This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: w9ESEB0V9tXotobL0W0DzBsklJUtYUbijdCXEcOsDZI=
Subject key identifier: 32:8C:F6:68:E1:58:65:D8:C5:C1:90:DD:91:FB:0D:63:EA:78:4F:EB
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 019BF83F7C11875F82B018889A2C2134C945
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 17ED
Signing time: Mon 26 Jan 2026 03:01:08 +0000
Manifest this update: Mon 26 Jan 2026 03:01:08 +0000
Manifest next update: Tue 27 Jan 2026 03:01:08 +0000
Files and hashes: 1: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: nkLReNd1afiP7R0LLQ28ygXbquGHNrZH0a3+zALLY9Y=)
2: r2staIGPnAB2fC8C0axIG4AKOBk.roa (hash: uFZHYgrj8p1JmsefAGSYoXv3EhDU7aOqOew1OyVD1rc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 27 Jan 2026 03:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:f8:3f:7c:11:87:5f:82:b0:18:88:9a:2c:21:34:c9:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Jan 26 03:01:08 2026 GMT
Not After : Jan 27 03:01:08 2026 GMT
Subject: CN=328cf668e15865d8c5c190dd91fb0d63ea784feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4e:27:59:58:c2:72:90:c1:d2:2a:67:72:e9:
68:dc:6a:58:33:32:72:58:d4:e1:e4:b6:16:4f:a1:
17:79:fb:3c:a5:21:a7:16:3a:49:6e:81:37:60:6f:
cb:26:2a:ca:d9:e8:0e:aa:08:15:12:f6:db:f2:8a:
0b:7e:cd:9f:57:a0:29:81:4e:a7:a0:15:15:14:34:
f8:f3:33:ac:d3:6c:2d:02:cf:e7:46:fd:25:cc:9b:
22:88:84:8e:59:6a:a2:e5:4a:0d:56:06:13:80:28:
6b:c5:05:90:96:50:69:b7:fd:4a:3e:3a:af:02:ab:
9b:cf:19:b0:04:c9:c9:6c:c3:09:78:6b:e0:70:48:
a9:f6:28:6e:c4:3d:e2:e8:8d:16:80:6d:20:5f:e0:
8b:7b:f0:a7:40:da:09:9d:56:eb:bf:85:ce:3f:e1:
0a:d2:2a:94:72:55:d9:38:a3:1d:96:5a:8a:1b:a1:
74:67:80:5c:98:47:5a:e7:c7:70:3e:54:e4:38:72:
a3:83:20:47:84:70:f5:ec:c8:d8:3d:4e:ab:dd:4b:
c0:12:0f:1b:61:84:2c:95:9e:81:13:d2:51:91:26:
a1:d6:40:79:48:c2:1b:16:da:2d:ba:a2:40:1d:c5:
d7:c7:98:2d:08:c4:c3:49:c3:33:4e:0e:0d:65:2b:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8C:F6:68:E1:58:65:D8:C5:C1:90:DD:91:FB:0D:63:EA:78:4F:EB
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:b6:a4:27:d8:b4:30:e6:6d:1d:e7:08:4c:7c:ca:91:2d:e4:
34:b8:b2:56:c9:1a:82:a4:0e:b6:63:99:ed:b2:a4:3b:9d:fb:
2e:6f:04:a7:32:94:61:9f:95:93:a2:57:35:17:8b:a5:1a:6c:
b6:a5:c5:ef:38:61:a5:61:5e:bb:62:19:35:a9:fa:d8:f3:17:
ce:33:98:49:3b:56:38:74:80:22:30:17:8b:b8:94:66:00:6d:
6b:e7:fb:0f:55:50:a6:f0:3b:99:e5:92:af:f4:97:4c:ec:33:
f8:75:72:40:20:72:e2:a5:1a:2f:88:9b:fd:e9:01:bd:de:79:
49:61:8c:75:5d:ac:39:4b:ff:15:89:b3:a6:75:3e:6c:c0:c8:
5a:f3:b5:47:a8:c5:05:f0:1c:bd:a8:92:bc:b8:22:1a:30:dc:
c5:ff:f5:03:4f:32:17:07:ad:1b:22:19:69:23:96:4c:2c:c2:
fa:13:f1:e5:33:e7:6c:ee:ee:09:65:7e:b8:81:db:a7:c3:fe:
f8:43:1c:e6:37:79:d0:41:24:56:a4:5f:8a:ed:ec:a3:af:96:
b2:82:d9:d9:66:02:e3:0f:55:7c:1a:31:b4:ee:3d:cc:fb:1d:
01:63:14:21:0d:7e:3f:18:c0:99:90:15:39:c8:e8:ef:30:2e:
03:5d:6c:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv4P3wRh1+CsBiImiwhNMlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjYwMTI2MDMwMTA4WhcNMjYwMTI3MDMwMTA4WjAzMTEwLwYDVQQD
EygzMjhjZjY2OGUxNTg2NWQ4YzVjMTkwZGQ5MWZiMGQ2M2VhNzg0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU4nWVjCcpDB0ipnculo3GpYMzJy
WNTh5LYWT6EXefs8pSGnFjpJboE3YG/LJirK2egOqggVEvbb8ooLfs2fV6ApgU6n
oBUVFDT48zOs02wtAs/nRv0lzJsiiISOWWqi5UoNVgYTgChrxQWQllBpt/1KPjqv
AqubzxmwBMnJbMMJeGvgcEip9ihuxD3i6I0WgG0gX+CLe/CnQNoJnVbrv4XOP+EK
0iqUclXZOKMdllqKG6F0Z4BcmEda58dwPlTkOHKjgyBHhHD17MjYPU6r3UvAEg8b
YYQslZ6BE9JRkSah1kB5SMIbFtotuqJAHcXXx5gtCMTDScMzTg4NZSuB9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKM9mjhWGXYxcGQ3ZH7DWPqeE/rMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJrakJ9i0
MOZtHecITHzKkS3kNLiyVskagqQOtmOZ7bKkO537Lm8EpzKUYZ+Vk6JXNReLpRps
tqXF7zhhpWFeu2IZNan62PMXzjOYSTtWOHSAIjAXi7iUZgBta+f7D1VQpvA7meWS
r/SXTOwz+HVyQCBy4qUaL4ib/ekBvd55SWGMdV2sOUv/FYmzpnU+bMDIWvO1R6jF
BfAcvaiSvLgiGjDcxf/1A08yFwetGyIZaSOWTCzC+hPx5TPnbO7uCWV+uIHbp8P+
+EMc5jd50EEkVqRfiu3so6+WsoLZ2WYC4w9VfBoxtO49zPsdAWMUIQ1+PxjAmZAV
Ocjo7zAuA11smw==
-----END CERTIFICATE-----
Generated at Mon Jan 26 13:08:47 2026 by rpki-client