This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json) Hash identifier: CFIKz4aUzddoFx/lIpRxzSbNUmmE0UMGYDHJcI5OXSg= Subject key identifier: C6:E2:03:AA:88:26:45:53:E4:6F:AF:51:90:93:E6:CF:10:D7:72:25 Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Certificate serial: 019BFC89E57F6078EB6415566E870B899B00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft Manifest number: 02F1 Signing time: Mon 26 Jan 2026 23:00:54 +0000 Manifest this update: Mon 26 Jan 2026 23:00:54 +0000 Manifest next update: Tue 27 Jan 2026 23:00:54 +0000 Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=) 2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: ZBNWeTE2qU7eFcWU5/8xgAREHUphPvLrZS6yCNq7kfU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:89:e5:7f:60:78:eb:64:15:56:6e:87:0b:89:9b:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Validity Not Before: Jan 26 23:00:54 2026 GMT Not After : Jan 27 23:00:54 2026 GMT Subject: CN=c6e203aa88264553e46faf519093e6cf10d77225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f3:43:57:00:8a:d2:f6:d9:7a:59:d6:82:e1: 86:68:00:e0:85:09:06:be:23:92:9e:47:29:29:94: c1:74:f9:f8:40:40:43:24:b3:c2:42:a8:9c:e4:6e: 14:bd:f4:6c:00:91:82:2c:54:65:9b:a6:d6:15:92: a6:ec:87:69:07:05:af:da:fd:70:13:ea:83:78:97: 60:49:58:64:3c:a7:57:c7:c1:f7:8c:7f:28:bc:ef: 46:e0:7d:3e:65:38:ff:60:87:2e:70:8d:30:e2:4d: e7:95:48:98:e5:64:31:24:4a:92:74:ff:7c:bd:07: 7f:5d:a7:a8:0a:b7:a0:a1:c6:ab:57:70:ed:c2:46: 01:7c:3d:b2:3c:86:62:2e:f1:f6:f4:0a:f6:04:73: d6:6c:44:57:82:4c:69:b9:c3:8d:96:de:a0:ce:e2: 18:c4:3d:48:4b:30:ae:74:5b:3a:20:07:3e:51:44: d9:eb:43:47:45:bf:5a:db:e5:0c:76:66:e7:31:69: fd:07:17:21:49:fb:f8:b9:ce:5c:61:08:ed:50:9f: 28:a3:ea:97:55:27:99:2c:b5:ea:00:d1:aa:b9:09: a5:57:7c:14:8f:ab:0d:8c:8f:9b:e5:60:00:79:10: de:45:ce:0e:d0:7e:23:8f:66:7e:67:fb:56:a5:36: 79:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:E2:03:AA:88:26:45:53:E4:6F:AF:51:90:93:E6:CF:10:D7:72:25 X509v3 Authority Key Identifier: keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:fd:1c:8f:3f:fa:f7:4f:a0:ec:cc:2c:af:e5:ad:d4:5d:b5: a1:78:f9:c6:50:50:06:b9:04:ef:db:46:5a:39:f4:ec:55:e4: a2:a6:da:f5:09:05:f8:c5:9a:e7:e3:75:ed:eb:40:47:ab:fc: 84:ad:98:9f:ae:67:0d:b7:93:78:21:7e:65:87:77:07:1d:3d: a6:cc:f3:dc:c2:e0:70:f5:25:09:4f:fe:52:cc:e5:3b:a1:f4: 99:01:ff:50:d7:dd:71:f7:5b:9a:c8:08:e3:b5:78:c8:54:d6: 74:92:2d:6f:96:15:9c:a0:8b:35:2a:b3:91:90:ab:07:82:5e: fc:d1:c5:ff:71:41:ce:99:10:ed:a8:a6:4c:c9:a8:42:9e:d7: 71:f8:7d:18:4f:d0:03:2b:dc:1c:ff:2a:e2:3c:3d:02:b8:a8: cd:b5:90:ce:65:fe:ea:9d:e0:a7:d9:1c:64:36:e9:dc:19:d6: 1e:3b:31:8f:20:02:e7:22:db:a1:b5:92:5c:a5:d5:13:0d:2b: b7:ef:4c:11:47:b8:23:c4:d9:2f:66:8d:3c:7e:d6:02:b8:c9: a2:8f:78:00:e2:b6:4b:6d:2b:de:24:b5:e8:cd:fa:1a:b7:8b: 30:79:dc:54:8f:e9:1c:27:13:29:b3:d1:75:88:a3:a6:74:7f: 81:cd:64:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv8ieV/YHjrZBVWbocLiZsAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm OTI2NjcwHhcNMjYwMTI2MjMwMDU0WhcNMjYwMTI3MjMwMDU0WjAzMTEwLwYDVQQD EyhjNmUyMDNhYTg4MjY0NTUzZTQ2ZmFmNTE5MDkzZTZjZjEwZDc3MjI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/NDVwCK0vbZelnWguGGaADghQkG viOSnkcpKZTBdPn4QEBDJLPCQqic5G4UvfRsAJGCLFRlm6bWFZKm7IdpBwWv2v1w E+qDeJdgSVhkPKdXx8H3jH8ovO9G4H0+ZTj/YIcucI0w4k3nlUiY5WQxJEqSdP98 vQd/XaeoCregocarV3DtwkYBfD2yPIZiLvH29Ar2BHPWbERXgkxpucONlt6gzuIY xD1ISzCudFs6IAc+UUTZ60NHRb9a2+UMdmbnMWn9BxchSfv4uc5cYQjtUJ8oo+qX VSeZLLXqANGquQmlV3wUj6sNjI+b5WAAeRDeRc4O0H4jj2Z+Z/tWpTZ5AQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMbiA6qIJkVT5G+vUZCT5s8Q13IlMB8GA1UdIwQY MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3 LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAff0cjz/6 90+g7Mwsr+Wt1F21oXj5xlBQBrkE79tGWjn07FXkoqba9QkF+MWa5+N17etAR6v8 hK2Yn65nDbeTeCF+ZYd3Bx09pszz3MLgcPUlCU/+UszlO6H0mQH/UNfdcfdbmsgI 47V4yFTWdJItb5YVnKCLNSqzkZCrB4Je/NHF/3FBzpkQ7aimTMmoQp7Xcfh9GE/Q AyvcHP8q4jw9AriozbWQzmX+6p3gp9kcZDbp3BnWHjsxjyAC5yLbobWSXKXVEw0r t+9MEUe4I8TZL2aNPH7WArjJoo94AOK2S20r3iS16M36GreLMHncVI/pHCcTKbPR dYijpnR/gc1keA== -----END CERTIFICATE-----Generated at Tue Jan 27 01:18:57 2026 by rpki-client