This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft File: KxlTcbTPcLiOdz4bgHyyORYyOFs.mft (raw, json) Hash identifier: VpNPg3RNmj6OlJP0Ix64O2+me7MzZfuRq2Jn+reS6PI= Subject key identifier: AE:E8:A9:41:56:2B:13:0A:42:05:F5:3C:B4:1A:B2:96:4B:0E:B0:85 Authority key identifier: 2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B Certificate issuer: /CN=2b195371b4cf70b88e773e1b807cb2391632385b Certificate serial: 019BFE0A3F5DD1B190BCC14A27E1275531A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft Manifest number: CE Signing time: Tue 27 Jan 2026 06:00:43 +0000 Manifest this update: Tue 27 Jan 2026 06:00:43 +0000 Manifest next update: Wed 28 Jan 2026 06:00:43 +0000 Files and hashes: 1: KxlTcbTPcLiOdz4bgHyyORYyOFs.crl (hash: EHWnRi0YjOlw42smHa3YyHLwB42GXFXCTpDASpRCyTM=) 2: zoysAnJ75pvxhA2S0m-6Zp0HLpE.roa (hash: kFXM7sahaxaI4pXMltbaQts/ViuuZYbtivX7x0d9V2A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 06:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fe:0a:3f:5d:d1:b1:90:bc:c1:4a:27:e1:27:55:31:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b195371b4cf70b88e773e1b807cb2391632385b Validity Not Before: Jan 27 06:00:43 2026 GMT Not After : Jan 28 06:00:43 2026 GMT Subject: CN=aee8a941562b130a4205f53cb41ab2964b0eb085 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:61:f2:93:c1:a5:8c:be:f7:1f:c9:8d:2e:4a: 79:c7:20:d2:ed:a8:57:65:ed:71:17:ab:14:54:bd: 5a:07:da:f5:6e:2d:72:69:9e:d1:71:42:6c:cf:16: 0b:52:7e:23:25:d1:81:14:f8:15:e3:4e:1e:0d:53: c5:f7:68:15:0d:7c:42:b0:07:ce:04:dc:7d:c7:75: bf:14:30:99:d9:12:35:77:b0:9d:dc:09:ae:05:8f: 0a:d4:eb:4b:a7:4e:fc:03:4f:fc:05:27:87:86:45: 7a:3c:1f:01:80:9e:82:0a:ce:a3:81:28:99:5f:06: 4f:bc:10:21:8b:1f:49:e2:34:86:05:4c:5e:7f:5a: bd:01:48:8b:68:05:de:87:c3:94:bd:ee:1f:49:a8: 56:2a:89:ba:b1:7f:9b:d8:83:78:6b:07:a4:02:c9: 7a:d6:c6:0f:f3:56:ba:52:8a:bb:8e:3d:58:cc:4c: b5:55:4e:d9:e5:50:34:65:31:0c:f4:93:1d:e5:75: 67:f6:dc:66:fa:0b:c7:a1:ab:cb:58:a2:00:dd:54: a7:fe:f9:84:e4:6a:01:98:0b:71:df:61:7e:5b:7f: de:e1:37:e6:cd:3e:df:70:21:ca:f5:52:54:b4:85: 72:d5:34:7f:e8:39:eb:19:d3:9f:e9:8f:db:f0:61: 9c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:E8:A9:41:56:2B:13:0A:42:05:F5:3C:B4:1A:B2:96:4B:0E:B0:85 X509v3 Authority Key Identifier: keyid:2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:ba:a6:60:74:34:e5:43:24:12:8b:37:02:45:72:ae:7a:58: a0:d3:5a:eb:aa:86:4d:f6:91:bd:ac:d6:7b:dd:76:13:ff:27: e4:8c:44:fd:fe:11:f2:80:95:f5:85:53:76:77:4a:fe:73:a8: d0:07:52:16:a9:92:0e:d2:bb:bc:02:1f:c1:2b:4f:6f:d2:ee: ff:e6:77:b2:b2:8e:91:17:51:32:7b:11:3b:0d:3b:a9:8f:d1: 9b:5f:31:df:fa:16:38:4a:81:5f:cf:e9:5e:96:93:bf:a5:03: 8d:0a:f0:11:15:63:58:4f:f6:34:07:05:e6:22:79:1c:a9:58: f0:85:1c:90:05:18:a6:e1:0d:7e:0e:34:71:1a:8b:cd:3c:e0: d2:bb:f0:1e:06:0c:2b:cd:71:07:e1:84:7f:ad:81:81:bb:c6: ef:7a:1f:a6:42:72:74:c1:ac:e3:65:fd:f7:9f:38:ce:b7:90: 82:7f:dc:11:9f:45:0f:ea:e1:24:05:86:93:13:30:ba:5d:56: bf:24:78:1a:e1:2d:7e:6e:fe:37:3f:15:1b:4a:c0:24:45:fb: 82:fa:8e:24:3a:7f:87:53:bf:78:37:09:51:eb:eb:67:38:52: 69:8d:75:25:ad:f7:b6:c9:a6:10:e8:61:b5:73:05:4a:df:4d: 77:fc:70:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv+Cj9d0bGQvMFKJ+EnVTGoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMTk1MzcxYjRjZjcwYjg4ZTc3M2UxYjgwN2NiMjM5MTYz MjM4NWIwHhcNMjYwMTI3MDYwMDQzWhcNMjYwMTI4MDYwMDQzWjAzMTEwLwYDVQQD EyhhZWU4YTk0MTU2MmIxMzBhNDIwNWY1M2NiNDFhYjI5NjRiMGViMDg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GHyk8GljL73H8mNLkp5xyDS7ahX Ze1xF6sUVL1aB9r1bi1yaZ7RcUJszxYLUn4jJdGBFPgV404eDVPF92gVDXxCsAfO BNx9x3W/FDCZ2RI1d7Cd3AmuBY8K1OtLp078A0/8BSeHhkV6PB8BgJ6CCs6jgSiZ XwZPvBAhix9J4jSGBUxef1q9AUiLaAXeh8OUve4fSahWKom6sX+b2IN4awekAsl6 1sYP81a6Uoq7jj1YzEy1VU7Z5VA0ZTEM9JMd5XVn9txm+gvHoavLWKIA3VSn/vmE 5GoBmAtx32F+W3/e4TfmzT7fcCHK9VJUtIVy1TR/6DnrGdOf6Y/b8GGcrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK7oqUFWKxMKQgX1PLQaspZLDrCFMB8GA1UdIwQY MBaAFCsZU3G0z3C4jnc+G4B8sjkWMjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzIt NWU0MDQxZDkzMDA4LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzItNWU0MDQxZDkzMDA4 LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALqmYHQ0 5UMkEos3AkVyrnpYoNNa66qGTfaRvazWe912E/8n5IxE/f4R8oCV9YVTdndK/nOo 0AdSFqmSDtK7vAIfwStPb9Lu/+Z3srKOkRdRMnsROw07qY/Rm18x3/oWOEqBX8/p XpaTv6UDjQrwERVjWE/2NAcF5iJ5HKlY8IUckAUYpuENfg40cRqLzTzg0rvwHgYM K81xB+GEf62BgbvG73ofpkJydMGs42X99584zreQgn/cEZ9FD+rhJAWGkxMwul1W vyR4GuEtfm7+Nz8VG0rAJEX7gvqOJDp/h1O/eDcJUevrZzhSaY11Ja33tsmmEOhh tXMFSt9Nd/xwTQ== -----END CERTIFICATE-----Generated at Tue Jan 27 14:58:35 2026 by rpki-client