This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: OYhCVZAYq0QBE83PVc3j/tGOPpvck3EKLzmFi95+OVM= Subject key identifier: BC:F8:34:B2:FD:A4:2B:2C:B5:C2:E1:32:86:6E:35:67:F2:CE:67:A8 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019C0E5962965DEC1B6FC3C72519AA9DAE96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 130E Signing time: Fri 30 Jan 2026 10:01:04 +0000 Manifest this update: Fri 30 Jan 2026 10:01:04 +0000 Manifest next update: Sat 31 Jan 2026 10:01:04 +0000 Files and hashes: 1: 9ThI9Z7soYxz8aK7SxBvxoPEOX4.roa (hash: 2FCnysFwLOl4zVeb97SHJ1QvBKVL+gw4QmS3UAORjFk=) 2: BsMfnzrxddpnmFQ8FtiqLN4hIRw.roa (hash: GbFN7H89aII0f8FiIff5RGaJGPYoV9OOEoYuPkHE93c=) 3: C67-QabxkPaVhoCKelfc7gJ1hK8.roa (hash: 0WW6NyrxV5VH4o1lj6kLTZOdEKPeDBs7ouwPQd+hBHw=) 4: F9-SxyIQIDP0T_L82XSaWh-dz-8.roa (hash: xq0esTvybmQE92rRBw7ldOk97wFXJ2Dn8bPKN1sbBN4=) 5: GXCfAVmuuL63Oe4dOVqYkc3Wuzg.roa (hash: L3MDEpVumA01FdWvikqD5sE8kkEXPwKtDKdz6KqfMnQ=) 6: INXyDuwAPEqy1wE9aqdsndRieZ4.roa (hash: C+DYGdKOJ0zyzigGQJD1Dwmeg7946X6g5JoRPeQvr9s=) 7: WNwct_JeSUw9EGnGt5EMmHO1qnA.roa (hash: 8JESbBJVZwKNLtuuBYLAyN1yjWX+0RJfMcx4iiDnUQ0=) 8: aOPciO2i4pfhYNx8M-BLAat6K88.roa (hash: 23mtM/XEA4F6fUISXd4S0ZErct8gDmnUbBNFqEeBNOc=) 9: br-MdcUGAgIJZ2jokAIrGgvBgVg.roa (hash: nAJrJwXFm0eNNJbUiUMkYMOpV3Mo7gqR8CqVePMN9SA=) 10: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: 3+BeIwuudvg4O9KRJcvijUralINmJUT6WlRnLdEilT8=) 11: qoJxh9RoMci9r1884qksasXONeQ.roa (hash: b1P5hF2MWBN0Il3GucTyqyanvw/mWve+jbkBZTYW4xQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:0e:59:62:96:5d:ec:1b:6f:c3:c7:25:19:aa:9d:ae:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Jan 30 10:01:04 2026 GMT Not After : Jan 31 10:01:04 2026 GMT Subject: CN=bcf834b2fda42b2cb5c2e132866e3567f2ce67a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8a:c9:e0:c9:b0:7a:15:ff:6f:ac:cc:d6:77: 29:93:3f:12:25:3b:c1:9a:c8:a6:c8:e0:03:76:dd: c9:63:27:39:11:55:03:fd:57:1a:37:95:6b:f1:ca: ac:1b:e1:96:72:00:e5:59:a0:d4:16:0a:f8:7c:27: c2:98:39:6a:88:14:64:75:1c:e8:ec:17:37:76:66: f5:53:80:72:07:51:9c:0a:fb:b5:75:c6:90:48:f6: d0:6d:99:e4:1a:5c:08:4e:fc:86:f3:e5:8f:ff:e7: 12:4d:0e:78:9a:8b:cd:91:33:ef:4c:9d:be:19:17: bd:c8:15:13:a8:a7:51:d4:4b:bc:95:df:b8:27:f1: ae:93:90:5e:31:2f:8c:c9:13:ab:ee:21:08:ec:7a: 48:18:6f:93:a0:71:ce:9e:24:a6:b5:5b:e7:f4:a6: d5:e1:0f:3c:c6:fa:da:79:9c:23:72:10:56:91:f5: 