This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: 6LNJsQOUjNn0n8sOyYY3t6/vJffhSe5BtjZHVloscU4=
Subject key identifier: C1:22:B4:B2:3F:74:DA:C7:AF:BB:DB:F1:DA:FC:77:B8:1F:E9:EE:84
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 019BFA2E7AB6F3CFAAA1ED506C4DF78A2BE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 17EE
Signing time: Mon 26 Jan 2026 12:01:48 +0000
Manifest this update: Mon 26 Jan 2026 12:01:48 +0000
Manifest next update: Tue 27 Jan 2026 12:01:48 +0000
Files and hashes: 1: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: bW5eOYWwOID0opn8Q+wuvffqxyaKSdSusBwenzGZ9FU=)
2: r2staIGPnAB2fC8C0axIG4AKOBk.roa (hash: uFZHYgrj8p1JmsefAGSYoXv3EhDU7aOqOew1OyVD1rc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 27 Jan 2026 10:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fa:2e:7a:b6:f3:cf:aa:a1:ed:50:6c:4d:f7:8a:2b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Jan 26 12:01:48 2026 GMT
Not After : Jan 27 12:01:48 2026 GMT
Subject: CN=c122b4b23f74dac7afbbdbf1dafc77b81fe9ee84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:65:e5:8a:ae:ce:70:6b:ef:c2:4c:18:60:ee:
a3:77:5b:86:94:31:79:72:d8:23:bd:13:c2:c8:fe:
00:57:42:31:71:18:9b:54:6a:92:ab:de:ec:24:cf:
39:13:f5:69:7a:19:b6:40:83:2f:9b:69:05:31:f8:
84:db:52:81:78:bc:8e:3c:0f:ff:a4:9d:44:40:cf:
6c:5f:cb:c9:a8:26:dc:ba:3b:b1:9c:70:90:16:bf:
5f:6a:42:07:11:e9:9f:89:3a:39:ef:10:39:7b:f4:
61:63:f4:2e:eb:36:a8:6e:c5:a3:c8:41:97:66:e5:
21:54:66:c6:2b:04:6a:34:f0:2f:9f:b7:77:4e:f6:
b9:88:24:2a:de:eb:2f:3a:bd:f0:8e:70:1a:bf:4b:
48:ea:27:9d:f0:35:d2:c6:97:1e:27:d5:d4:5b:e5:
06:f9:d8:60:51:7a:56:a1:48:d9:92:ac:7e:a6:00:
0c:65:a5:85:70:a9:af:ba:b2:d6:22:d8:9f:67:64:
af:89:b2:0b:17:18:5b:8c:9d:c7:eb:1d:0d:fd:5f:
54:8d:1c:8b:4b:29:3b:31:98:28:2f:b0:dd:62:0a:
e3:ab:21:9d:52:27:9e:8c:75:38:e3:e8:dd:61:25:
03:bc:a3:73:fb:11:3b:7c:4f:d1:87:50:9b:e7:a1:
e4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:22:B4:B2:3F:74:DA:C7:AF:BB:DB:F1:DA:FC:77:B8:1F:E9:EE:84
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:e1:5e:ad:8e:95:e9:c3:19:e4:67:03:a2:b6:97:10:cd:25:
de:8c:9e:dc:5f:1e:a4:48:fe:ff:db:02:47:cd:28:7e:2d:d4:
f8:2f:75:f8:9c:dd:59:d4:30:65:a0:f5:29:4e:57:2b:dd:51:
43:ca:c6:f8:0d:f7:e0:4f:39:eb:42:de:71:1a:1c:96:9f:2b:
14:6e:10:d4:09:eb:32:6c:23:3c:66:57:6f:01:5a:8c:75:cd:
6f:28:87:b0:ff:1f:af:e2:30:66:46:04:6b:b5:f2:a4:ce:6c:
a1:8d:79:3d:e6:45:82:6c:70:80:b6:b8:7a:f5:df:fa:8f:65:
57:32:d8:7b:f4:a0:0f:af:dc:bd:1d:b6:e2:be:a5:0f:41:9f:
9e:bd:fb:d9:f8:2b:81:98:e7:8d:43:af:7f:ed:b2:d4:c1:d0:
c6:39:a6:e5:36:5b:6c:4d:92:88:71:ea:02:93:81:21:21:eb:
db:48:96:11:1e:75:10:61:82:6b:14:17:11:c7:e7:76:64:97:
3a:41:c0:2d:e9:b2:73:46:0d:27:69:fe:ad:69:4e:47:d5:8d:
c7:a3:48:5d:20:46:da:44:6d:60:e2:c9:8f:72:80:91:6d:53:
89:a7:5d:96:c0:ca:6e:d1:22:5b:a5:a9:a0:75:b6:e0:a6:f0:
4f:41:97:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv6Lnq288+qoe1QbE33iivhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjYwMTI2MTIwMTQ4WhcNMjYwMTI3MTIwMTQ4WjAzMTEwLwYDVQQD
EyhjMTIyYjRiMjNmNzRkYWM3YWZiYmRiZjFkYWZjNzdiODFmZTllZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWXliq7OcGvvwkwYYO6jd1uGlDF5
ctgjvRPCyP4AV0IxcRibVGqSq97sJM85E/Vpehm2QIMvm2kFMfiE21KBeLyOPA//
pJ1EQM9sX8vJqCbcujuxnHCQFr9fakIHEemfiTo57xA5e/RhY/Qu6zaobsWjyEGX
ZuUhVGbGKwRqNPAvn7d3Tva5iCQq3usvOr3wjnAav0tI6ied8DXSxpceJ9XUW+UG
+dhgUXpWoUjZkqx+pgAMZaWFcKmvurLWItifZ2SvibILFxhbjJ3H6x0N/V9UjRyL
Syk7MZgoL7DdYgrjqyGdUieejHU44+jdYSUDvKNz+xE7fE/Rh1Cb56Hk4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEitLI/dNrHr7vb8dr8d7gf6e6EMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKuFerY6V
6cMZ5GcDoraXEM0l3oye3F8epEj+/9sCR80ofi3U+C91+JzdWdQwZaD1KU5XK91R
Q8rG+A334E8560LecRoclp8rFG4Q1AnrMmwjPGZXbwFajHXNbyiHsP8fr+IwZkYE
a7XypM5soY15PeZFgmxwgLa4evXf+o9lVzLYe/SgD6/cvR224r6lD0Gfnr372fgr
gZjnjUOvf+2y1MHQxjmm5TZbbE2SiHHqApOBISHr20iWER51EGGCaxQXEcfndmSX
OkHALemyc0YNJ2n+rWlOR9WNx6NIXSBG2kRtYOLJj3KAkW1TiaddlsDKbtEiW6Wp
oHW24KbwT0GXtw==
-----END CERTIFICATE-----
Generated at Mon Jan 26 14:26:23 2026 by rpki-client