This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json) Hash identifier: z4S6zxaQGs1ZRa6t0Yc3igsJpp7vXt9wH0v2uMHqViI= Subject key identifier: 81:87:68:FE:7E:C2:0B:6A:D4:31:F5:98:73:D7:83:B4:A4:29:FC:A4 Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Certificate serial: 019BFD2E986C236906C7F5F9BD0A70186CED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft Manifest number: 17F1 Signing time: Tue 27 Jan 2026 02:00:47 +0000 Manifest this update: Tue 27 Jan 2026 02:00:47 +0000 Manifest next update: Wed 28 Jan 2026 02:00:47 +0000 Files and hashes: 1: JL_bv1rE4SOiwiRn1jc2s_87lQQ.roa (hash: dWOsdKuE7dNLYI4NP8+n+WEeun5in1SyaWv26Okq8QI=) 2: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: knHgHIZawjoqCaWzG9+DhsYBZTbEoYwqWcxY03sl77k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fd:2e:98:6c:23:69:06:c7:f5:f9:bd:0a:70:18:6c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Validity Not Before: Jan 27 02:00:47 2026 GMT Not After : Jan 28 02:00:47 2026 GMT Subject: CN=818768fe7ec20b6ad431f59873d783b4a429fca4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:df:b9:93:64:3b:78:fa:b2:15:57:40:5d:2e: 7b:c7:ac:42:d9:7a:03:b4:60:e2:9f:be:d7:2f:aa: 4f:e5:a3:67:66:67:d1:c5:43:51:58:b3:af:9f:ae: 1f:b5:ca:67:18:92:d5:ce:24:91:d9:89:53:94:70: 85:9b:a3:7a:aa:0a:4a:61:21:65:80:36:3e:e2:d8: 79:bd:3d:b0:ae:9c:60:96:c9:13:b9:44:8d:0e:cb: 48:aa:2b:a2:39:80:00:91:24:3a:c4:89:4d:26:87: a9:24:9c:ac:ab:3c:33:84:e7:36:f3:64:a9:7a:99: 4c:fc:0d:dc:db:08:d8:7e:2c:4f:4d:00:d3:7a:44: d1:88:24:fd:c3:ef:11:df:e3:d6:13:85:26:19:6d: a1:70:db:d3:d2:a6:77:79:e2:b8:59:c3:47:de:bd: 38:b1:6d:29:5a:d3:f9:89:28:66:66:2e:6e:35:d9: 4c:41:b5:5c:79:a8:6e:bd:32:bf:d2:f7:df:b6:36: 7e:3a:67:06:10:b5:a4:21:c4:f7:29:68:f4:a5:71: 4e:61:00:ec:eb:9e:d6:28:be:ac:63:86:bc:33:90: 90:2c:56:b4:37:4d:3a:4c:12:01:60:ba:1f:99:c0: 9f:09:37:51:0e:79:4d:82:56:1a:fd:f8:43:4c:59: 3e:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:87:68:FE:7E:C2:0B:6A:D4:31:F5:98:73:D7:83:B4:A4:29:FC:A4 X509v3 Authority Key Identifier: keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:e4:86:b6:1a:1f:27:76:7e:3e:c7:16:23:95:e1:5c:ad:90: e4:8a:0f:7d:35:45:88:3a:a3:5e:0e:1f:81:81:50:0a:8d:99: d5:a9:94:a7:86:8a:34:3f:0f:56:48:86:73:e3:9a:6e:46:70: 47:39:e1:33:39:b5:70:ba:78:3e:85:67:10:52:44:f9:48:25: 41:55:c3:ad:2b:9c:d2:40:b0:6a:e5:8d:8e:89:51:c0:8b:b6: f3:4a:89:7b:40:70:72:64:8c:c6:fa:d5:fd:24:0e:e0:e2:89: f6:94:72:e9:0c:40:34:41:d4:d6:40:96:72:37:1b:b2:be:1d: 60:a0:64:2a:ce:a7:11:e5:4c:d0:47:02:eb:8d:32:d2:a3:b1: 2c:1b:a5:fd:6a:4f:40:8d:cf:b2:df:71:c8:f4:59:51:3f:0e: d7:97:83:10:1c:ff:2c:72:11:0e:61:41:6b:e8:6e:7e:49:2a: 20:75:64:14:57:9d:8a:4b:f4:b3:82:5c:b1:71:e7:e3:80:2c: 38:8f:33:41:ee:39:4f:d3:16:b5:78:b9:51:ec:7c:37:84:75: 6d:e8:d0:7d:b1:ee:6f:e4:a3:67:0e:83:32:7d:22:41:9c:75: bf:c9:ca:31:cf:65:71:e6:fd:b2:56:df:05:a8:57:4a:8b:67: 68:e8:43:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv9LphsI2kGx/X5vQpwGGztMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm MGVlMTkwHhcNMjYwMTI3MDIwMDQ3WhcNMjYwMTI4MDIwMDQ3WjAzMTEwLwYDVQQD Eyg4MTg3NjhmZTdlYzIwYjZhZDQzMWY1OTg3M2Q3ODNiNGE0MjlmY2E0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzt+5k2Q7ePqyFVdAXS57x6xC2XoD tGDin77XL6pP5aNnZmfRxUNRWLOvn64ftcpnGJLVziSR2YlTlHCFm6N6qgpKYSFl gDY+4th5vT2wrpxglskTuUSNDstIqiuiOYAAkSQ6xIlNJoepJJysqzwzhOc282Sp eplM/A3c2wjYfixPTQDTekTRiCT9w+8R3+PWE4UmGW2hcNvT0qZ3eeK4WcNH3r04 sW0pWtP5iShmZi5uNdlMQbVceahuvTK/0vfftjZ+OmcGELWkIcT3KWj0pXFOYQDs 657WKL6sY4a8M5CQLFa0N006TBIBYLofmcCfCTdRDnlNglYa/fhDTFk+CwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIGHaP5+wgtq1DH1mHPXg7SkKfykMB8GA1UdIwQY MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAceSGthof J3Z+PscWI5XhXK2Q5IoPfTVFiDqjXg4fgYFQCo2Z1amUp4aKND8PVkiGc+OabkZw RznhMzm1cLp4PoVnEFJE+UglQVXDrSuc0kCwauWNjolRwIu280qJe0BwcmSMxvrV /SQO4OKJ9pRy6QxANEHU1kCWcjcbsr4dYKBkKs6nEeVM0EcC640y0qOxLBul/WpP QI3Pst9xyPRZUT8O15eDEBz/LHIRDmFBa+hufkkqIHVkFFedikv0s4JcsXHn44As OI8zQe45T9MWtXi5Uex8N4R1bejQfbHub+SjZw6DMn0iQZx1v8nKMc9lceb9slbf BahXSotnaOhDDQ== -----END CERTIFICATE-----Generated at Tue Jan 27 07:16:53 2026 by rpki-client