This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft File: KwFArTlBTE6rAqxVQitEFj7TSw8.mft (raw, json) Hash identifier: +x0fOLwwojUvDQGhlVY1xMD8/NcPLsLdlNeKXK5nwnQ= Subject key identifier: F5:EC:D7:9C:1B:D9:90:CD:37:10:6C:81:8C:F9:F0:74:A0:5C:09:C8 Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F Certificate issuer: /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f Certificate serial: 019BF763648A2373D3FDCDDDFCB821F85A3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft Manifest number: 0540 Signing time: Sun 25 Jan 2026 23:00:44 +0000 Manifest this update: Sun 25 Jan 2026 23:00:44 +0000 Manifest next update: Mon 26 Jan 2026 23:00:44 +0000 Files and hashes: 1: KwFArTlBTE6rAqxVQitEFj7TSw8.crl (hash: gTU8P7i5r8mphkL5JnqI/LRBNr2itOAxrzJMpiOpMyM=) 2: ir9SuLduq8J9bIwWBVKAyAFiwvk.roa (hash: LeNR5QQthmrMSFvWNxLjb0RXrLTd6w9z7OeC3M8gneo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:63:64:8a:23:73:d3:fd:cd:dd:fc:b8:21:f8:5a:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f Validity Not Before: Jan 25 23:00:44 2026 GMT Not After : Jan 26 23:00:44 2026 GMT Subject: CN=f5ecd79c1bd990cd37106c818cf9f074a05c09c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:3f:ea:73:2d:ba:d4:55:c1:df:ec:9d:49:ce: 5e:d5:1f:4b:fe:e1:0d:13:9a:71:d7:6d:e6:8d:22: b7:d2:3e:3d:ec:1b:48:93:97:c9:7d:29:87:9c:6d: 57:af:4d:a7:f1:bb:50:61:14:2b:b9:40:34:81:ca: 7d:03:c5:b1:ce:28:24:62:61:5f:8a:48:04:aa:ef: 7d:a4:24:6e:56:04:a7:a3:d0:62:ad:1f:13:d1:e7: da:a2:ca:49:0e:6f:24:7b:b2:9c:25:b9:5e:7e:a9: 1f:8a:7b:ec:d7:aa:b5:67:c2:96:b5:03:6f:e0:5a: 16:9f:f4:47:f8:ad:d3:a0:07:aa:b7:1e:7d:be:8d: e8:ee:2b:95:50:86:67:15:74:14:9c:fd:7c:7b:47: fa:70:a1:e3:16:42:73:ae:13:93:9b:3a:bf:18:ec: 8b:f3:eb:f1:42:ef:4f:7d:6f:f0:4d:d3:f8:53:b4: 99:0e:64:c9:da:cf:7f:3a:dc:81:0e:77:0e:f6:9b: c6:80:8a:44:2e:a5:aa:0b:27:74:20:09:6a:86:22: df:53:99:fd:b5:28:93:42:ae:6f:44:15:32:d6:39: 95:83:71:0e:8b:70:fa:36:4c:03:35:69:96:79:85: e9:df:65:b8:3e:89:91:5f:d5:75:db:42:38:14:60: c1:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:EC:D7:9C:1B:D9:90:CD:37:10:6C:81:8C:F9:F0:74:A0:5C:09:C8 X509v3 Authority Key Identifier: keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:b0:f2:93:37:8a:85:13:9c:a6:7a:9a:41:8f:11:b1:f8:5a: 76:4e:8d:a0:de:c7:f2:2d:b5:f8:09:1c:8b:51:ab:ff:72:0c: 6d:e6:97:ac:71:61:df:62:c1:28:c4:f2:88:f8:4e:ba:30:61: bf:de:81:04:19:1b:68:70:97:7a:53:56:7a:87:78:8b:58:42: 75:d0:32:27:bc:1a:40:ab:d2:ed:44:75:62:bc:51:03:9e:60: de:53:a2:67:42:cd:d2:75:e6:43:b6:2f:8a:3d:4e:da:c5:3d: 92:58:5f:11:8c:b6:18:4b:3f:a2:55:aa:2f:65:19:06:f7:50: f9:36:51:b5:89:2e:08:61:77:1c:13:23:f5:83:4c:c1:ee:1f: 98:34:07:34:c2:35:05:a1:2c:f9:25:30:4d:99:00:1d:39:5f: e5:51:17:a3:f9:be:fa:cd:da:0f:9b:7f:9e:52:eb:8f:b7:5f: da:14:7b:8c:65:21:7d:db:bb:a9:26:99:a8:d2:84:f0:75:46: 19:97:1e:b7:96:88:7d:21:80:46:36:1d:7f:13:8a:17:db:96: f9:38:fa:3f:73:31:92:e9:02:8f:82:e2:f3:8c:ba:f9:1c:44: 15:6a:d8:5f:48:8c:0e:e7:67:f8:47:2d:3a:d1:f8:a1:c1:19: a1:e0:ee:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3Y2SKI3PT/c3d/Lgh+Fo8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk MzRiMGYwHhcNMjYwMTI1MjMwMDQ0WhcNMjYwMTI2MjMwMDQ0WjAzMTEwLwYDVQQD EyhmNWVjZDc5YzFiZDk5MGNkMzcxMDZjODE4Y2Y5ZjA3NGEwNWMwOWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj/qcy261FXB3+ydSc5e1R9L/uEN E5px123mjSK30j497BtIk5fJfSmHnG1Xr02n8btQYRQruUA0gcp9A8WxzigkYmFf ikgEqu99pCRuVgSno9BirR8T0efaospJDm8ke7KcJblefqkfinvs16q1Z8KWtQNv 4FoWn/RH+K3ToAeqtx59vo3o7iuVUIZnFXQUnP18e0f6cKHjFkJzrhOTmzq/GOyL 8+vxQu9PfW/wTdP4U7SZDmTJ2s9/OtyBDncO9pvGgIpELqWqCyd0IAlqhiLfU5n9 tSiTQq5vRBUy1jmVg3EOi3D6NkwDNWmWeYXp32W4PomRX9V120I4FGDBJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPXs15wb2ZDNNxBsgYz58HSgXAnIMB8GA1UdIwQY MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt MmU3NTIyOGY5MjYxLzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7DykzeK hROcpnqaQY8Rsfhadk6NoN7H8i21+Akci1Gr/3IMbeaXrHFh32LBKMTyiPhOujBh v96BBBkbaHCXelNWeod4i1hCddAyJ7waQKvS7UR1YrxRA55g3lOiZ0LN0nXmQ7Yv ij1O2sU9klhfEYy2GEs/olWqL2UZBvdQ+TZRtYkuCGF3HBMj9YNMwe4fmDQHNMI1 BaEs+SUwTZkAHTlf5VEXo/m++s3aD5t/nlLrj7df2hR7jGUhfdu7qSaZqNKE8HVG GZcet5aIfSGARjYdfxOKF9uW+Tj6P3MxkukCj4Li84y6+RxEFWrYX0iMDudn+Ect OtH4ocEZoeDu6w== -----END CERTIFICATE-----Generated at Mon Jan 26 01:33:06 2026 by rpki-client