This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft File: KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft (raw, json) Hash identifier: WBQHo+h4MMypHyePuRgHPZPDi2jNx1cXH+EySQwYrQU= Subject key identifier: 34:3C:B9:1A:D4:FC:72:03:1C:DE:45:7A:34:D8:8F:50:8A:6F:E2:EE Authority key identifier: 29:02:C9:9C:A7:32:C6:4A:19:C7:D9:73:4A:98:FB:24:E5:45:55:49 Certificate issuer: /CN=2902c99ca732c64a19c7d9734a98fb24e5455549 Certificate serial: 019BF876584D7FAB2D9AA80F0B08E61CFDF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft Manifest number: 1156 Signing time: Mon 26 Jan 2026 04:01:03 +0000 Manifest this update: Mon 26 Jan 2026 04:01:03 +0000 Manifest next update: Tue 27 Jan 2026 04:01:03 +0000 Files and hashes: 1: KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl (hash: P4NjbbPofczfymWtKCnvNIWlXrJCJrkcyJXTiF5qKR0=) 2: KT302nZV2Y2p4WDMTwVmIhKydvc.roa (hash: RA/+n+j+c+JYu9hIIUbQQ1FyM1sNRqfioO7K+YA4lYo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f8:76:58:4d:7f:ab:2d:9a:a8:0f:0b:08:e6:1c:fd:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2902c99ca732c64a19c7d9734a98fb24e5455549 Validity Not Before: Jan 26 04:01:03 2026 GMT Not After : Jan 27 04:01:03 2026 GMT Subject: CN=343cb91ad4fc72031cde457a34d88f508a6fe2ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:40:ca:c1:86:5c:2d:38:d5:50:10:8f:bc:e9: c5:b8:85:79:c3:10:5a:13:63:e1:e2:18:b7:88:5c: 52:e0:c6:86:c2:3c:64:7b:5f:9f:28:c8:84:3f:91: 0b:84:53:38:d6:b0:de:08:46:cf:a7:5d:2c:f9:a6: 13:13:09:9d:d7:25:9b:7b:53:48:f6:dd:81:4b:bf: 33:22:91:75:4b:91:63:19:87:bf:0f:f7:1b:c3:1e: 67:9b:0e:bb:c2:70:06:c9:06:9e:97:72:54:c3:06: be:97:8b:39:54:f5:84:de:c8:a2:c3:2c:27:b5:72: a7:74:2b:68:25:0a:c4:b4:85:b6:11:1f:8c:79:32: d4:76:0a:68:8a:f6:ad:40:53:8d:0a:45:a8:4c:9e: 0a:a5:c1:1a:5b:b4:2d:8c:8e:da:c0:03:dd:c7:2c: c4:72:3f:0d:ba:c9:80:fa:cd:95:c0:10:ce:0b:76: 49:d1:cc:5f:24:a9:f5:3d:06:7e:1d:ba:0f:40:b8: 5e:77:e5:87:53:58:6b:50:3e:ae:09:f8:a0:aa:c5: 21:de:fc:76:e4:72:a3:2d:be:99:9d:e6:e7:0d:30: bc:70:34:3e:ec:20:c8:74:bd:4c:2d:ea:2a:93:e1: 99:37:44:22:1e:b0:fa:0c:f8:af:c8:ae:70:ad:08: 3b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:3C:B9:1A:D4:FC:72:03:1C:DE:45:7A:34:D8:8F:50:8A:6F:E2:EE X509v3 Authority Key Identifier: