This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
File: KZWUToTcN7pqQtaLseK5pEIehKQ.mft (raw, json)
Hash identifier: AAGWRQCQ1NpDsGMPLXmvt2vv6vYLUtb+GO25t6YUrjY=
Subject key identifier: 3A:17:C2:FB:D9:65:95:B0:0C:4E:FD:95:B0:19:9B:30:62:C9:A5:3A
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 019BF4622852B5BF79F9A5E3940C95A375F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
Manifest number: 17E7
Signing time: Sun 25 Jan 2026 09:00:32 +0000
Manifest this update: Sun 25 Jan 2026 09:00:32 +0000
Manifest next update: Mon 26 Jan 2026 09:00:32 +0000
Files and hashes: 1: KZWUToTcN7pqQtaLseK5pEIehKQ.crl (hash: mDrXxAC/Q1hS5fhZrKbcMRJlsYZ3w1tmEdgkCf77hSQ=)
2: REMIC3qlblupLlRlDy8YWtuHeGs.roa (hash: Jx2qxwn04q0eIKP0O31CsM6H6HSDWevmv7hr0SA1D6o=)
3: jqkc2v-EDfDqyX3RgGBk8W5KdEw.roa (hash: J6Uk//qcGJOT6wNTUI4e5Z8Vod7CmZ9RrMaWF9PPJeM=)
4: rrH1j10hPF7JqcYJAD3BPexcKzg.roa (hash: +IMZpUPrslETwFxcXPRLWmZpXfSU9RCOH9gP9Q/CH5w=)
5: y-cUmsyd1f2Nqa9AjFf-HrgBRvY.roa (hash: K08tIX67yafvJ07B2O/CtxAn2jeh7RiwSsp1rC6qb3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 26 Jan 2026 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:f4:62:28:52:b5:bf:79:f9:a5:e3:94:0c:95:a3:75:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 25 09:00:32 2026 GMT
Not After : Jan 26 09:00:32 2026 GMT
Subject: CN=3a17c2fbd96595b00c4efd95b0199b3062c9a53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6d:6b:ef:41:31:5d:1b:c7:2d:62:4a:78:5c:
07:4f:d0:0c:28:e8:bd:20:71:58:f6:ae:4a:5a:11:
65:a8:74:de:26:07:ca:a5:28:54:4f:ba:ff:c7:56:
64:17:4a:08:8a:46:aa:e7:7a:88:83:1a:1e:ca:a6:
8a:63:ce:3e:4d:2b:98:7d:31:f4:d0:8d:d9:7a:1e:
ba:74:0d:61:a7:28:6d:35:ce:7f:b5:d3:d3:9d:dd:
2a:03:61:86:b1:74:c8:31:1d:57:3e:86:94:23:fc:
3d:fa:a2:be:6d:f9:ea:06:12:39:e3:7b:c9:61:c9:
85:c3:97:dd:1f:6b:76:62:2c:14:cf:e1:1a:ad:f1:
3f:4f:ce:3f:f9:a1:a6:8f:0d:28:9f:b1:6f:30:b9:
81:b1:ca:77:f5:2a:b8:72:54:80:74:42:c6:cc:94:
8e:da:24:9c:9b:d3:39:b5:a0:eb:b2:cb:5d:a5:f8:
d0:79:cc:df:c6:11:97:29:4f:cf:99:2e:f2:34:96:
ae:c5:9c:de:d4:d6:1a:61:73:56:c2:df:1b:44:fb:
e0:ff:83:ac:e1:05:27:c2:fc:de:47:08:52:9e:63:
0d:77:85:80:51:a1:9c:99:a3:4e:c8:ec:d3:a2:e9:
