This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json) Hash identifier: Mwr0sdSjz8t0/ltWHmnB8tWBKgfuswoy3sq1ZdNGOaQ= Subject key identifier: 9E:58:9D:F5:98:1B:4A:44:C2:9E:17:C7:32:4F:7B:7F:15:A9:D0:2B Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Certificate serial: 019BFD65C3DFB43EF4113365758CD65A5E15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft Manifest number: 0E57 Signing time: Tue 27 Jan 2026 03:01:03 +0000 Manifest this update: Tue 27 Jan 2026 03:01:03 +0000 Manifest next update: Wed 28 Jan 2026 03:01:03 +0000 Files and hashes: 1: AoiLP-aKiV68_RegC3FR8BLmoTY.roa (hash: cAZegRRMeuO3/yO4SqdfyQYoOuuZTcc84vu6Tr6LRDs=) 2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: f1faoIMiOtVvI4LWyCIUQ5mxtUSo/BoR9MQYCfVe1jk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fd:65:c3:df:b4:3e:f4:11:33:65:75:8c:d6:5a:5e:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Validity Not Before: Jan 27 03:01:03 2026 GMT Not After : Jan 28 03:01:03 2026 GMT Subject: CN=9e589df5981b4a44c29e17c7324f7b7f15a9d02b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e0:5a:41:3b:7a:d7:be:01:3e:2f:e0:76:87: 13:c2:58:b9:b4:eb:63:4e:87:aa:ec:07:3c:1a:a6: 13:24:c3:9c:00:11:01:b8:92:c8:c6:8c:75:14:00: 1c:d4:87:6d:40:9c:f9:a0:8b:5e:93:10:ab:c4:fc: 3d:a2:16:23:fb:96:46:68:3a:31:e7:a2:1c:01:0f: d0:30:cd:d0:2d:c1:95:b8:92:ef:18:f7:14:d2:23: ba:ba:75:9f:35:84:20:ed:73:bd:1b:39:d9:d0:48: 48:6d:49:80:74:5d:6c:9d:d6:d4:5e:01:16:7f:f9: df:ea:b0:30:d9:83:d6:ca:fa:ac:8e:90:3e:ba:6d: b5:2e:01:f6:96:9d:31:e0:98:20:6b:8b:61:06:5d: 01:7c:67:dc:0c:e0:5d:ab:0c:dc:80:bf:59:82:3b: b9:82:34:ac:ef:d7:c6:27:ad:c4:e5:fd:8a:39:03: f6:70:11:5f:db:ca:7c:d8:8f:18:32:2c:fd:07:9f: a5:e5:69:c0:d3:0f:a3:8c:4d:10:47:94:a6:39:4f: 16:3a:95:b7:08:5c:61:b6:92:50:c8:84:bf:46:a1: bc:ab:c3:04:f6:24:75:a9:6f:03:a0:4c:0b:4c:b9: 60:5b:b9:3e:e3:26:6c:66:4f:b2:af:c1:59:d2:20: cf:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:58:9D:F5:98:1B:4A:44:C2:9E:17:C7:32:4F:7B:7F:15:A9:D0:2B X509v3 Authority Key Identifier: keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:c4:68:7e:80:89:fb:e4:90:7b:48:03:00:1c:38:00:f4:55: 53:c2:26:1b:85:ee:c1:dd:32:5b:6f:03:ad:f9:9e:7d:45:f6: c4:47:d9:55:80:a3:de:a3:be:47:98:c2:2a:7d:03:1a:90:0d: 8b:4a:24:8b:0a:cf:da:60:b8:a1:b5:b1:3e:ff:2c:e6:e6:0f: a9:cc:b7:27:89:0c:ef:cc:17:c6:89:da:38:74:00:90:40:13: 34:47:f2:af:5f:26:ef:93:53:c8:be:9b:42:36:29:37:f0:c1: 29:39:d2:07:41:f5:55:d9:de:26:2d:17:2c:f5:0e:d4:a8:17: 35:48:1b:8c:0d:bf:0d:20:59:53:66:b1:2a:89:1d:3c:93:79: e5:a3:05:7d:f2:40:0a:3b:94:43:45:7b:58:f0:c8:e7:40:c0: fd:bc:1c:4e:10:c1:ad:66:0d:4c:b0:32:88:16:9e:37:74:cc: 86:90:e8:bb:dc:de:26:91:83:f6:f7:a9:41:4c:6f:2a:59:b0: e9:03:9b:0b:35:78:69:bc:5e:09:7f:38:cd:98:bf:ee:80:ff: 0d:d4:a9:89:4a:20:0b:8c:b9:35:77:d2:0c:e7:57:57:bc:b9: ea:46:db:16:8a:4c:c6:78:c5:33:53:3c:99:a5:37:23:59:c3: ce:0b:90:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv9ZcPftD70ETNldYzWWl4VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm MmU2NGQwHhcNMjYwMTI3MDMwMTAzWhcNMjYwMTI4MDMwMTAzWjAzMTEwLwYDVQQD Eyg5ZTU4OWRmNTk4MWI0YTQ0YzI5ZTE3YzczMjRmN2I3ZjE1YTlkMDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeBaQTt6174BPi/gdocTwli5tOtj Toeq7Ac8GqYTJMOcABEBuJLIxox1FAAc1IdtQJz5oItekxCrxPw9ohYj+5ZGaDox 56IcAQ/QMM3QLcGVuJLvGPcU0iO6unWfNYQg7XO9GznZ0EhIbUmAdF1sndbUXgEW f/nf6rAw2YPWyvqsjpA+um21LgH2lp0x4Jgga4thBl0BfGfcDOBdqwzcgL9Zgju5 gjSs79fGJ63E5f2KOQP2cBFf28p82I8YMiz9B5+l5WnA0w+jjE0QR5SmOU8WOpW3 CFxhtpJQyIS/RqG8q8ME9iR1qW8DoEwLTLlgW7k+4yZsZk+yr8FZ0iDPpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ5YnfWYG0pEwp4XxzJPe38VqdArMB8GA1UdIwQY MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa8RofoCJ ++SQe0gDABw4APRVU8ImG4Xuwd0yW28DrfmefUX2xEfZVYCj3qO+R5jCKn0DGpAN i0okiwrP2mC4obWxPv8s5uYPqcy3J4kM78wXxonaOHQAkEATNEfyr18m75NTyL6b QjYpN/DBKTnSB0H1VdneJi0XLPUO1KgXNUgbjA2/DSBZU2axKokdPJN55aMFffJA CjuUQ0V7WPDI50DA/bwcThDBrWYNTLAyiBaeN3TMhpDou9zeJpGD9vepQUxvKlmw 6QObCzV4abxeCX84zZi/7oD/DdSpiUogC4y5NXfSDOdXV7y56kbbFopMxnjFM1M8 maU3I1nDzguQPA== -----END CERTIFICATE-----Generated at Tue Jan 27 04:46:27 2026 by rpki-client