keyid:29:02:C9:9C:A7:32:C6:4A:19:C7:D9:73:4A:98:FB:24:E5:45:55:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:23:57:f5:e7:74:60:69:03:d5:af:36:6d:34:60:27:f7:1f: dd:3b:0c:0f:1e:4a:e5:f3:69:b3:02:a2:09:f1:f2:9a:f9:3a: 1c:28:c8:c7:13:53:a3:5d:33:09:6e:82:6b:a4:8c:70:a8:50: a4:de:31:ab:b2:33:0c:53:81:ab:56:89:83:c1:47:d7:03:2c: 54:7a:d2:da:e6:16:1f:56:81:4e:12:1b:95:d3:2c:30:3f:e9: 2e:40:ca:74:bd:d2:5c:1b:75:ac:bf:e9:1d:ae:de:9f:20:8b: 9a:e1:83:bd:68:09:85:99:e4:74:0c:ae:66:f4:e8:fc:fb:cd: 79:4e:19:01:ae:4a:da:43:c0:43:7b:23:13:83:d1:f4:96:ec: a7:03:67:53:07:67:e5:01:16:88:9a:d3:6d:c1:3b:04:64:8f: 49:d4:ea:af:50:59:a7:3c:24:89:c0:31:e2:c3:4d:67:33:8b: 37:be:14:d2:3b:cc:cf:3f:52:15:69:32:a1:cb:67:b1:78:ac: bc:86:ba:10:83:f6:02:a3:8b:26:8b:8c:1a:94:44:f2:e3:15: e7:fe:4b:9a:64:b8:af:fa:1a:b3:f2:bc:c8:2a:ff:72:e7:f8: 2f:a5:81:42:9d:3f:0b:db:43:72:f7:1a:90:e5:67:17:19:c6: 76:d3:42:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv4dlhNf6stmqgPCwjmHP3yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDJjOTljYTczMmM2NGExOWM3ZDk3MzRhOThmYjI0ZTU0 NTU1NDkwHhcNMjYwMTI2MDQwMTAzWhcNMjYwMTI3MDQwMTAzWjAzMTEwLwYDVQQD EygzNDNjYjkxYWQ0ZmM3MjAzMWNkZTQ1N2EzNGQ4OGY1MDhhNmZlMmVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUDKwYZcLTjVUBCPvOnFuIV5wxBa E2Ph4hi3iFxS4MaGwjxke1+fKMiEP5ELhFM41rDeCEbPp10s+aYTEwmd1yWbe1NI 9t2BS78zIpF1S5FjGYe/D/cbwx5nmw67wnAGyQael3JUwwa+l4s5VPWE3siiwywn tXKndCtoJQrEtIW2ER+MeTLUdgpoivatQFONCkWoTJ4KpcEaW7QtjI7awAPdxyzE cj8NusmA+s2VwBDOC3ZJ0cxfJKn1PQZ+HboPQLhed+WHU1hrUD6uCfigqsUh3vx2 5HKjLb6ZnebnDTC8cDQ+7CDIdL1MLeoqk+GZN0QiHrD6DPivyK5wrQg7IQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQ8uRrU/HIDHN5FejTYj1CKb+LuMB8GA1UdIwQY MBaAFCkCyZynMsZKGcfZc0qY+yTlRVVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NGNhMjQtNmU1Ni00N2QzLWE0Mjkt YjY0OWE1NzhmODljLzEvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi81NGNhMjQtNmU1Ni00N2QzLWE0MjktYjY0OWE1NzhmODlj LzEvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyNX9ed0 YGkD1a82bTRgJ/cf3TsMDx5K5fNpswKiCfHymvk6HCjIxxNTo10zCW6Ca6SMcKhQ pN4xq7IzDFOBq1aJg8FH1wMsVHrS2uYWH1aBThIbldMsMD/pLkDKdL3SXBt1rL/p Ha7enyCLmuGDvWgJhZnkdAyuZvTo/PvNeU4ZAa5K2kPAQ3sjE4PR9JbspwNnUwdn 5QEWiJrTbcE7BGSPSdTqr1BZpzwkicAx4sNNZzOLN74U0jvMzz9SFWkyoctnsXis vIa6EIP2AqOLJouMGpRE8uMV5/5LmmS4r/oas/K8yCr/cuf4L6WBQp0/C9tDcvca kOVnFxnGdtNCAA== -----END CERTIFICATE-----Generated at Mon Jan 26 15:05:25 2026 by rpki-client