This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft File: kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft (raw, json) Hash identifier: VHbk/qL5k+GK+XEgQuX/nv8ARv13wCtS8FUTANDSHXI= Subject key identifier: AA:1F:86:BD:41:56:9F:C0:A8:58:1F:58:52:6B:62:BF:43:ED:A6:C5 Authority key identifier: 90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5 Certificate issuer: /CN=90a02705006532ef33a0064f875a100923509fd5 Certificate serial: 019BFB776D1397CA9BFCD132B743CC9C4A40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft Manifest number: 11BE Signing time: Mon 26 Jan 2026 18:01:06 +0000 Manifest this update: Mon 26 Jan 2026 18:01:06 +0000 Manifest next update: Tue 27 Jan 2026 18:01:06 +0000 Files and hashes: 1: fEyQPPeKri3xxIwF-GK2DK9OO9c.roa (hash: 7YArpvgzsRn7tFDaYlxf0t+umiWwVKrDBhvgYPCrlAc=) 2: kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl (hash: RuEfpGFZwrjaujN7QS3bTSaSJMbw99YrvUZfwFKCz+A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 18:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fb:77:6d:13:97:ca:9b:fc:d1:32:b7:43:cc:9c:4a:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90a02705006532ef33a0064f875a100923509fd5 Validity Not Before: Jan 26 18:01:06 2026 GMT Not After : Jan 27 18:01:06 2026 GMT Subject: CN=aa1f86bd41569fc0a8581f58526b62bf43eda6c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ba:77:34:4d:75:f2:6c:e1:d0:ff:3e:1b:fa: 73:d5:76:f3:44:9d:1f:a9:66:d3:71:16:ba:8e:fc: f1:58:e8:4f:f5:03:ca:20:03:61:f0:48:50:28:52: db:3c:77:22:eb:25:3f:22:78:ea:4f:9a:0d:54:17: 68:af:97:c7:8a:fb:e9:ff:5b:44:67:5e:99:00:9d: e6:98:39:8a:e0:d2:d0:e0:3e:b4:77:6e:d6:d6:26: 2d:c7:01:f0:35:61:dc:40:b7:77:2e:7f:7e:6c:37: 3d:37:85:12:fb:7a:1d:3c:d3:48:41:52:52:1e:61: ee:f2:f1:3f:12:b2:c2:60:ac:14:7f:17:43:c2:c2: 37:97:42:2c:d5:32:3a:c8:53:0c:0c:e8:ba:3f:c8: d0:3c:50:67:a7:59:73:ef:4f:3b:79:2e:16:99:ac: d9:19:c7:c9:44:6f:98:ee:42:2f:a4:aa:ab:82:bd: da:46:5a:12:50:87:ab:cb:e0:81:03:b2:00:07:ba: 52:df:00:51:b4:4e:99:93:7a:6e:a1:2f:e4:b5:35: 03:a0:8c:e8:14:c4:48:1b:b2:6d:ae:da:64:c8:46: ae:d2:91:c7:bd:de:04:d1:d4:ea:e2:a8:67:01:7e: e3:9b:f1:58:0f:99:8b:af:ca:33:a0:52:6b:9b:b3: 40:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:1F:86:BD:41:56:9F:C0:A8:58:1F:58:52:6B:62:BF:43:ED:A6:C5 X509v3 Authority Key Identifier: