This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json) Hash identifier: xqcfnoKaie2MMg8AgzBfw8gy3IXs3I801t71JFY4VJM= Subject key identifier: C3:52:CF:1C:0C:EA:52:C8:4B:76:A7:37:8E:76:E4:22:F2:D0:7E:8B Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019C39B1480A23F49CD400A5411DCCB4E78A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft Manifest number: 1788 Signing time: Sat 07 Feb 2026 20:00:45 +0000 Manifest this update: Sat 07 Feb 2026 20:00:45 +0000 Manifest next update: Sun 08 Feb 2026 20:00:45 +0000 Files and hashes: 1: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: nFxDBzl5uOwSoB4oufA8pQ47B3CeOMelFEfIaBmlvpE=) 2: ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa (hash: soBVeg6Yikd3nUzcvoeLHOcCe6rQjh4SHsU1xYr91hM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 08 Feb 2026 18:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:39:b1:48:0a:23:f4:9c:d4:00:a5:41:1d:cc:b4:e7:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Feb 7 20:00:45 2026 GMT Not After : Feb 8 20:00:45 2026 GMT Subject: CN=c352cf1c0cea52c84b76a7378e76e422f2d07e8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:16:fd:20:14:2c:1d:c5:69:7f:75:6e:a1:ff: 85:9c:82:c5:d0:25:96:20:3d:40:6d:bb:97:d3:0f: 53:2c:69:5e:38:82:fd:17:ff:44:05:0a:4c:ca:6e: 61:9c:46:89:4c:b5:72:b0:4d:73:7b:e9:e3:2f:f6: ec:33:18:86:ff:9a:b4:f5:a6:33:06:a4:6b:a4:8f: ae:b7:92:bf:f2:a5:79:55:ee:92:e3:8d:45:8b:19: a6:a9:25:05:75:4a:d6:9a:34:f4:92:1d:fa:03:64: 8e:50:28:a5:86:06:a4:5f:32:ce:52:95:1b:34:ab: 0d:03:e0:bf:a1:df:55:a9:d0:2f:5a:9e:54:a2:ce: 43:5c:88:82:8c:68:c6:81:d4:0b:06:10:28:a5:9a: d2:e9:16:9d:df:4a:02:2d:dc:6d:19:74:d9:dc:96: 46:5b:b3:db:9c:6e:fa:22:4d:2e:4e:b5:06:17:59: 2f:0d:6d:db:6e:6e:32:ec:51:4e:1c:a8:06:96:1e: 6f:a2:9a:1d:fb:b0:fd:82:f2:c7:81:95:6f:84:4d: 37:9b:f4:3b:b1:7f:32:0f:bb:28:56:68:51:60:10: 00:93:50:4d:6e:6f:15:b7:b4:2c:ab:39:f6:4c:12: 41:75:45:61:a2:25:59:8f:f3:e6:a6:62:a0:55:91: a0:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:52:CF:1C:0C:EA:52:C8:4B:76:A7:37:8E:76:E4:22:F2:D0:7E:8B X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:49:d4:b4:d9:f2:28:d4:92:b5:57:51:47:bb:35:fe:3a:68: c2:5d:ea:62:00:a5:ef:ff:d9:28:9e:01:1c:96:a8:3a:af:a5: 44:ff:c3:b5:48:7a:ec:3f:42:a3:a2:7c:10:37:51:d5:ed:ac: d2:ab:da:ed:bc:dd:c1:28:07:53:ed:aa:ca:a5:22:78:26:aa: 45:09:a7:7a:08:b0:d8:6e:5f:a9:b7:e3:68:fc:fe:fd:cb:e7: f3:ae:57:bf:63:6a:fa:4c:15:4e:14:95:ff:e8:37:bf:e4:3d: 40:50:80:d1:58:d1:bd:d9:b5:c8:98:62:78:9e:5e:02:fb:ed: 2e:e5:24:88:b9:2a:d3:73:db:7f:40:38:ef:97:54:da:67:8d: 15:03:a9:9e:55:a2:dc:d2:d7:92:3f:40:d5:ab:70:d4:c5:81: 1c:06:fb:f3:f4:3c:1f:33:0b:93:49:42:68:f9:92:5e:61:17: 4c:92:3b:09:b9:07:0e:b7:4d:73:3c:db:53:e6:93:bf:7d:fa: 7f:65:15:23:6a:df:0a:7c:2b:5f:2c:ed:76:fa:60:2b:e8:65: 8b:13:ec:09:75:2d:fd:55:62:d3:4d:d4:34:b5:04:53:1a:7f: f9:2b:16:eb:57:65:fa:5a:9a:12:a1:be:66:75:02:d3:1f:1c: aa:68:90:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZw5sUgKI/Sc1AClQR3MtOeKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjYwMjA3MjAwMDQ1WhcNMjYwMjA4MjAwMDQ1WjAzMTEwLwYDVQQD EyhjMzUyY2YxYzBjZWE1MmM4NGI3NmE3Mzc4ZTc2ZTQyMmYyZDA3ZThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRb9IBQsHcVpf3Vuof+FnILF0CWW ID1AbbuX0w9TLGleOIL9F/9EBQpMym5hnEaJTLVysE1ze+njL/bsMxiG/5q09aYz BqRrpI+ut5K/8qV5Ve6S441FixmmqSUFdUrWmjT0kh36A2SOUCilhgakXzLOUpUb NKsNA+C/od9VqdAvWp5Uos5DXIiCjGjGgdQLBhAopZrS6Rad30oCLdxtGXTZ3JZG W7PbnG76Ik0uTrUGF1kvDW3bbm4y7FFOHKgGlh5vopod+7D9gvLHgZVvhE03m/Q7 sX8yD7soVmhRYBAAk1BNbm8Vt7Qsqzn2TBJBdUVhoiVZj/PmpmKgVZGg9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMNSzxwM6lLIS3anN4525CLy0H6LMB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArknUtNny KNSStVdRR7s1/jpowl3qYgCl7//ZKJ4BHJaoOq+lRP/DtUh67D9Co6J8EDdR1e2s 0qva7bzdwSgHU+2qyqUieCaqRQmnegiw2G5fqbfjaPz+/cvn865Xv2Nq+kwVThSV /+g3v+Q9QFCA0VjRvdm1yJhieJ5eAvvtLuUkiLkq03Pbf0A475dU2meNFQOpnlWi 3NLXkj9A1atw1MWBHAb78/Q8HzMLk0lCaPmSXmEXTJI7CbkHDrdNczzbU+aTv336 f2UVI2rfCnwrXyztdvpgK+hlixPsCXUt/VVi003UNLUEUxp/+SsW61dl+lqaEqG+ ZnUC0x8cqmiQuA== -----END CERTIFICATE-----Generated at Sat Feb 7 23:37:54 2026 by rpki-client