This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft File: KZWUToTcN7pqQtaLseK5pEIehKQ.mft (raw, json) Hash identifier: AAGWRQCQ1NpDsGMPLXmvt2vv6vYLUtb+GO25t6YUrjY= Subject key identifier: 3A:17:C2:FB:D9:65:95:B0:0C:4E:FD:95:B0:19:9B:30:62:C9:A5:3A Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4 Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4 Certificate serial: 019BF4622852B5BF79F9A5E3940C95A375F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft Manifest number: 17E7 Signing time: Sun 25 Jan 2026 09:00:32 +0000 Manifest this update: Sun 25 Jan 2026 09:00:32 +0000 Manifest next update: Mon 26 Jan 2026 09:00:32 +0000 Files and hashes: 1: KZWUToTcN7pqQtaLseK5pEIehKQ.crl (hash: mDrXxAC/Q1hS5fhZrKbcMRJlsYZ3w1tmEdgkCf77hSQ=) 2: REMIC3qlblupLlRlDy8YWtuHeGs.roa (hash: Jx2qxwn04q0eIKP0O31CsM6H6HSDWevmv7hr0SA1D6o=) 3: jqkc2v-EDfDqyX3RgGBk8W5KdEw.roa (hash: J6Uk//qcGJOT6wNTUI4e5Z8Vod7CmZ9RrMaWF9PPJeM=) 4: rrH1j10hPF7JqcYJAD3BPexcKzg.roa (hash: +IMZpUPrslETwFxcXPRLWmZpXfSU9RCOH9gP9Q/CH5w=) 5: y-cUmsyd1f2Nqa9AjFf-HrgBRvY.roa (hash: K08tIX67yafvJ07B2O/CtxAn2jeh7RiwSsp1rC6qb3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:62:28:52:b5:bf:79:f9:a5:e3:94:0c:95:a3:75:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4 Validity Not Before: Jan 25 09:00:32 2026 GMT Not After : Jan 26 09:00:32 2026 GMT Subject: CN=3a17c2fbd96595b00c4efd95b0199b3062c9a53a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6d:6b:ef:41:31:5d:1b:c7:2d:62:4a:78:5c: 07:4f:d0:0c:28:e8:bd:20:71:58:f6:ae:4a:5a:11: 65:a8:74:de:26:07:ca:a5:28:54:4f:ba:ff:c7:56: 64:17:4a:08:8a:46:aa:e7:7a:88:83:1a:1e:ca:a6: 8a:63:ce:3e:4d:2b:98:7d:31:f4:d0:8d:d9:7a:1e: ba:74:0d:61:a7:28:6d:35:ce:7f:b5:d3:d3:9d:dd: 2a:03:61:86:b1:74:c8:31:1d:57:3e:86:94:23:fc: 3d:fa:a2:be:6d:f9:ea:06:12:39:e3:7b:c9:61:c9: 85:c3:97:dd:1f:6b:76:62:2c:14:cf:e1:1a:ad:f1: 3f:4f:ce:3f:f9:a1:a6:8f:0d:28:9f:b1:6f:30:b9: 81:b1:ca:77:f5:2a:b8:72:54:80:74:42:c6:cc:94: 8e:da:24:9c:9b:d3:39:b5:a0:eb:b2:cb:5d:a5:f8: d0:79:cc:df:c6:11:97:29:4f:cf:99:2e:f2:34:96: ae:c5:9c:de:d4:d6:1a:61:73:56:c2:df:1b:44:fb: e0:ff:83:ac:e1:05:27:c2:fc:de:47:08:52:9e:63: 0d:77:85:80:51:a1:9c:99:a3:4e:c8:ec:d3:a2:e9: 39:17:c7:32:cb:48:a4:57:56:52:84:9c:61:3b:a5: