This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft File: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft (raw, json) Hash identifier: lpz5hrn+IEE/r7f90QfSOaEfSXIse9UbwynEelXPd7o= Subject key identifier: D3:A4:82:CB:57:D4:CB:5F:D7:AF:00:23:84:CE:2E:A2:C3:25:79:D2 Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a Certificate serial: 019C43220449A997D9C74FF51F95A33A74A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft Manifest number: 03E6 Signing time: Mon 09 Feb 2026 16:00:28 +0000 Manifest this update: Mon 09 Feb 2026 16:00:28 +0000 Manifest next update: Tue 10 Feb 2026 16:00:28 +0000 Files and hashes: 1: 77Whh77iKwt1yOOYU4DtYorlBOk.roa (hash: tO7vF8xusHO1O0mKViJ8yyoCaEKBRB4DR9BPRK3Lwnc=) 2: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl (hash: Tis9UPnzqvsQJYIQ+OOJwO87MJrZheRLkLltrr8fNEI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:04:49:a9:97:d9:c7:4f:f5:1f:95:a3:3a:74:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a Validity Not Before: Feb 9 16:00:28 2026 GMT Not After : Feb 10 16:00:28 2026 GMT Subject: CN=d3a482cb57d4cb5fd7af002384ce2ea2c32579d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f3:cd:af:49:cf:25:96:a6:c3:8a:e7:28:e6: c6:46:fe:d3:23:0e:a1:e9:1c:7d:b4:84:68:f9:88: 25:90:8d:1b:d3:d7:69:41:0e:94:14:7a:20:e2:20: 84:26:89:27:3e:4b:82:4a:76:da:bd:68:cf:f7:94: 79:65:9a:da:7f:b2:0e:b4:0a:09:30:71:01:2b:8f: 87:e7:8a:3e:47:f7:63:d3:6a:f5:b1:a8:e5:39:bc: 83:a9:a6:e8:80:e0:76:98:cc:8d:f0:1e:f2:82:63: f0:86:78:23:19:fd:69:52:b3:5e:ba:da:c2:b7:6b: 71:cb:bc:fa:b9:82:3c:dd:b4:18:e2:bb:e9:47:9a: 10:08:37:a1:f2:31:bc:a4:9b:57:13:8c:4e:35:69: 4f:f1:ee:b3:13:ac:e6:93:fb:7a:bf:09:7a:bb:7a: b2:93:20:e9:8e:f6:6f:5c:3f:80:7e:69:f3:d1:9c: 3e:54:94:2a:94:77:c1:0e:6a:47:70:12:09:4b:ea: a4:d2:49:8f:9f:65:92:9f:c7:c9:5d:f6:d3:8a:3a: 8f:cf:8b:a8:d6:84:e3:39:fb:c7:4a:66:9f:d1:2f: 1d:7e:83:20:f2:d7:a2:fc:59:e6:e2:8d:05:fe:56: 15:6b:a8:3f:6f:09:00:0d:ca:78:69:05:c4:cb:5b: 7f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:A4:82:CB:57:D4:CB:5F:D7:AF:00:23:84:CE:2E:A2:C3:25:79:D2 X509v3 Authority Key Identifier: keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:92:26:87:42:05:9b:2a:87:67:87:7c:2d:1c:b0:9c:71:8a: cd:aa:d8:bc:57:ad:d0:cb:8a:27:15:e7:7d:9c:f2:7c:af:d8: 40:5d:9b:c3:1f:a1:ca:19:ac:e7:bf:8d:27:98:ee:01:c3:a1: 0c:e3:87:4f:53:c0:fb:05:84:97:56:ff:0a:a6:3f:5a:81:f6: f5:09:12:d4:31:e4:7e:23:aa:78:7f:82:59:13:e9:31:96:30: ae:0d:4c:93:fc:82:e5:10:1a:6f:73:91:ef:a9:28:bd:96:65: 2d:23:2b:ad:62:bb:71:b2:82:d2:5a:ae:2c:a3:76:6c:d7:ea: 20:6f:69:ca:39:82:c5:2b:82:eb:c0:89:79:d7:1a:ed:6a:30: e1:ce:e2:b9:03:70:07:f1:06:87:44:b9:0c:46:fd:d6:3b:9b: c4:93:e2:36:f4:e8:62:ac:de:d1:eb:db:64:6a:af:b1:34:28: a2:b2:be:6c:fa:cb:15:93:e5:ba:b2:d6:09:2b:72:fa:2b:0e: 61:f4:97:42:97:9f:f9:ff:a9:51:a7:93:23:2a:c2:a0:30:e8: b7:8d:c7:65:bd:69:8a:d5:b1:a2:84:96:00:8d:ab:5a:3e:22: f5:08:ec:2d:ea:eb:6d:b2:23:23:1f:2f:ee:4c:d7:3e:86:48: fe:a1:86:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIgRJqZfZx0/1H5WjOnSmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl Y2QyMWEwHhcNMjYwMjA5MTYwMDI4WhcNMjYwMjEwMTYwMDI4WjAzMTEwLwYDVQQD EyhkM2E0ODJjYjU3ZDRjYjVmZDdhZjAwMjM4NGNlMmVhMmMzMjU3OWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/PNr0nPJZamw4rnKObGRv7TIw6h 6Rx9tIRo+YglkI0b09dpQQ6UFHog4iCEJoknPkuCSnbavWjP95R5ZZraf7IOtAoJ MHEBK4+H54o+R/dj02r1sajlObyDqabogOB2mMyN8B7ygmPwhngjGf1pUrNeutrC t2txy7z6uYI83bQY4rvpR5oQCDeh8jG8pJtXE4xONWlP8e6zE6zmk/t6vwl6u3qy kyDpjvZvXD+Afmnz0Zw+VJQqlHfBDmpHcBIJS+qk0kmPn2WSn8fJXfbTijqPz4uo 1oTjOfvHSmaf0S8dfoMg8tei/Fnm4o0F/lYVa6g/bwkADcp4aQXEy1t/MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNOkgstX1Mtf168AI4TOLqLDJXnSMB8GA1UdIwQY MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt NzJlY2JhMTMxYWY4LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4 LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt5Imh0IF myqHZ4d8LRywnHGKzarYvFet0MuKJxXnfZzyfK/YQF2bwx+hyhms57+NJ5juAcOh DOOHT1PA+wWEl1b/CqY/WoH29QkS1DHkfiOqeH+CWRPpMZYwrg1Mk/yC5RAab3OR 76kovZZlLSMrrWK7cbKC0lquLKN2bNfqIG9pyjmCxSuC68CJedca7Wow4c7iuQNw B/EGh0S5DEb91jubxJPiNvToYqze0evbZGqvsTQoorK+bPrLFZPlurLWCSty+isO YfSXQpef+f+pUaeTIyrCoDDot43HZb1pitWxooSWAI2rWj4i9QjsLerrbbIjIx8v 7kzXPoZI/qGGwg== -----END CERTIFICATE-----Generated at Tue Feb 10 00:15:55 2026 by rpki-client