This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft File: DC780D9935DABC701A4C4832B16C11D7743C399A.mft (raw, json) Hash identifier: expemIrh8d0UXSKJU1N2/OFbQOsXcXFhI77mqTkYF8M= Subject key identifier: 52:0C:D8:E5:4D:B2:D6:79:3F:25:38:40:F8:71:D6:E9:66:7C:8F:DE Authority key identifier: DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A Certificate issuer: /CN=dc780d9935dabc701a4c4832b16c11d7743c399a Certificate serial: 2CBA4A1107518EB24009A30D74E7838DA01F5ED1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject info access: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft Manifest number: 0103 Signing time: Sat 07 Feb 2026 11:12:27 +0000 Manifest this update: Sat 07 Feb 2026 11:07:27 +0000 Manifest next update: Sun 08 Feb 2026 13:41:27 +0000 Files and hashes: 1: C8623AA6C30FA8E058243708F5672D7960E52389.cer (hash: qDS/meVpMF7qgfPtayVFbWOCnAfvA9XikJALxZNw670=) 2: 326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (hash: eSgn8pAntXBevn2NWK+HjwLFj3TRH0aVr1zTI6ST4E0=) 3: 326130343a623930303a3a2f33302d3332203d3e2038353837.roa (hash: YouEGWqx2GG1gNyKDzMvqaRmGag9lv2eJQyjBwSYn9Y=) 4: 326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (hash: XACd90ki63AXfGn+taSfXn0bg5k/VvTu6qRBsyyOiUc=) 5: 326130343a623930343a373230303a3a2f34302d3430203d3e20323131333231.roa (hash: refEY6cMSdDY7cBVUX5w6R5vf51PxokJ+N8DMMimo3o=) 6: 326130343a623930363a3a2f34382d3438203d3e2030.roa (hash: rzyLuLQB2r5jFPz4ER372UgwfaN2meO05T5dDI5hqUg=) 7: 326130343a623930353a3a2f34382d3438203d3e203136353039.roa (hash: 2WLi+yTCoT6MxCiLFaQP7kK5t5x+CtSSj0mzxVLx03Y=) 8: 326130343a623930323a3a2f34382d3438203d3e20323131333231.roa (hash: qdL0+PphZnX4cdypWsOWZjkH1FNw49MUNv/FrNDrY3s=) 9: DC780D9935DABC701A4C4832B16C11D7743C399A.crl (hash: FC8C1gi8esSSWtWtOAyk7MyZpa267TD5k+KAunwhAiY=) 10: 3138352e34392e3134322e302f32342d3234203d3e2030.roa (hash: OFYzxf950q78iFTJtOczlCYpNOX+DOEpFZuRWUO9N6w=) 11: 3138352e34392e3134322e302f32332d3233203d3e20323131333231.roa (hash: jR+qYDFgs1RFLmTf7rqpUDak54gW5tVDwGwUk/IhO4s=) 12: 3138352e34392e3134302e302f32332d3233203d3e2038353837.roa (hash: bG62lXPn1Km32GF1V4Mpr+78+uhtW45az4faRRcPToY=) 13: 326130343a623930373a3a2f34382d3438203d3e2030.roa (hash: /xnxiOeZe4RUPZsXL0vjp7QXRGVs8BxZ08hPmiOocY8=) 14: 326130343a623930303a3a2f33302d3330203d3e2038353837.roa (hash: gYkRIFE7UL0cJEwnwxVcLo1Ut87kd9a2aqmOVqa5baI=) 15: 3138352e34392e3134332e302f32342d3234203d3e20323131333231.roa (hash: UL7yBA1F7ergECjM7xK45EYvQh4BIa6w098X6gj/00E=) Validation: OK Signature path: rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 08 Feb 2026 13:41:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:ba:4a:11:07:51:8e:b2:40:09:a3:0d:74:e7:83:8d:a0:1f:5e:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc780d9935dabc701a4c4832b16c11d7743c399a Validity Not Before: Feb 7 11:07:27 2026 GMT Not After : Feb 8 13:41:27 2026 GMT Subject: CN=520CD8E54DB2D6793F253840F871D6E9667C8FDE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:01:b7:fa:92:4a:0c:bb:33:3a:41:4e:bc:02: d9:00:b1:d2:88:af:a3:f9:66:55:b4:da:2e:5e:01: b0:79:0b:5f:7b:c6:1c:1c:30:77:81:3d:b9:a2:5d: 9f:1d:65:3e:6e:a4:95:83:5f:d8:ba:9c:02:d2:eb: 61:36:b3:64:b6:45:b1:bd:f5:19:b5:74:91:32:7d: a4:0a:ec:55:3b:ed:b4:2b:92:8f:f2:3f:9b:7d:5f: 7a:17:d3:0b:9a:54:12:c8:ad:86:ad:18:af:bb:63: 30:54:c6:49:45:6c:c6:c1:42:09:ec:bc:f0:bf:be: 49:3d:85:c1:cc:02:09:f3:dd:0d:0f:64:a9:f2:6f: 85:ec:cf:3d:c5:cc:78:13:be:71:88:e3:70:0f:6e: 