This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json) Hash identifier: NWxQ51gQYzbl5ZuNcK9yzFyNMqzaJz52Pd/RVCsA+nU= Subject key identifier: 89:6C:ED:EA:12:CB:F2:EF:9D:62:D4:4E:DB:75:51:12:D2:63:DA:DF Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601 Certificate serial: 019BFD65EB91B8BCB54035E6C8C61C8A62E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft Manifest number: 117C Signing time: Tue 27 Jan 2026 03:01:13 +0000 Manifest this update: Tue 27 Jan 2026 03:01:13 +0000 Manifest next update: Wed 28 Jan 2026 03:01:13 +0000 Files and hashes: 1: G6JTgK9c0CWNOmQ8QvDityy_X10.roa (hash: 9vVxC4L/PjyVKOIEKo3Aptt5+zq+QCcL31nKvvorwHs=) 2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: zODnDoMqAh++M6i7qn5xPEsFco5+UdXkyGWLLSHFR/8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fd:65:eb:91:b8:bc:b5:40:35:e6:c8:c6:1c:8a:62:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601 Validity Not Before: Jan 27 03:01:13 2026 GMT Not After : Jan 28 03:01:13 2026 GMT Subject: CN=896cedea12cbf2ef9d62d44edb755112d263dadf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2c:26:d6:6a:e7:26:c7:8c:6d:a2:4c:7e:fa: 61:52:ff:fd:26:b3:c0:a6:80:ca:82:53:86:9a:d4: 88:6d:9c:46:35:5a:32:74:10:3c:d8:18:a1:74:92: e6:de:57:25:28:17:ba:59:de:e7:f7:d0:7c:bc:a2: 5e:12:c6:ba:53:3d:44:c2:e5:a2:d5:67:4b:31:8d: 9e:cd:2f:0c:c6:cf:e2:62:b5:0f:5d:ec:9f:5a:ce: c6:06:4b:8f:c8:e7:24:07:fa:18:9a:96:5a:3a:43: e1:de:c2:12:a0:f5:cd:85:91:d0:fb:19:cf:a7:08: 11:e5:89:e3:3b:4e:80:41:67:14:17:9a:e1:57:03: a2:a1:f3:9f:28:cd:76:41:82:d9:c0:10:ef:d0:a7: 62:b9:52:c6:b9:a6:ac:13:73:18:10:4d:4d:0d:c1: e2:0c:e4:ad:86:c9:67:3c:f3:4e:47:84:aa:b9:a7: f1:02:05:6f:4e:8c:b8:de:dd:e4:10:9a:3b:f4:c3: 26:33:3a:94:a5:f8:40:30:97:ba:fc:0b:6f:f0:20: 59:e1:9f:35:72:55:93:b4:10:33:e6:a6:ed:9b:e8: c6:fa:70:2f:6a:ed:72:f8:05:52:64:f9:ba:63:ce: 5b:dd:c7:9a:aa:32:40:2f:91:33:92:c7:03:53:30: 46:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:6C:ED:EA:12:CB:F2:EF:9D:62:D4:4E:DB:75:51:12:D2:63:DA:DF X509v3 Authority Key Identifier: keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:ce:5f:8b:b9:a4:6f:93:53:33:18:d3:14:ee:26:cb:63:fd: f1:a8:77:19:f8:dd:74:b9:d4:b6:3c:8c:f7:54:3d:dd:01:16: 5a:23:4d:8e:e5:cd:4b:48:75:9b:37:44:c9:e7:09:b2:83:20: 91:9a:0d:0d:79:a1:00:13:26:f7:e0:ca:3b:14:df:cf:64:94: 04:d3:32:b0:2b:9f:aa:01:17:11:db:39:39:d3:15:ed:90:b4: ae:0d:7e:1a:68:e4:3c:40:81:5e:d8:e6:62:cf:fe:ca:e8:fa: 86:51:14:23:82:82:38:1b:40:a7:3d:3c:c9:ca:1e:e6:2f:81: ca:82:fa:c3:20:c5:3b:e0:92:40:5f:1c:5b:56:f7:46:22:9f: 29:3d:2f:05:f9:fe:fa:51:81:0c:5e:95:ef:63:55:3a:45:9e: fb:8c:63:18:c6:ee:c7:60:ee:cb:c8:d4:5a:4a:a1:fa:31:6d: a3:41:3c:b8:fd:4e:52:86:88:c4:ce:a6:af:03:df:a2:a9:92: d3:40:49:60:2e:ee:b7:5b:dc:75:e5:98:1e:79:41:a3:17:d9: 3f:9c:90:7e:10:50:7e:ed:37:4b:b9:ca:16:37:6a:75:84:fe: 55:52:75:91:d7:bf:11:c8:b9:ab:63:a6:e8:e6:0f:a1:44:b5: 11:70:f2:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv9ZeuRuLy1QDXmyMYcimLpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx NTE2MDEwHhcNMjYwMTI3MDMwMTEzWhcNMjYwMTI4MDMwMTEzWjAzMTEwLwYDVQQD Eyg4OTZjZWRlYTEyY2JmMmVmOWQ2MmQ0NGVkYjc1NTExMmQyNjNkYWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvywm1mrnJseMbaJMfvphUv/9JrPA poDKglOGmtSIbZxGNVoydBA82BihdJLm3lclKBe6Wd7n99B8vKJeEsa6Uz1EwuWi 1WdLMY2ezS8Mxs/iYrUPXeyfWs7GBkuPyOckB/oYmpZaOkPh3sISoPXNhZHQ+xnP pwgR5YnjO06AQWcUF5rhVwOiofOfKM12QYLZwBDv0KdiuVLGuaasE3MYEE1NDcHi DOSthslnPPNOR4SquafxAgVvToy43t3kEJo79MMmMzqUpfhAMJe6/Atv8CBZ4Z81 clWTtBAz5qbtm+jG+nAvau1y+AVSZPm6Y85b3ceaqjJAL5EzkscDUzBGDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIls7eoSy/LvnWLUTtt1URLSY9rfMB8GA1UdIwQY MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAic5fi7mk b5NTMxjTFO4my2P98ah3GfjddLnUtjyM91Q93QEWWiNNjuXNS0h1mzdEyecJsoMg kZoNDXmhABMm9+DKOxTfz2SUBNMysCufqgEXEds5OdMV7ZC0rg1+GmjkPECBXtjm Ys/+yuj6hlEUI4KCOBtApz08ycoe5i+ByoL6wyDFO+CSQF8cW1b3RiKfKT0vBfn+ +lGBDF6V72NVOkWe+4xjGMbux2Duy8jUWkqh+jFto0E8uP1OUoaIxM6mrwPfoqmS 00BJYC7ut1vcdeWYHnlBoxfZP5yQfhBQfu03S7nKFjdqdYT+VVJ1kde/Eci5q2Om 6OYPoUS1EXDy2g== -----END CERTIFICATE-----Generated at Tue Jan 27 09:54:42 2026 by rpki-client