9QwBOpKF1Og1mg.roa (hash: DbsY9yqJmKOSdLO9tL/m8Sp1oKJbQqdJXvqChVz5qJw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:51:ca:b7:6b:c8:13:78:76:95:16:38:73:4f:5b:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056 Validity Not Before: Jan 26 08:00:45 2026 GMT Not After : Jan 27 08:00:45 2026 GMT Subject: CN=5a1840c0fda82cb3cb4547497e8a962c68ea9460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:da:d9:5f:b0:5d:cd:7f:cd:81:4e:03:d7:8a: aa:ce:ac:89:33:8b:32:fc:24:5b:a4:d6:f0:c0:0e: c3:5f:24:21:5d:57:3f:d6:a1:3f:56:d1:83:41:44: ad:00:d4:c8:56:a4:fd:8d:ce:4d:b7:b6:4f:35:53: fc:7e:17:f5:2c:16:cf:e3:01:89:cc:09:c1:fd:d4: 20:03:c4:b4:f4:dc:32:8f:07:62:ad:4d:0f:3a:b6: 1e:96:50:65:2d:11:dd:57:9e:86:69:bb:ea:e0:af: e9:b3:87:92:ac:9a:5b:14:5a:17:2f:54:5d:42:87: 23:33:e5:c6:b4:97:a2:55:c0:fe:56:4f:45:83:ef: 9c:04:9b:8a:0b:e1:4c:0f:b2:98:0c:b6:41:fc:93: 13:41:9b:de:3a:e1:06:65:81:34:6e:77:28:47:ba: 73:72:ff:9a:17:32:d3:38:7b:29:74:27:57:7e:64: 90:01:76:8a:e2:0f:4b:5f:e2:60:fd:4a:f7:1b:5a: 08:9b:16:97:9e:15:84:8b:52:5d:e9:04:25:99:7e: 63:8a:56:27:82:e7:be:0b:bf:5b:17:fd:5a:29:e7: 94:ca:d6:0a:f2:a1:82:ac:ba:02:4a:c9:c7:f8:76: 18:8b:59:47:48:e6:6c:dd:df:2b:3a:6b:cc:be:74: ec:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:18:40:C0:FD:A8:2C:B3:CB:45:47:49:7E:8A:96:2C:68:EA:94:60 X509v3 Authority Key Identifier: keyid:2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:1d:6b:96:ee:7c:d8:c0:cc:0d:7b:01:0d:e9:77:f3:94:ef: 40:47:5f:01:29:9d:1e:25:d0:4c:ad:13:ac:22:6a:16:ff:c7: ae:21:4a:38:49:ce:24:8f:1c:52:db:90:82:30:39:26:7c:3b: 23:b3:39:b8:fd:2a:27:1e:1d:1a:a0:d3:b9:bb:44:89:1f:0d: 0a:c5:5e:47:ec:2a:ec:c0:03:e9:62:bf:0d:f7:06:38:6f:48: 7e:d1:48:c7:81:10:08:16:1f:c9:a6:61:77:36:ba:37:ba:fc: 74:12:f6:a6:58:79:69:16:0f:43:ee:54:4a:34:82:a4:39:d6: 17:72:fc:3e:a6:34:b2:8c:c6:af:38:18:34:28:ad:44:7a:da: 6e:4a:ee:68:cf:18:e8:d7:d8:f8:79:d6:fc:5f:dc:1d:a3:db: 45:48:30:60:e1:62:47:cf:e7:5c:e1:8f:a8:dd:b0:eb:95:a4: e5:cc:b9:71:60:95:9a:42:97:99:7f:a2:01:e6:bb:0c:de:47: dc:92:69:26:cd:6c:b9:b1:ac:65:22:af:d4:c8:a8:94:cd:0f: df:98:ca:31:20:ee:59:55:0a:e1:11:d1:a2:e5:de:10:6e:d9: ca:ac:d4:9d:19:6a:4f:93:a0:e3:1c:9c:c5:b6:0c:38:6d:b0: 07:88:ae:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv5Ucq3a8gTeHaVFjhzT1u3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYTI0ZTU4MTJmY2MzMTA2YjllYjBhZWIwMGU2MjdiYTIz NWQwNTYwHhcNMjYwMTI2MDgwMDQ1WhcNMjYwMTI3MDgwMDQ1WjAzMTEwLwYDVQQD Eyg1YTE4NDBjMGZkYTgyY2IzY2I0NTQ3NDk3ZThhOTYyYzY4ZWE5NDYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNrZX7BdzX/NgU4D14qqzqyJM4sy /CRbpNbwwA7DXyQhXVc/1qE/VtGDQUStANTIVqT9jc5Nt7ZPNVP8fhf1LBbP4wGJ zAnB/dQgA8S09NwyjwdirU0POrYellBlLRHdV56Gabvq4K/ps4eSrJpbFFoXL1Rd QocjM+XGtJeiVcD+Vk9Fg++cBJuKC+FMD7KYDLZB/JMTQZveOuEGZYE0bncoR7pz cv+aFzLTOHspdCdXfmSQAXaK4g9LX+Jg/Ur3G1oImxaXnhWEi1Jd6QQlmX5jilYn gue+C79bF/1aKeeUytYK8qGCrLoCSsnH+HYYi1lHSOZs3d8rOmvMvnTsowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFoYQMD9qCyzy0VHSX6Klixo6pRgMB8GA1UdIwQY MBaAFCqiTlgS/MMQa56wrrAOYnuiNdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgt NjY4NThiYzhlYjc3LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgtNjY4NThiYzhlYjc3 LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPB1rlu58 2MDMDXsBDel385TvQEdfASmdHiXQTK0TrCJqFv/HriFKOEnOJI8cUtuQgjA5Jnw7 I7M5uP0qJx4dGqDTubtEiR8NCsVeR+wq7MAD6WK/DfcGOG9IftFIx4EQCBYfyaZh dza6N7r8dBL2plh5aRYPQ+5USjSCpDnWF3L8PqY0sozGrzgYNCitRHrabkruaM8Y 6NfY+HnW/F/cHaPbRUgwYOFiR8/nXOGPqN2w65Wk5cy5cWCVmkKXmX+iAea7DN5H 3JJpJs1subGsZSKv1MiolM0P35jKMSDuWVUK4RHRouXeEG7ZyqzUnRlqT5Og4xyc xbYMOG2wB4iuow== -----END CERTIFICATE-----Generated at Mon Jan 26 10:58:06 2026 by rpki-client