56:e3:20:cc:9a:76:2f:ec:f0:b8:72:88:d0:dc:2a: 8d:27:c9:00:c7:54:5d:36:6d:76:9c:16:97:f1:44: f3:06:60:d1:64:18:d6:96:fc:51:79:35:2c:5b:69: 55:81:b2:6e:34:a7:d4:d1:21:4d:b5:f3:a6:d8:80: b2:2c:95:52:af:92:a1:64:68:f9:e1:19:bc:88:88: ff:11:15:da:42:73:c2:79:86:cc:57:5c:66:05:72: 08:6d:b7:33:d4:c1:f8:61:96:89:b1:96:46:f3:d5: d6:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:0C:D8:E5:4D:B2:D6:79:3F:25:38:40:F8:71:D6:E9:66:7C:8F:DE X509v3 Authority Key Identifier: keyid:DC:78:0D:99:35:DA:BC:70:1A:4C:48:32:B1:6C:11:D7:74:3C:39:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HgNmTXavHAaTEgysWwR13Q8OZo.cer Subject Information Access: Signed Object - URI:rsync://rsync.krill.nlnetlabs.nl/repo/nlnetlabs/1/DC780D9935DABC701A4C4832B16C11D7743C399A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:2b:dc:c2:d0:86:18:0c:7e:4a:74:85:19:a3:f2:d4:87:76: 31:19:46:b6:26:fd:27:86:66:c3:2d:65:fd:27:87:f3:8f:08: 57:ac:90:7b:fb:35:8b:91:e1:47:bd:e5:a9:6e:d3:01:2b:1c: 0b:4e:89:71:12:67:f0:46:94:31:5d:19:fc:5f:56:0b:0d:7c: 18:2f:77:5f:70:9d:28:09:ad:ab:f5:0f:11:82:a5:7c:d6:01: 78:e8:f3:5c:28:dd:fa:5a:c6:36:79:39:aa:32:3e:48:2c:ab: e4:e2:84:46:ff:f3:b3:3b:93:ce:68:53:b2:70:8d:d8:b6:32: 87:51:13:c3:1a:44:47:74:da:3c:04:43:32:00:7a:a8:1b:3c: 3b:06:33:63:f9:75:5a:aa:d6:d0:df:fd:fb:7d:15:cc:27:6f: 43:cf:15:ee:23:98:48:f9:6f:84:89:4f:8e:5b:94:3a:97:80: 49:f0:cd:25:44:28:b2:c6:48:c8:ce:42:de:e0:66:0f:25:2c: c6:f6:e5:f2:90:35:5f:f7:24:5a:65:6a:07:78:7e:07:0f:31: 18:eb:90:fc:d9:d6:fb:c5:8c:7d:65:94:21:db:98:11:b5:72: 5e:63:7c:e0:93:5b:14:da:54:d3:28:0a:77:c3:3c:de:51:c5: a2:4c:d1:7e -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIULLpKEQdRjrJACaMNdOeDjaAfXtEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGM3ODBkOTkzNWRhYmM3MDFhNGM0ODMyYjE2YzExZDc3 NDNjMzk5YTAeFw0yNjAyMDcxMTA3MjdaFw0yNjAyMDgxMzQxMjdaMDMxMTAvBgNV BAMTKDUyMENEOEU1NERCMkQ2NzkzRjI1Mzg0MEY4NzFENkU5NjY3QzhGREUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxAbf6kkoMuzM6QU68AtkAsdKI r6P5ZlW02i5eAbB5C197xhwcMHeBPbmiXZ8dZT5upJWDX9i6nALS62E2s2S2RbG9 9Rm1dJEyfaQK7FU77bQrko/yP5t9X3oX0wuaVBLIrYatGK+7YzBUxklFbMbBQgns vPC/vkk9hcHMAgnz3Q0PZKnyb4Xszz3FzHgTvnGI43APblbjIMyadi/s8LhyiNDc Ko0nyQDHVF02bXacFpfxRPMGYNFkGNaW/FF5NSxbaVWBsm40p9TRIU2186bYgLIs lVKvkqFkaPnhGbyIiP8RFdpCc8J5hsxXXGYFcghttzPUwfhhlomxlkbz1dZTAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQUUgzY5U2y1nk/JThA+HHW6WZ8j94wHwYDVR0j BBgwFoAU3HgNmTXavHAaTEgysWwR13Q8OZowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vcnN5bmMua3JpbGwubmxuZXRsYWJzLm5sL3Jl cG8vbmxuZXRsYWJzLzEvREM3ODBEOTkzNURBQkM3MDFBNEM0ODMyQjE2QzExRDc3 NDNDMzk5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNIZ05tVFhhdkhBYVRF Z3lzV3dSMTNROE9aby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5y c3luYzovL3JzeW5jLmtyaWxsLm5sbmV0bGFicy5ubC9yZXBvL25sbmV0bGFicy8x L0RDNzgwRDk5MzVEQUJDNzAxQTRDNDgzMkIxNkMxMUQ3NzQzQzM5OUEubWZ0MBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgAB BQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQALK9zC0IYYDH5KdIUZo/LUh3YxGUa2Jv0nhmbDLWX9J4fzjwhXrJB7+zWL keFHveWpbtMBKxwLTolxEmfwRpQxXRn8X1YLDXwYL3dfcJ0oCa2r9Q8RgqV81gF4 6PNcKN36WsY2eTmqMj5ILKvk4oRG//OzO5POaFOycI3YtjKHURPDGkRHdNo8BEMy AHqoGzw7BjNj+XVaqtbQ3/37fRXMJ29DzxXuI5hI+W+EiU+OW5Q6l4BJ8M0lRCiy xkjIzkLe4GYPJSzG9uXykDVf9yRaZWoHeH4HDzEY65D82db7xYx9ZZQh25gRtXJe Y3zgk1sU2lTTKAp3wzzeUcWiTNF+ -----END CERTIFICATE-----Generated at Sun Feb 8 06:25:23 2026 by rpki-client