This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft File: kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json) Hash identifier: BkBw1QtChWm+A3b76b+3Tq6+4+ZinOgk05LXMDxT32o= Subject key identifier: 26:FC:07:03:8C:36:76:BB:69:DF:A4:72:BA:4B:15:1A:12:2A:49:08 Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 Certificate issuer: /CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Certificate serial: 019C432252A1D0CF255E00D37AEFB0D5332A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft Manifest number: 0722 Signing time: Mon 09 Feb 2026 16:00:48 +0000 Manifest this update: Mon 09 Feb 2026 16:00:48 +0000 Manifest next update: Tue 10 Feb 2026 16:00:48 +0000 Files and hashes: 1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: H4o1rwAxu2zGNPMJ5jzR7Vie8GhxRDX7uSNT8LwZ7T0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:52:a1:d0:cf:25:5e:00:d3:7a:ef:b0:d5:33:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Validity Not Before: Feb 9 16:00:48 2026 GMT Not After : Feb 10 16:00:48 2026 GMT Subject: CN=26fc07038c3676bb69dfa472ba4b151a122a4908 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b3:7e:35:bd:03:89:95:29:f1:4e:52:8d:47: f5:e2:6b:3a:f8:5f:da:bc:90:33:64:8a:33:18:3b: 5a:01:bd:d4:16:77:f1:99:e3:80:08:2b:d5:7b:6e: ad:b5:f6:17:5a:53:29:7c:89:a6:fb:19:9b:21:96: 75:d5:c2:33:90:5c:53:a0:71:cf:fe:8d:bb:8d:df: 18:6b:36:4b:22:5a:0d:68:63:fa:61:fd:da:96:2b: 98:b7:4b:57:a8:8e:33:b4:30:89:59:77:d5:9e:14: 87:3f:77:0e:96:4a:70:cc:42:96:1e:ce:80:a8:00: 31:27:08:82:61:d5:ce:47:39:3a:8d:2b:bd:20:17: d1:20:6c:22:17:b4:8c:c8:35:f8:22:ad:d1:42:d0: 1f:db:16:3b:7a:85:ad:55:94:a9:e4:6b:24:f9:cc: 77:46:1a:46:ca:3d:bc:63:8a:63:60:40:a2:72:58: fc:c4:62:40:3c:a5:96:ab:8b:5b:54:f8:7f:c4:00: 1b:9a:a3:e9:8c:64:38:65:e7:28:df:64:b9:d8:ec: 5e:b1:6f:5b:ff:81:ce:55:72:68:a3:8d:84:fe:d3: 05:23:fb:32:ae:83:2e:1b:5c:8d:5a:0b:ed:06:78: 81:45:a0:c6:b5:7c:43:1e:2b:0d:97:d0:d7:38:0f: 2c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:FC:07:03:8C:36:76:BB:69:DF:A4:72:BA:4B:15:1A:12:2A:49:08 X509v3 Authority Key Identifier: keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:14:99:8d:43:2b:84:83:f4:8d:29:8e:7f:b8:cf:28:4b:59: 3d:e3:46:6a:da:f5:a3:e7:af:70:d9:8c:1a:c3:1b:1a:cb:70: 1e:da:41:1c:de:a9:f6:bf:aa:9c:ca:2c:da:ae:99:e5:19:3d: 46:99:2b:4b:86:7e:4e:78:e4:dc:bc:87:ae:d1:20:94:ce:21: bc:2a:d5:f3:1d:f9:80:b8:bb:e9:e1:4c:2e:dc:34:39:7b:35: 61:0d:78:33:e6:ff:6a:86:a4:25:53:57:8f:bf:a4:05:4a:09: 2d:30:aa:e2:07:2c:1b:a2:17:38:fb:95:86:30:25:7f:5b:a7: 4c:4a:13:51:9d:eb:be:4a:ab:b2:94:63:5d:db:f7:6a:13:2d: ad:b9:6f:09:97:7a:20:1f:4f:75:6b:ad:be:b0:8a:1d:5d:f6: 2d:99:92:7e:f4:32:9b:f0:e8:f2:b9:51:75:b6:8d:60:90:40: 5a:12:79:cf:56:5d:ee:4d:66:dd:15:57:f4:01:84:95:1f:92: fd:f6:3d:6b:37:dc:8f:1a:2a:39:ea:83:ba:26:6b:ed:b4:79: 67:39:50:0e:5c:7a:e8:7c:04:4b:b9:ce:66:38:52:b1:3e:90: 02:fd:9f:7a:00:b1:a2:bb:66:f4:86:55:4b:81:06:01:e4:d5: 3f:35:05:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIlKh0M8lXgDTeu+w1TMqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh YTA4YjEwHhcNMjYwMjA5MTYwMDQ4WhcNMjYwMjEwMTYwMDQ4WjAzMTEwLwYDVQQD EygyNmZjMDcwMzhjMzY3NmJiNjlkZmE0NzJiYTRiMTUxYTEyMmE0OTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLN+Nb0DiZUp8U5SjUf14ms6+F/a vJAzZIozGDtaAb3UFnfxmeOACCvVe26ttfYXWlMpfImm+xmbIZZ11cIzkFxToHHP /o27jd8YazZLIloNaGP6Yf3aliuYt0tXqI4ztDCJWXfVnhSHP3cOlkpwzEKWHs6A qAAxJwiCYdXORzk6jSu9IBfRIGwiF7SMyDX4Iq3RQtAf2xY7eoWtVZSp5Gsk+cx3 RhpGyj28Y4pjYECiclj8xGJAPKWWq4tbVPh/xAAbmqPpjGQ4Zeco32S52OxesW9b /4HOVXJoo42E/tMFI/syroMuG1yNWgvtBniBRaDGtXxDHisNl9DXOA8sLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCb8BwOMNna7ad+kcrpLFRoSKkkIMB8GA1UdIwQY MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0 LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBSZjUMr hIP0jSmOf7jPKEtZPeNGatr1o+evcNmMGsMbGstwHtpBHN6p9r+qnMos2q6Z5Rk9 RpkrS4Z+Tnjk3LyHrtEglM4hvCrV8x35gLi76eFMLtw0OXs1YQ14M+b/aoakJVNX j7+kBUoJLTCq4gcsG6IXOPuVhjAlf1unTEoTUZ3rvkqrspRjXdv3ahMtrblvCZd6 IB9PdWutvrCKHV32LZmSfvQym/Do8rlRdbaNYJBAWhJ5z1Zd7k1m3RVX9AGElR+S /fY9azfcjxoqOeqDuiZr7bR5ZzlQDlx66HwES7nOZjhSsT6QAv2fegCxortm9IZV S4EGAeTVPzUF/Q== -----END CERTIFICATE-----Generated at Tue Feb 10 00:17:17 2026 by rpki-client