keyid:90:A0:27:05:00:65:32:EF:33:A0:06:4F:87:5A:10:09:23:50:9F:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKAnBQBlMu8zoAZPh1oQCSNQn9U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d9f482-135e-47f6-9317-6785ada527c1/1/kKAnBQBlMu8zoAZPh1oQCSNQn9U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:84:bd:2c:8c:24:6e:c0:47:3c:b0:e8:a6:00:c0:6b:c7:6e: a0:42:3b:ea:8b:2a:9b:3e:81:df:7c:2c:99:37:4d:dc:9b:51: 09:65:da:c6:fb:aa:68:2f:e5:6c:cf:5c:55:88:27:21:83:e8: 8a:2b:0f:1a:06:1f:fe:07:7d:ee:99:d8:56:7a:0b:f6:a1:42: 6e:90:31:88:6c:db:20:85:bb:85:58:d0:3e:72:6b:f5:d0:80: 67:9d:3d:92:12:0a:a8:8b:82:45:45:3a:de:15:9e:2f:e4:26: 42:9e:2d:fd:87:ff:e3:87:a6:2f:41:54:f2:08:5d:2e:17:98: 45:5d:6c:4b:c6:6e:34:10:a9:a5:da:3e:3e:3a:79:82:21:8d: 5c:99:ca:9a:a8:c8:8a:00:16:9f:e0:56:f9:e0:c2:f9:82:cb: 21:d3:95:60:d5:48:d7:2f:f8:00:87:31:45:80:d2:bf:db:47: d7:6c:53:ea:0e:78:c7:ef:c3:58:a6:84:2f:47:8b:c7:d0:28: 81:47:86:80:a0:9b:78:a4:94:a4:73:e2:f0:9a:6e:4d:fd:b7: 39:a2:62:be:67:64:67:65:a4:53:d7:3d:46:ac:79:83:b0:e6: f5:d2:b5:d3:3a:fb:a6:dd:32:12:f3:6b:5a:f6:f6:6b:45:32: 83:d3:ff:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv7d20Tl8qb/NEyt0PMnEpAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwYTAyNzA1MDA2NTMyZWYzM2EwMDY0Zjg3NWExMDA5MjM1 MDlmZDUwHhcNMjYwMTI2MTgwMTA2WhcNMjYwMTI3MTgwMTA2WjAzMTEwLwYDVQQD EyhhYTFmODZiZDQxNTY5ZmMwYTg1ODFmNTg1MjZiNjJiZjQzZWRhNmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7p3NE118mzh0P8+G/pz1XbzRJ0f qWbTcRa6jvzxWOhP9QPKIANh8EhQKFLbPHci6yU/InjqT5oNVBdor5fHivvp/1tE Z16ZAJ3mmDmK4NLQ4D60d27W1iYtxwHwNWHcQLd3Ln9+bDc9N4US+3odPNNIQVJS HmHu8vE/ErLCYKwUfxdDwsI3l0Is1TI6yFMMDOi6P8jQPFBnp1lz7087eS4WmazZ GcfJRG+Y7kIvpKqrgr3aRloSUIery+CBA7IAB7pS3wBRtE6Zk3puoS/ktTUDoIzo FMRIG7JtrtpkyEau0pHHvd4E0dTq4qhnAX7jm/FYD5mLr8ozoFJrm7NA+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKofhr1BVp/AqFgfWFJrYr9D7abFMB8GA1UdIwQY MBaAFJCgJwUAZTLvM6AGT4daEAkjUJ/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTct Njc4NWFkYTUyN2MxLzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9kOWY0ODItMTM1ZS00N2Y2LTkzMTctNjc4NWFkYTUyN2Mx LzEva0tBbkJRQmxNdTh6b0FaUGgxb1FDU05RbjlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4S9LIwk bsBHPLDopgDAa8duoEI76osqmz6B33wsmTdN3JtRCWXaxvuqaC/lbM9cVYgnIYPo iisPGgYf/gd97pnYVnoL9qFCbpAxiGzbIIW7hVjQPnJr9dCAZ509khIKqIuCRUU6 3hWeL+QmQp4t/Yf/44emL0FU8ghdLheYRV1sS8ZuNBCppdo+Pjp5giGNXJnKmqjI igAWn+BW+eDC+YLLIdOVYNVI1y/4AIcxRYDSv9tH12xT6g54x+/DWKaEL0eLx9Ao gUeGgKCbeKSUpHPi8JpuTf23OaJivmdkZ2WkU9c9Rqx5g7Dm9dK10zr7pt0yEvNr Wvb2a0Uyg9P/gA== -----END CERTIFICATE-----Generated at Tue Jan 27 04:16:01 2026 by rpki-client