ce:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:17:C2:FB:D9:65:95:B0:0C:4E:FD:95:B0:19:9B:30:62:C9:A5:3A X509v3 Authority Key Identifier: keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:d5:04:2a:66:24:ab:8c:72:f8:2c:f8:2b:e2:1f:22:be:9b: 07:51:84:ba:17:fd:6f:8a:f8:aa:4f:9e:48:84:e1:7e:96:5e: 75:e5:72:8d:7b:90:e2:97:2b:e9:41:8d:3c:37:d9:a8:7b:52: 90:3f:f9:a9:39:e0:30:64:99:9f:62:e0:f0:91:7a:7a:7e:91: 79:b2:d3:2c:9c:67:53:f1:f8:7f:72:38:23:34:1d:65:93:e9: 32:bd:85:14:4f:11:2c:d4:76:c7:05:82:f7:e6:09:f9:9a:fb: 24:ea:16:fb:07:d3:2f:67:ad:16:d7:12:b3:51:40:09:5c:d5: 0c:9f:35:bf:ec:95:13:95:2d:1f:04:09:31:b9:f8:bc:d5:24: b7:7e:c8:41:00:f9:cc:a1:f7:12:b4:2d:89:a8:27:4d:dc:28: d1:bb:4c:4a:4d:d2:d1:fe:61:d0:fd:8f:a2:58:a1:59:99:99: 4e:ab:c5:59:b8:d4:e6:d9:05:31:03:96:9a:ac:f5:03:c5:b2: 19:c1:27:db:5a:bc:83:ab:11:63:b7:fb:56:d5:3a:35:02:20: 20:ea:9c:fa:dd:e6:be:d3:25:fc:e2:bf:e7:0b:3a:17:37:46: 67:f6:66:dc:a0:00:f4:2e:43:13:e4:cb:3d:2c:00:6d:ce:1e: 27:bc:cf:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0YihStb95+aXjlAyVo3X4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx ZTg0YTQwHhcNMjYwMTI1MDkwMDMyWhcNMjYwMTI2MDkwMDMyWjAzMTEwLwYDVQQD EygzYTE3YzJmYmQ5NjU5NWIwMGM0ZWZkOTViMDE5OWIzMDYyYzlhNTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw21r70ExXRvHLWJKeFwHT9AMKOi9 IHFY9q5KWhFlqHTeJgfKpShUT7r/x1ZkF0oIikaq53qIgxoeyqaKY84+TSuYfTH0 0I3Zeh66dA1hpyhtNc5/tdPTnd0qA2GGsXTIMR1XPoaUI/w9+qK+bfnqBhI543vJ YcmFw5fdH2t2YiwUz+EarfE/T84/+aGmjw0on7FvMLmBscp39Sq4clSAdELGzJSO 2iScm9M5taDrsstdpfjQeczfxhGXKU/PmS7yNJauxZze1NYaYXNWwt8bRPvg/4Os 4QUnwvzeRwhSnmMNd4WAUaGcmaNOyOzTouk5F8cyy0ikV1ZShJxhO6XOJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDoXwvvZZZWwDE79lbAZmzBiyaU6MB8GA1UdIwQY MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt MzM4YmRkNDM5ZWUxLzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs9UEKmYk q4xy+Cz4K+IfIr6bB1GEuhf9b4r4qk+eSIThfpZedeVyjXuQ4pcr6UGNPDfZqHtS kD/5qTngMGSZn2Lg8JF6en6RebLTLJxnU/H4f3I4IzQdZZPpMr2FFE8RLNR2xwWC 9+YJ+Zr7JOoW+wfTL2etFtcSs1FACVzVDJ81v+yVE5UtHwQJMbn4vNUkt37IQQD5 zKH3ErQtiagnTdwo0btMSk3S0f5h0P2PolihWZmZTqvFWbjU5tkFMQOWmqz1A8Wy GcEn21q8g6sRY7f7VtU6NQIgIOqc+t3mvtMl/OK/5ws6FzdGZ/Zm3KAA9C5DE+TL PSwAbc4eJ7zPWA== -----END CERTIFICATE-----Generated at Sun Jan 25 13:59:13 2026 by rpki-client