This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json) Hash identifier: Kvj0b+dMARr1IVIQA431XhKvMuIqfo0T3iexDWRrAmM= Subject key identifier: 48:FF:41:FC:40:82:E2:1C:39:D1:3F:93:DA:8D:B7:14:CF:05:12:95 Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5 Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5 Certificate serial: 019C4434B2162C4F68CF050924E792EF5469 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft Manifest number: 0457 Signing time: Mon 09 Feb 2026 21:00:29 +0000 Manifest this update: Mon 09 Feb 2026 21:00:29 +0000 Manifest next update: Tue 10 Feb 2026 21:00:29 +0000 Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: 39maDvMM6DZ+Uv4gkh03mXwtz9tvVC3bIamPu087kFk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:34:b2:16:2c:4f:68:cf:05:09:24:e7:92:ef:54:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5 Validity Not Before: Feb 9 21:00:29 2026 GMT Not After : Feb 10 21:00:29 2026 GMT Subject: CN=48ff41fc4082e21c39d13f93da8db714cf051295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:46:93:f0:8d:56:25:66:15:9e:53:fd:00:aa: 77:d9:4f:c0:1f:8a:36:b1:3c:62:e4:6c:2e:1c:71: 5e:db:d7:2d:1c:95:03:8a:a2:21:b7:69:8b:08:9d: d2:a7:1c:56:82:cc:76:b0:1c:d7:03:63:d4:e8:42: ca:ff:a2:49:60:41:4b:69:6f:58:f2:a2:76:1e:f0: 7c:3b:12:6a:10:f4:67:ce:09:7c:88:b3:5c:85:43: 92:61:25:e7:8b:27:ec:7e:2a:8c:92:33:6e:7b:85: 45:8e:d3:b5:49:7e:92:25:3d:7f:48:16:7e:ec:9b: 2e:e4:3d:2b:25:57:57:5b:f9:64:2c:55:1f:1b:30: db:23:43:5a:2f:d2:e1:1b:b4:b3:fe:fe:c8:2d:6c: fa:c9:09:4c:8c:3e:49:f8:9b:40:fa:f8:cd:a6:bf: bb:2c:84:4d:eb:18:c9:24:28:d3:12:8e:60:44:6e: e4:4e:97:86:fb:64:c3:29:9c:42:88:3c:53:40:d5: 63:ed:c5:0a:c7:9f:b4:1f:69:8a:12:da:9e:df:2c: 95:bd:41:8c:56:a5:a0:e4:c9:01:66:25:74:57:f8: 45:d4:4b:48:9b:d0:6b:7b:18:9e:9d:f6:b3:68:fd: 5d:1b:17:66:17:c6:0d:7c:03:0d:02:bb:6b:27:a2: 9a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:FF:41:FC:40:82:E2:1C:39:D1:3F:93:DA:8D:B7:14:CF:05:12:95 X509v3 Authority Key Identifier: keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:cc:bc:ce:3f:04:83:5b:da:4c:16:25:dc:4b:42:60:e0:47: 70:5d:77:a4:c5:8f:dd:5c:6c:55:b4:5f:41:85:76:39:87:41: 58:3a:ad:30:d3:ec:29:5d:fd:94:ff:60:23:2a:60:52:df:51: f1:11:0c:cd:a3:b9:92:20:6f:e9:60:aa:a7:a6:92:0a:64:e7: f8:92:78:d7:41:d4:dc:1d:1d:f7:5f:3b:99:76:3b:e9:72:d6: a7:af:d1:07:52:86:e9:04:e5:d0:76:da:93:ed:d9:6d:2c:dd: 7e:d4:54:8a:2a:a4:87:ea:9f:1c:48:5d:91:a9:1f:f7:ed:44: 31:c5:20:13:8a:d1:96:5a:ee:c9:c5:af:89:7b:ab:f0:a0:77: d1:2f:b9:69:c3:83:38:27:d8:be:19:69:13:08:22:97:0f:a8: 17:ae:af:59:15:91:f8:15:70:d7:84:ef:28:8a:48:0e:f8:38: be:af:03:75:33:de:4e:a6:dc:d4:ff:e9:68:85:59:83:cc:30: 47:c8:92:ab:df:23:0f:9d:3b:7e:47:29:a2:15:f2:fc:61:6e: 31:a2:ea:d2:06:56:bb:8f:7c:f7:6b:42:e0:60:d4:0b:1f:5f: 59:f7:8f:4f:30:aa:e3:f3:dd:3c:ce:73:f3:c6:f4:39:30:51: b0:cb:85:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxENLIWLE9ozwUJJOeS71RpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy NGY1ZTUwHhcNMjYwMjA5MjEwMDI5WhcNMjYwMjEwMjEwMDI5WjAzMTEwLwYDVQQD Eyg0OGZmNDFmYzQwODJlMjFjMzlkMTNmOTNkYThkYjcxNGNmMDUxMjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UaT8I1WJWYVnlP9AKp32U/AH4o2 sTxi5GwuHHFe29ctHJUDiqIht2mLCJ3SpxxWgsx2sBzXA2PU6ELK/6JJYEFLaW9Y 8qJ2HvB8OxJqEPRnzgl8iLNchUOSYSXniyfsfiqMkjNue4VFjtO1SX6SJT1/SBZ+ 7Jsu5D0rJVdXW/lkLFUfGzDbI0NaL9LhG7Sz/v7ILWz6yQlMjD5J+JtA+vjNpr+7 LIRN6xjJJCjTEo5gRG7kTpeG+2TDKZxCiDxTQNVj7cUKx5+0H2mKEtqe3yyVvUGM VqWg5MkBZiV0V/hF1EtIm9BrexienfazaP1dGxdmF8YNfAMNArtrJ6KaWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEj/QfxAguIcOdE/k9qNtxTPBRKVMB8GA1UdIwQY MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZsy8zj8E g1vaTBYl3EtCYOBHcF13pMWP3VxsVbRfQYV2OYdBWDqtMNPsKV39lP9gIypgUt9R 8REMzaO5kiBv6WCqp6aSCmTn+JJ410HU3B0d9187mXY76XLWp6/RB1KG6QTl0Hba k+3ZbSzdftRUiiqkh+qfHEhdkakf9+1EMcUgE4rRllruycWviXur8KB30S+5acOD OCfYvhlpEwgilw+oF66vWRWR+BVw14TvKIpIDvg4vq8DdTPeTqbc1P/paIVZg8ww R8iSq98jD507fkcpohXy/GFuMaLq0gZWu49892tC4GDUCx9fWfePTzCq4/PdPM5z 88b0OTBRsMuF7g== -----END CERTIFICATE-----Generated at Tue Feb 10 00:16:01 2026 by rpki-client