This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json) Hash identifier: gizMNlgjFMQE5oHC5xcp9EeddN+OWSZ0NR/hnSrFHd8= Subject key identifier: F0:68:B0:5D:78:AA:60:AB:ED:48:2F:12:84:37:2B:FC:C4:8F:08:20 Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Certificate serial: 019BF6BEB1BBB7A71D6161E0A87DC2380F3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft Manifest number: 02EE Signing time: Sun 25 Jan 2026 20:00:50 +0000 Manifest this update: Sun 25 Jan 2026 20:00:50 +0000 Manifest next update: Mon 26 Jan 2026 20:00:50 +0000 Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=) 2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: WZ29m4qzvtv0ijvYDdmPK4VZM1QlYh0MLyGm7+4qZPA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f6:be:b1:bb:b7:a7:1d:61:61:e0:a8:7d:c2:38:0f:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Validity Not Before: Jan 25 20:00:50 2026 GMT Not After : Jan 26 20:00:50 2026 GMT Subject: CN=f068b05d78aa60abed482f1284372bfcc48f0820 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1f:62:82:c6:97:79:f6:9e:c3:5e:fb:cd:ba: e3:49:99:00:54:f4:ed:a0:87:52:08:f3:af:65:aa: a5:13:f0:bc:3a:6f:5a:b7:dc:cc:5d:c7:9a:e6:7a: 26:27:a5:2f:75:9d:4d:67:b7:ca:f6:27:92:f2:27: dc:68:a1:61:0a:cf:ac:7d:48:cc:5c:99:44:a6:d9: d3:96:9a:85:21:d4:2e:42:25:b6:c2:8b:3c:a8:42: 56:58:c3:8e:76:96:55:6d:68:87:b4:a1:cb:45:33: ff:76:57:a5:a8:b6:11:a8:6b:2c:f5:02:b9:9d:b6: dd:04:c8:5b:29:39:0d:2a:52:5b:cd:bb:5a:99:aa: 97:d2:ef:e0:7b:f6:32:3c:b4:7c:3a:2e:38:25:63: e3:53:7a:39:86:56:55:97:79:10:b5:e3:4e:0d:02: 3a:0e:e1:a2:9e:d2:fe:a9:38:e6:48:5a:2a:b6:fd: 71:49:61:9e:49:17:3d:e4:6b:d6:d3:90:27:9f:7a: 42:d3:d3:fd:5b:25:f8:f2:0c:a2:38:d1:6b:47:f3: 82:13:26:73:cf:7d:a2:0f:78:ab:df:4b:69:29:61: 62:87:e4:54:c6:18:4a:2a:bd:ff:b6:64:40:23:ac: 17:c1:03:2a:6b:73:92:ef:61:7b:1a:c1:b4:cc:f4: ab:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:68:B0:5D:78:AA:60:AB:ED:48:2F:12:84:37:2B:FC:C4:8F:08:20 X509v3 Authority Key Identifier: keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:f1:1d:67:f9:02:f1:e4:f8:dd:fc:b2:94:d8:cf:8a:e7:0d: 07:27:01:f6:68:3f:05:cf:b7:6f:fb:d6:6e:58:6c:a4:03:95: 72:b8:65:d0:aa:cc:6f:c4:80:1c:be:6f:d4:4b:83:98:ff:be: 9e:da:35:7f:31:ce:f3:91:10:de:25:6e:b9:78:b7:5e:f1:8e: b8:00:f3:3f:91:a3:03:65:fe:43:5d:cc:c6:8d:d3:a2:ee:9f: 64:04:b0:f0:52:70:c7:0e:ea:23:10:d3:57:c0:af:a0:b4:00: 16:3d:9c:ff:d6:64:16:df:1f:35:17:d1:0e:fb:06:77:e7:bc: 10:9b:bc:d3:a3:ae:19:2a:9f:9f:fb:ad:a9:12:3e:07:f9:07: d0:a8:ba:00:bd:49:12:d2:f5:72:59:f6:76:73:ae:42:9c:48: 50:45:68:c0:e2:43:cc:2b:30:3d:91:9e:45:b5:52:7b:ea:6e: 70:c5:23:8a:e1:8f:39:2e:37:ae:e6:fc:12:70:79:d1:92:ab: 91:93:78:3c:9d:84:07:d8:18:23:73:93:3b:a5:a5:67:52:73: 20:d7:00:7d:8e:7d:a3:ce:4c:b3:e2:4f:c3:84:15:96:46:53: e5:9d:3b:55:98:fe:86:5e:bf:80:af:c9:32:4c:cb:bb:bf:f7: ac:d2:24:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv2vrG7t6cdYWHgqH3COA8/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm OTI2NjcwHhcNMjYwMTI1MjAwMDUwWhcNMjYwMTI2MjAwMDUwWjAzMTEwLwYDVQQD EyhmMDY4YjA1ZDc4YWE2MGFiZWQ0ODJmMTI4NDM3MmJmY2M0OGYwODIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx9igsaXefaew177zbrjSZkAVPTt oIdSCPOvZaqlE/C8Om9at9zMXcea5nomJ6UvdZ1NZ7fK9ieS8ifcaKFhCs+sfUjM XJlEptnTlpqFIdQuQiW2wos8qEJWWMOOdpZVbWiHtKHLRTP/dlelqLYRqGss9QK5 nbbdBMhbKTkNKlJbzbtamaqX0u/ge/YyPLR8Oi44JWPjU3o5hlZVl3kQteNODQI6 DuGintL+qTjmSFoqtv1xSWGeSRc95GvW05Ann3pC09P9WyX48gyiONFrR/OCEyZz z32iD3ir30tpKWFih+RUxhhKKr3/tmRAI6wXwQMqa3OS72F7GsG0zPSrfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPBosF14qmCr7UgvEoQ3K/zEjwggMB8GA1UdIwQY MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3 LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwvEdZ/kC 8eT43fyylNjPiucNBycB9mg/Bc+3b/vWblhspAOVcrhl0KrMb8SAHL5v1EuDmP++ nto1fzHO85EQ3iVuuXi3XvGOuADzP5GjA2X+Q13Mxo3Tou6fZASw8FJwxw7qIxDT V8CvoLQAFj2c/9ZkFt8fNRfRDvsGd+e8EJu806OuGSqfn/utqRI+B/kH0Ki6AL1J EtL1cln2dnOuQpxIUEVowOJDzCswPZGeRbVSe+pucMUjiuGPOS43rub8EnB50ZKr kZN4PJ2EB9gYI3OTO6WlZ1JzINcAfY59o85Ms+JPw4QVlkZT5Z07VZj+hl6/gK/J MkzLu7/3rNIkOw== -----END CERTIFICATE-----Generated at Mon Jan 26 05:38:48 2026 by rpki-client