This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft File: KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json) Hash identifier: IwNvlBQXtpAijBUuF30p8f0F7Z1zQpt8dEd8zn5FnhQ= Subject key identifier: 64:37:DB:56:B6:1F:F5:33:EA:3C:BD:41:37:B3:5C:B4:AB:1D:A0:3C Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41 Certificate issuer: /CN=287f7b268f36d9315895d3b208377310719a9d41 Certificate serial: 019C420FE6350C02BB64A0E23165CBF56C98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft Manifest number: 0F68 Signing time: Mon 09 Feb 2026 11:01:04 +0000 Manifest this update: Mon 09 Feb 2026 11:01:04 +0000 Manifest next update: Tue 10 Feb 2026 11:01:04 +0000 Files and hashes: 1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: r0u0Xla0R5p4vUw4C8kuAMHdO1LaYzXs7FewORP5Tf4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:e6:35:0c:02:bb:64:a0:e2:31:65:cb:f5:6c:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41 Validity Not Before: Feb 9 11:01:04 2026 GMT Not After : Feb 10 11:01:04 2026 GMT Subject: CN=6437db56b61ff533ea3cbd4137b35cb4ab1da03c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2a:36:88:8b:99:38:ff:a6:94:58:29:97:55: 46:3a:bf:a0:a9:85:2f:f1:c0:6b:0d:e6:4b:27:67: 9b:2a:8c:2b:50:04:6c:a3:40:3a:48:eb:4a:70:64: 9e:4b:eb:f8:6c:03:4c:49:96:67:95:53:43:2a:5d: 49:58:d7:27:79:ad:f2:eb:2c:76:4b:56:f4:ec:da: 10:01:f4:52:af:4c:19:53:77:c2:b6:f6:58:22:a9: e8:9a:34:39:18:28:46:53:17:30:f6:89:a6:4a:f1: cc:5d:7c:76:80:80:d8:8f:66:d0:06:95:93:6c:bb: 48:aa:40:f1:f4:30:8c:b3:fa:4f:ab:24:4e:18:dc: 45:b4:e6:37:d7:bf:0f:f2:56:d7:50:07:d9:7d:ed: 28:80:24:45:e3:c7:7b:fa:cb:32:8a:0c:53:d3:ec: 0e:24:f9:cc:47:86:c2:af:e4:8f:e4:5f:75:90:19: 29:8a:f6:73:83:22:86:07:9a:90:ed:df:b4:eb:af: 2e:60:5c:60:06:7a:4a:9a:c8:81:7c:cc:76:a1:0a: 28:73:5e:b9:fc:31:ce:4e:8a:fd:8c:81:45:71:d2: 1b:3c:a1:7f:c5:59:86:a4:81:ce:12:f6:af:68:a8: 2e:17:d3:a7:ac:8e:4b:46:48:e1:bb:b5:78:f5:5d: 70:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:37:DB:56:B6:1F:F5:33:EA:3C:BD:41:37:B3:5C:B4:AB:1D:A0:3C X509v3 Authority Key Identifier: keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:1b:66:1e:a3:9d:5c:82:6d:b4:7e:8a:c2:62:24:18:75:3c: 24:c7:a3:8f:97:05:2d:cc:33:56:85:b2:d8:9b:ec:a8:3a:8d: 20:52:ec:35:60:16:cc:e9:1d:ee:1a:79:1b:d8:11:84:d1:b2: 93:5b:66:0d:3d:ec:dd:56:50:18:84:cb:b8:fa:a0:4d:83:18: a9:3f:e3:a6:07:8d:6f:9a:08:dc:ed:79:27:52:6a:af:dd:a4: b4:0e:4b:0b:28:9b:c9:7f:8b:93:4d:c2:2a:58:13:05:aa:cd: 66:92:48:69:47:ee:3f:e0:ed:21:7b:de:75:2f:bd:1b:88:67: c1:44:9f:eb:be:a7:a1:e9:ae:46:b3:cc:2b:b4:6f:e3:80:c8: 03:a1:7f:0e:18:c0:fe:81:2e:a4:dc:3d:8b:6d:d4:85:cc:49: 13:73:53:ea:5e:aa:8c:40:87:76:ab:41:4d:d0:a5:60:c3:ff: 31:a8:47:c1:38:e3:a0:0a:c7:45:65:e5:02:6e:7a:7d:1a:69: 74:83:1d:8e:41:f6:4e:70:62:c3:ec:ea:ed:40:fc:3d:a0:a4: 92:2d:d9:c8:85:46:58:d1:5b:71:6a:08:b5:82:e2:c6:ff:2a: 72:7b:ee:71:fa:55:d3:0c:ee:20:51:9e:96:76:29:ea:3c:24: 43:a3:0c:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD+Y1DAK7ZKDiMWXL9WyYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5 YTlkNDEwHhcNMjYwMjA5MTEwMTA0WhcNMjYwMjEwMTEwMTA0WjAzMTEwLwYDVQQD Eyg2NDM3ZGI1NmI2MWZmNTMzZWEzY2JkNDEzN2IzNWNiNGFiMWRhMDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCo2iIuZOP+mlFgpl1VGOr+gqYUv 8cBrDeZLJ2ebKowrUARso0A6SOtKcGSeS+v4bANMSZZnlVNDKl1JWNcnea3y6yx2 S1b07NoQAfRSr0wZU3fCtvZYIqnomjQ5GChGUxcw9ommSvHMXXx2gIDYj2bQBpWT bLtIqkDx9DCMs/pPqyROGNxFtOY3178P8lbXUAfZfe0ogCRF48d7+ssyigxT0+wO JPnMR4bCr+SP5F91kBkpivZzgyKGB5qQ7d+0668uYFxgBnpKmsiBfMx2oQooc165 /DHOTor9jIFFcdIbPKF/xVmGpIHOEvavaKguF9OnrI5LRkjhu7V49V1wPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGQ321a2H/Uz6jy9QTezXLSrHaA8MB8GA1UdIwQY MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1 LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxtmHqOd XIJttH6KwmIkGHU8JMejj5cFLcwzVoWy2JvsqDqNIFLsNWAWzOkd7hp5G9gRhNGy k1tmDT3s3VZQGITLuPqgTYMYqT/jpgeNb5oI3O15J1Jqr92ktA5LCyibyX+Lk03C KlgTBarNZpJIaUfuP+DtIXvedS+9G4hnwUSf676noemuRrPMK7Rv44DIA6F/DhjA /oEupNw9i23UhcxJE3NT6l6qjECHdqtBTdClYMP/MahHwTjjoArHRWXlAm56fRpp dIMdjkH2TnBiw+zq7UD8PaCkki3ZyIVGWNFbcWoItYLixv8qcnvucfpV0wzuIFGe lnYp6jwkQ6MMZQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:09:17 2026 by rpki-client