This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json) Hash identifier: 6LNJsQOUjNn0n8sOyYY3t6/vJffhSe5BtjZHVloscU4= Subject key identifier: C1:22:B4:B2:3F:74:DA:C7:AF:BB:DB:F1:DA:FC:77:B8:1F:E9:EE:84 Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb Certificate serial: 019BFA2E7AB6F3CFAAA1ED506C4DF78A2BE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft Manifest number: 17EE Signing time: Mon 26 Jan 2026 12:01:48 +0000 Manifest this update: Mon 26 Jan 2026 12:01:48 +0000 Manifest next update: Tue 27 Jan 2026 12:01:48 +0000 Files and hashes: 1: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: bW5eOYWwOID0opn8Q+wuvffqxyaKSdSusBwenzGZ9FU=) 2: r2staIGPnAB2fC8C0axIG4AKOBk.roa (hash: uFZHYgrj8p1JmsefAGSYoXv3EhDU7aOqOew1OyVD1rc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:2e:7a:b6:f3:cf:aa:a1:ed:50:6c:4d:f7:8a:2b:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb Validity Not Before: Jan 26 12:01:48 2026 GMT Not After : Jan 27 12:01:48 2026 GMT Subject: CN=c122b4b23f74dac7afbbdbf1dafc77b81fe9ee84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:65:e5:8a:ae:ce:70:6b:ef:c2:4c:18:60:ee: a3:77:5b:86:94:31:79:72:d8:23:bd:13:c2:c8:fe: 00:57:42:31:71:18:9b:54:6a:92:ab:de:ec:24:cf: 39:13:f5:69:7a:19:b6:40:83:2f:9b:69:05:31:f8: 84:db:52:81:78:bc:8e:3c:0f:ff:a4:9d:44:40:cf: 6c:5f:cb:c9:a8:26:dc:ba:3b:b1:9c:70:90:16:bf: 5f:6a:42:07:11:e9:9f:89:3a:39:ef:10:39:7b:f4: 61:63:f4:2e:eb:36:a8:6e:c5:a3:c8:41:97:66:e5: 21:54:66:c6:2b:04:6a:34:f0:2f:9f:b7:77:4e:f6: b9:88:24:2a:de:eb:2f:3a:bd:f0:8e:70:1a:bf:4b: 48:ea:27:9d:f0:35:d2:c6:97:1e:27:d5:d4:5b:e5: 06:f9:d8:60:51:7a:56:a1:48:d9:92:ac:7e:a6:00: 0c:65:a5:85:70:a9:af:ba:b2:d6:22:d8:9f:67:64: af:89:b2:0b:17:18:5b:8c:9d:c7:eb:1d:0d:fd:5f: 54:8d:1c:8b:4b:29:3b:31:98:28:2f:b0:dd:62:0a: e3:ab:21:9d:52:27:9e:8c:75:38:e3:e8:dd:61:25: 03:bc:a3:73:fb:11:3b:7c:4f:d1:87:50:9b:e7:a1: e4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:22:B4:B2:3F:74:DA:C7:AF:BB:DB:F1:DA:FC:77:B8:1F:E9:EE:84 X509v3 Authority Key Identifier: keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:e1:5e:ad:8e:95:e9:c3:19:e4:67:03:a2:b6:97:10:cd:25: de:8c:9e:dc:5f:1e:a4:48:fe:ff:db:02:47:cd:28:7e:2d:d4: f8:2f:75:f8:9c:dd:59:d4:30:65:a0:f5:29:4e:57:2b:dd:51: 43:ca:c6:f8:0d:f7:e0:4f:39:eb:42:de:71:1a:1c:96:9f:2b: 14:6e:10:d4:09:eb:32:6c:23:3c:66:57:6f:01:5a:8c:75:cd: 6f:28:87:b0:ff:1f:af:e2:30:66:46:04:6b:b5:f2:a4:ce:6c: a1:8d:79:3d:e6:45:82:6c:70:80:b6:b8:7a:f5:df:fa:8f:65: 57:32:d8:7b:f4:a0:0f:af:dc:bd:1d:b6:e2:be:a5:0f:41:9f: 9e:bd:fb:d9:f8:2b:81:98:e7:8d:43:af:7f:ed:b2:d4:c1:d0: c6:39:a6:e5:36:5b:6c:4d:92:88:71:ea:02:93:81:21:21:eb: db:48:96:11:1e:75:10:61:82:6b:14:17:11:c7:e7:76:64:97: 3a:41:c0:2d:e9:b2:73:46:0d:27:69:fe:ad:69:4e:47:d5:8d: c7:a3:48:5d:20:46:da:44:6d:60:e2:c9:8f:72:80:91:6d:53: 89:a7:5d:96:c0:ca:6e:d1:22:5b:a5:a9:a0:75:b6:e0:a6:f0: 4f:41:97:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv6Lnq288+qoe1QbE33iivhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0 ZGRiY2IwHhcNMjYwMTI2MTIwMTQ4WhcNMjYwMTI3MTIwMTQ4WjAzMTEwLwYDVQQD EyhjMTIyYjRiMjNmNzRkYWM3YWZiYmRiZjFkYWZjNzdiODFmZTllZTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWXliq7OcGvvwkwYYO6jd1uGlDF5 ctgjvRPCyP4AV0IxcRibVGqSq97sJM85E/Vpehm2QIMvm2kFMfiE21KBeLyOPA// pJ1EQM9sX8vJqCbcujuxnHCQFr9fakIHEemfiTo57xA5e/RhY/Qu6zaobsWjyEGX ZuUhVGbGKwRqNPAvn7d3Tva5iCQq3usvOr3wjnAav0tI6ied8DXSxpceJ9XUW+UG +dhgUXpWoUjZkqx+pgAMZaWFcKmvurLWItifZ2SvibILFxhbjJ3H6x0N/V9UjRyL Syk7MZgoL7DdYgrjqyGdUieejHU44+jdYSUDvKNz+xE7fE/Rh1Cb56Hk4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMEitLI/dNrHr7vb8dr8d7gf6e6EMB8GA1UdIwQY MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0 LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKuFerY6V 6cMZ5GcDoraXEM0l3oye3F8epEj+/9sCR80ofi3U+C91+JzdWdQwZaD1KU5XK91R Q8rG+A334E8560LecRoclp8rFG4Q1AnrMmwjPGZXbwFajHXNbyiHsP8fr+IwZkYE a7XypM5soY15PeZFgmxwgLa4evXf+o9lVzLYe/SgD6/cvR224r6lD0Gfnr372fgr gZjnjUOvf+2y1MHQxjmm5TZbbE2SiHHqApOBISHr20iWER51EGGCaxQXEcfndmSX OkHALemyc0YNJ2n+rWlOR9WNx6NIXSBG2kRtYOLJj3KAkW1TiaddlsDKbtEiW6Wp oHW24KbwT0GXtw== -----END CERTIFICATE-----Generated at Mon Jan 26 14:26:23 2026 by rpki-client