1f:ef:f7:02:ce:0f:c7:d1:1f:81:8e:a8:c0:a5:16: b8:8c:91:d3:1f:e9:cc:f7:f8:91:35:91:37:7c:7a: e6:72:71:a9:58:38:df:1c:f3:7c:7d:d1:06:88:c7: 56:2b:3b:3d:b9:e6:e8:f5:e1:35:00:d2:0f:dc:0b: 13:28:7e:27:b0:a3:65:00:14:10:ec:2f:c2:f7:a4: 18:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:F8:34:B2:FD:A4:2B:2C:B5:C2:E1:32:86:6E:35:67:F2:CE:67:A8 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:54:bc:9d:4b:53:b6:5e:b4:64:28:9c:9e:f1:c1:fb:00:cc: 5d:34:db:98:c2:25:f1:54:23:c4:88:5f:24:57:83:b8:83:03: f1:35:4a:83:d7:73:81:20:24:b8:7a:c0:5b:05:75:70:e4:f7: 72:9f:09:68:09:a4:5b:09:89:0b:6a:75:58:e8:0b:f2:05:56: 92:50:c8:e5:29:48:48:6a:90:67:39:df:47:0a:82:f2:a4:59: a0:38:7e:f5:04:3e:d9:6f:71:c8:07:65:e5:c1:dc:8b:29:4d: b0:61:8a:32:cb:83:1e:07:d5:19:dd:18:90:66:db:4c:73:c0: 45:23:e1:1d:87:02:44:e3:65:79:8e:fa:8f:d4:40:95:73:82: a9:48:fc:03:08:28:bd:c0:2e:42:33:dd:65:44:e4:58:57:76: ac:11:6d:1d:c0:1b:cb:52:dd:21:7c:07:41:8a:09:38:13:e3: 9b:c1:c6:bc:53:70:d0:64:2f:5c:b9:2b:b3:a5:13:5c:2c:35: b8:28:cb:4f:60:1d:ab:4a:f7:a8:6b:5d:e5:e7:d0:e3:c7:6d: af:9a:78:c5:45:4e:ca:b5:1d:80:e2:fa:05:47:5b:d7:3b:41: d1:a0:f0:a2:db:d9:a0:06:52:6b:ca:16:2b:23:2c:75:30:21: a2:17:e7:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwOWWKWXewbb8PHJRmqna6WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjYwMTMwMTAwMTA0WhcNMjYwMTMxMTAwMTA0WjAzMTEwLwYDVQQD EyhiY2Y4MzRiMmZkYTQyYjJjYjVjMmUxMzI4NjZlMzU2N2YyY2U2N2E4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuorJ4MmwehX/b6zM1ncpkz8SJTvB msimyOADdt3JYyc5EVUD/VcaN5Vr8cqsG+GWcgDlWaDUFgr4fCfCmDlqiBRkdRzo 7Bc3dmb1U4ByB1GcCvu1dcaQSPbQbZnkGlwITvyG8+WP/+cSTQ54movNkTPvTJ2+ GRe9yBUTqKdR1Eu8ld+4J/Guk5BeMS+MyROr7iEI7HpIGG+ToHHOniSmtVvn9KbV 4Q88xvraeZwjchBWkfUf7/cCzg/H0R+BjqjApRa4jJHTH+nM9/iRNZE3fHrmcnGp WDjfHPN8fdEGiMdWKzs9uebo9eE1ANIP3AsTKH4nsKNlABQQ7C/C96QY7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLz4NLL9pCsstcLhMoZuNWfyzmeoMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVS8nUtT tl60ZCicnvHB+wDMXTTbmMIl8VQjxIhfJFeDuIMD8TVKg9dzgSAkuHrAWwV1cOT3 cp8JaAmkWwmJC2p1WOgL8gVWklDI5SlISGqQZznfRwqC8qRZoDh+9QQ+2W9xyAdl 5cHciylNsGGKMsuDHgfVGd0YkGbbTHPARSPhHYcCRONleY76j9RAlXOCqUj8Awgo vcAuQjPdZUTkWFd2rBFtHcAby1LdIXwHQYoJOBPjm8HGvFNw0GQvXLkrs6UTXCw1 uCjLT2Adq0r3qGtd5efQ48dtr5p4xUVOyrUdgOL6BUdb1ztB0aDwotvZoAZSa8oW KyMsdTAhohfniw== -----END CERTIFICATE-----Generated at Fri Jan 30 15:29:34 2026 by rpki-client