39:17:c7:32:cb:48:a4:57:56:52:84:9c:61:3b:a5:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:17:C2:FB:D9:65:95:B0:0C:4E:FD:95:B0:19:9B:30:62:C9:A5:3A
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:d5:04:2a:66:24:ab:8c:72:f8:2c:f8:2b:e2:1f:22:be:9b:
07:51:84:ba:17:fd:6f:8a:f8:aa:4f:9e:48:84:e1:7e:96:5e:
75:e5:72:8d:7b:90:e2:97:2b:e9:41:8d:3c:37:d9:a8:7b:52:
90:3f:f9:a9:39:e0:30:64:99:9f:62:e0:f0:91:7a:7a:7e:91:
79:b2:d3:2c:9c:67:53:f1:f8:7f:72:38:23:34:1d:65:93:e9:
32:bd:85:14:4f:11:2c:d4:76:c7:05:82:f7:e6:09:f9:9a:fb:
24:ea:16:fb:07:d3:2f:67:ad:16:d7:12:b3:51:40:09:5c:d5:
0c:9f:35:bf:ec:95:13:95:2d:1f:04:09:31:b9:f8:bc:d5:24:
b7:7e:c8:41:00:f9:cc:a1:f7:12:b4:2d:89:a8:27:4d:dc:28:
d1:bb:4c:4a:4d:d2:d1:fe:61:d0:fd:8f:a2:58:a1:59:99:99:
4e:ab:c5:59:b8:d4:e6:d9:05:31:03:96:9a:ac:f5:03:c5:b2:
19:c1:27:db:5a:bc:83:ab:11:63:b7:fb:56:d5:3a:35:02:20:
20:ea:9c:fa:dd:e6:be:d3:25:fc:e2:bf:e7:0b:3a:17:37:46:
67:f6:66:dc:a0:00:f4:2e:43:13:e4:cb:3d:2c:00:6d:ce:1e:
27:bc:cf:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZv0YihStb95+aXjlAyVo3X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjYwMTI1MDkwMDMyWhcNMjYwMTI2MDkwMDMyWjAzMTEwLwYDVQQD
EygzYTE3YzJmYmQ5NjU5NWIwMGM0ZWZkOTViMDE5OWIzMDYyYzlhNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw21r70ExXRvHLWJKeFwHT9AMKOi9
IHFY9q5KWhFlqHTeJgfKpShUT7r/x1ZkF0oIikaq53qIgxoeyqaKY84+TSuYfTH0
0I3Zeh66dA1hpyhtNc5/tdPTnd0qA2GGsXTIMR1XPoaUI/w9+qK+bfnqBhI543vJ
YcmFw5fdH2t2YiwUz+EarfE/T84/+aGmjw0on7FvMLmBscp39Sq4clSAdELGzJSO
2iScm9M5taDrsstdpfjQeczfxhGXKU/PmS7yNJauxZze1NYaYXNWwt8bRPvg/4Os
4QUnwvzeRwhSnmMNd4WAUaGcmaNOyOzTouk5F8cyy0ikV1ZShJxhO6XOJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoXwvvZZZWwDE79lbAZmzBiyaU6MB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs9UEKmYk
q4xy+Cz4K+IfIr6bB1GEuhf9b4r4qk+eSIThfpZedeVyjXuQ4pcr6UGNPDfZqHtS
kD/5qTngMGSZn2Lg8JF6en6RebLTLJxnU/H4f3I4IzQdZZPpMr2FFE8RLNR2xwWC
9+YJ+Zr7JOoW+wfTL2etFtcSs1FACVzVDJ81v+yVE5UtHwQJMbn4vNUkt37IQQD5
zKH3ErQtiagnTdwo0btMSk3S0f5h0P2PolihWZmZTqvFWbjU5tkFMQOWmqz1A8Wy
GcEn21q8g6sRY7f7VtU6NQIgIOqc+t3mvtMl/OK/5ws6FzdGZ/Zm3KAA9C5DE+TL
PSwAbc4eJ7zPWA==
-----END CERTIFICATE-----
Generated at Sun Jan 25 13:59:13 2026 by rpki-client