This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft File: KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json) Hash identifier: ApSb3TfxwDxYHzWbvYAWu91YvbvJCocWi7E3dlwFqkM= Subject key identifier: C6:99:39:58:AD:29:7A:78:C9:98:71:BA:D8:52:E0:30:71:B2:F0:C3 Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78 Certificate issuer: /CN=28d5f77722c61657f81c9f7ae49ce729b580f678 Certificate serial: 019C4322EFD72995138B7CBBE5D03C955049 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft Manifest number: 180D Signing time: Mon 09 Feb 2026 16:01:28 +0000 Manifest this update: Mon 09 Feb 2026 16:01:28 +0000 Manifest next update: Tue 10 Feb 2026 16:01:28 +0000 Files and hashes: 1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: hJycqeW3Y7QJgW8o/834ZYyetNMBFVzKOjt6tIzPGQw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:ef:d7:29:95:13:8b:7c:bb:e5:d0:3c:95:50:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678 Validity Not Before: Feb 9 16:01:28 2026 GMT Not After : Feb 10 16:01:28 2026 GMT Subject: CN=c6993958ad297a78c99871bad852e03071b2f0c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c1:b4:fd:45:72:38:ef:6c:0c:ef:a2:37:e0: ad:0f:da:4e:19:71:49:e4:05:af:ad:8f:90:ad:09: ae:95:65:83:3a:84:b5:e3:96:b9:36:03:49:a2:ca: 8d:c9:de:c2:8f:a9:03:44:c9:53:70:60:49:0e:2d: 17:31:ea:fc:2d:33:20:87:c0:13:45:0b:34:ea:3e: 30:5d:9c:0d:9c:f6:7d:b7:87:66:11:e2:8d:ba:db: 2a:3a:1e:1d:f4:1a:74:3d:6c:f4:eb:23:5f:cf:5a: a3:d1:6f:48:69:21:fc:f3:c6:6d:22:8e:16:a0:76: 0b:22:ea:7a:74:f2:ba:60:28:fc:62:b3:b2:4b:bd: c3:d8:22:60:25:67:39:e2:43:8e:90:da:c5:97:c1: f3:16:37:99:13:86:b4:c3:e7:86:b4:75:f6:5c:38: 8a:d9:6e:76:b1:0a:19:c6:14:1c:36:1c:41:7e:7f: 77:0c:4d:09:61:f0:b2:80:40:fc:5f:94:7d:49:14: 08:2d:09:1b:16:d5:65:9f:87:06:69:d8:4e:85:82: 0b:91:1c:6c:60:c5:b0:d0:eb:b5:18:1e:f6:00:19: ad:8d:79:e2:ee:62:d1:ea:02:37:63:8c:bd:dd:64: ca:4a:1a:91:96:bd:eb:f2:9c:f8:b7:73:a9:85:a6: ed:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:99:39:58:AD:29:7A:78:C9:98:71:BA:D8:52:E0:30:71:B2:F0:C3 X509v3 Authority Key Identifier: keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:06:be:0f:1e:f0:be:47:e8:be:c6:e6:41:42:31:8d:1f:84: b8:71:be:31:b0:4d:20:2e:67:4a:dc:32:8a:b9:ab:e4:91:ef: 83:50:85:25:db:76:d0:d1:ca:8d:af:93:9f:94:65:a1:ad:ec: 79:ad:9f:19:cd:1a:bc:46:69:fb:b0:22:35:84:a2:0d:33:30: 75:c7:53:f2:45:a8:ce:d2:b3:a9:8d:a3:ca:d7:f9:0a:3a:71: 6b:a2:9b:c0:53:e0:a6:d9:b4:74:74:54:80:09:73:dc:fa:8b: 5e:87:03:57:fe:7a:89:93:4b:6d:67:e1:8d:95:91:4e:c5:fa: 7e:be:5f:3d:94:5e:9f:7a:62:2d:7f:04:cf:9d:1e:0a:fa:e8: b7:51:b5:a2:09:18:6d:03:2b:4e:1d:10:b0:ea:4b:8a:e8:06: 02:3b:7d:14:09:b3:91:dc:7a:a4:aa:30:c1:d5:26:4c:8b:70: a7:a4:24:e6:f7:ab:20:98:c8:df:3b:36:2a:df:31:4f:33:a2: 4e:fd:3f:a8:ff:f5:37:b1:43:36:b5:f7:ff:cf:56:27:aa:35: 1e:3a:ec:ab:10:ef:ed:99:1b:e9:e7:98:7e:7f:0f:e0:23:75: 17:c3:a3:2a:e4:5d:1e:8e:23:4f:81:3e:ad:92:37:88:64:44: 69:00:fd:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIu/XKZUTi3y75dA8lVBJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4 MGY2NzgwHhcNMjYwMjA5MTYwMTI4WhcNMjYwMjEwMTYwMTI4WjAzMTEwLwYDVQQD EyhjNjk5Mzk1OGFkMjk3YTc4Yzk5ODcxYmFkODUyZTAzMDcxYjJmMGMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sG0/UVyOO9sDO+iN+CtD9pOGXFJ 5AWvrY+QrQmulWWDOoS145a5NgNJosqNyd7Cj6kDRMlTcGBJDi0XMer8LTMgh8AT RQs06j4wXZwNnPZ9t4dmEeKNutsqOh4d9Bp0PWz06yNfz1qj0W9IaSH888ZtIo4W oHYLIup6dPK6YCj8YrOyS73D2CJgJWc54kOOkNrFl8HzFjeZE4a0w+eGtHX2XDiK 2W52sQoZxhQcNhxBfn93DE0JYfCygED8X5R9SRQILQkbFtVln4cGadhOhYILkRxs YMWw0Ou1GB72ABmtjXni7mLR6gI3Y4y93WTKShqRlr3r8pz4t3OphabtqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMaZOVitKXp4yZhxuthS4DBxsvDDMB8GA1UdIwQY MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJga+Dx7w vkfovsbmQUIxjR+EuHG+MbBNIC5nStwyirmr5JHvg1CFJdt20NHKja+Tn5Rloa3s ea2fGc0avEZp+7AiNYSiDTMwdcdT8kWoztKzqY2jytf5Cjpxa6KbwFPgptm0dHRU gAlz3PqLXocDV/56iZNLbWfhjZWRTsX6fr5fPZRen3piLX8Ez50eCvrot1G1ogkY bQMrTh0QsOpLiugGAjt9FAmzkdx6pKowwdUmTItwp6Qk5verIJjI3zs2Kt8xTzOi Tv0/qP/1N7FDNrX3/89WJ6o1HjrsqxDv7Zkb6eeYfn8P4CN1F8OjKuRdHo4jT4E+ rZI3iGREaQD9kw== -----END CERTIFICATE-----Generated at Mon Feb 9 20:54:09 2026 by rpki-client