This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft File: KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json) Hash identifier: NEiSoLEC76PTqqytmilRu33ij37pP27LM2gMl2r++tU= Subject key identifier: 6A:BA:D5:EA:B6:41:85:A3:A9:DA:11:2C:FC:39:CB:6D:73:8C:D8:16 Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39 Certificate issuer: /CN=29b1210ec9105c717d098f9f0d00d9dea2322539 Certificate serial: 019C41A249E763765AA43DA1542E2E410423 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft Manifest number: 14E1 Signing time: Mon 09 Feb 2026 09:01:20 +0000 Manifest this update: Mon 09 Feb 2026 09:01:20 +0000 Manifest next update: Tue 10 Feb 2026 09:01:20 +0000 Files and hashes: 1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: rBPnLmnI3FIfxeo1YNdz1iBtdmKRuHOOYxh62uw1BEc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a2:49:e7:63:76:5a:a4:3d:a1:54:2e:2e:41:04:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539 Validity Not Before: Feb 9 09:01:20 2026 GMT Not After : Feb 10 09:01:20 2026 GMT Subject: CN=6abad5eab64185a3a9da112cfc39cb6d738cd816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:86:2b:a0:a9:a0:9d:93:c4:44:a9:34:82:21: 28:ce:22:3c:0d:6f:2e:30:40:92:b8:4e:ff:3d:64: b5:cb:f3:01:12:96:ab:6f:b6:01:c2:93:57:5c:56: 39:30:35:47:2d:03:60:57:5c:20:0a:70:4f:65:7b: 58:6a:ac:35:7d:a3:73:0d:70:46:82:01:c0:12:47: 6e:8b:fd:5c:3b:12:02:54:8c:63:3f:82:e5:0f:59: a4:a9:51:a2:93:f9:63:a5:32:4e:01:6c:1e:c0:8c: ab:8a:d4:74:9e:6d:64:15:5c:fe:b7:55:95:8e:23: ab:d4:3d:b6:2b:01:fa:93:0f:b4:8e:ab:0c:7d:31: 57:55:76:e7:34:5b:0e:d1:3f:fd:d2:cd:cc:04:c2: 42:3f:8e:2e:51:fe:cb:09:a8:ef:ef:4a:58:d7:6c: b7:ee:f8:f1:16:7d:c1:ae:25:ca:25:05:a4:5a:8c: 9a:d3:54:6d:fc:2a:34:59:d4:67:79:df:f6:86:a4: 40:db:6f:24:c3:b0:1c:1e:3f:f9:8b:30:df:f0:b1: aa:0f:e6:4b:ad:81:02:be:2a:97:fc:a1:e0:ee:10: bc:dc:2e:e2:51:87:7e:ac:79:68:b2:f4:f8:b9:8e: 75:5e:c7:66:7e:7f:a1:16:70:a7:31:29:46:65:75: 0b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:BA:D5:EA:B6:41:85:A3:A9:DA:11:2C:FC:39:CB:6D:73:8C:D8:16 X509v3 Authority Key Identifier: keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:ae:f1:37:fc:13:1f:41:ca:2c:e6:5d:2e:8b:ce:d3:69:d3: 65:ce:f7:5f:0e:e7:df:0c:f4:da:eb:19:21:88:c3:4d:b8:4f: 16:33:c7:b3:dd:a5:b3:a4:07:81:67:89:73:c2:64:eb:82:5e: 9c:cd:e1:45:e0:51:1a:7b:2c:e6:94:be:a4:9b:95:39:eb:c3: 4d:be:af:fd:27:af:b0:c7:e2:18:6f:18:8f:33:e7:36:11:92: eb:0c:07:d4:66:c2:8a:09:4a:c2:99:27:6a:9a:5a:6c:49:3f: f3:b1:05:eb:77:fb:f4:8e:c5:dc:86:bd:74:0a:80:34:6d:74: 12:4b:01:4d:80:68:f2:42:7b:53:6c:cf:f7:91:ae:e7:e5:f4: aa:f8:b7:30:02:44:ca:c3:17:8f:d4:44:3f:2f:d9:1a:79:71: 4a:13:2b:15:54:eb:1f:d9:4a:e2:f0:e3:84:43:7e:1d:18:67: 32:35:46:9a:89:8e:bf:3d:8e:0f:d0:10:c9:aa:eb:0c:63:c8: 47:29:24:af:50:30:fe:5b:d1:bb:80:bb:6d:5f:27:22:4c:34: 95:12:45:6c:57:65:56:6a:1f:f3:57:65:cc:2b:29:76:8e:88: e1:f6:39:bf:0f:2e:f2:eb:70:4e:f6:4a:b1:dc:8a:71:1f:1b: ec:e9:69:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBoknnY3ZapD2hVC4uQQQjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz MjI1MzkwHhcNMjYwMjA5MDkwMTIwWhcNMjYwMjEwMDkwMTIwWjAzMTEwLwYDVQQD Eyg2YWJhZDVlYWI2NDE4NWEzYTlkYTExMmNmYzM5Y2I2ZDczOGNkODE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoYroKmgnZPERKk0giEoziI8DW8u MECSuE7/PWS1y/MBEparb7YBwpNXXFY5MDVHLQNgV1wgCnBPZXtYaqw1faNzDXBG ggHAEkdui/1cOxICVIxjP4LlD1mkqVGik/ljpTJOAWwewIyritR0nm1kFVz+t1WV jiOr1D22KwH6kw+0jqsMfTFXVXbnNFsO0T/90s3MBMJCP44uUf7LCajv70pY12y3 7vjxFn3BriXKJQWkWoya01Rt/Co0WdRned/2hqRA228kw7AcHj/5izDf8LGqD+ZL rYECviqX/KHg7hC83C7iUYd+rHlosvT4uY51Xsdmfn+hFnCnMSlGZXUL5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGq61eq2QYWjqdoRLPw5y21zjNgWMB8GA1UdIwQY MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1 LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEa7xN/wT H0HKLOZdLovO02nTZc73Xw7n3wz02usZIYjDTbhPFjPHs92ls6QHgWeJc8Jk64Je nM3hReBRGnss5pS+pJuVOevDTb6v/SevsMfiGG8YjzPnNhGS6wwH1GbCiglKwpkn appabEk/87EF63f79I7F3Ia9dAqANG10EksBTYBo8kJ7U2zP95Gu5+X0qvi3MAJE ysMXj9REPy/ZGnlxShMrFVTrH9lK4vDjhEN+HRhnMjVGmomOvz2OD9AQyarrDGPI Rykkr1Aw/lvRu4C7bV8nIkw0lRJFbFdlVmof81dlzCspdo6I4fY5vw8u8utwTvZK sdyKcR8b7Olp4g== -----END CERTIFICATE-----Generated at Mon Feb 9 18:48:03 2026 by rpki-client