This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json) Hash identifier: GEipFu6SCX3IYUo/5zh2ckSlqh5+0U9e1h4pGkwJYpM= Subject key identifier: 78:9B:6A:93:C6:9C:5C:2C:82:27:5A:20:2D:8F:A4:81:BF:BD:D3:6D Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96 Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096 Certificate serial: 019B9FA0889D853995A1193BF7975B8901D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft Manifest number: 144F Signing time: Thu 08 Jan 2026 22:00:56 +0000 Manifest this update: Thu 08 Jan 2026 22:00:56 +0000 Manifest next update: Fri 09 Jan 2026 22:00:56 +0000 Files and hashes: 1: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: sABH73fqTuI4R9eqd9rxhfwqBElFCssTR/17MYBfzRw=) 2: iu7FFkG2QJaHmPA7RGTX_kUyXKI.roa (hash: QTLspgP39MYk5PSZszpGPAjQcEqECucB1FhWpPvxaIM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9f:a0:88:9d:85:39:95:a1:19:3b:f7:97:5b:89:01:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096 Validity Not Before: Jan 8 22:00:56 2026 GMT Not After : Jan 9 22:00:56 2026 GMT Subject: CN=789b6a93c69c5c2c82275a202d8fa481bfbdd36d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4f:d2:2b:5b:34:71:a9:a0:20:ec:0a:c5:9d: aa:97:c1:60:54:93:c9:5e:37:ef:91:bd:d8:a1:fe: 71:00:fb:e9:e8:ec:46:e5:1b:5f:d0:92:6c:86:eb: 2d:31:cb:b8:71:8b:8d:34:f2:0d:c4:15:a7:af:db: e8:ec:81:b4:29:7b:a8:3f:fc:56:62:1f:f9:7e:27: bd:bc:95:b5:cc:b0:96:ed:99:af:3e:db:4b:6d:61: 65:17:c8:63:b8:0d:02:6b:b7:8d:59:a2:bc:f6:74: e8:8d:7e:31:f6:50:48:80:5e:a6:f9:50:d4:64:6d: e3:5f:ff:32:e2:62:58:e7:dc:16:18:04:67:80:ef: 5e:ae:97:4b:75:41:b3:e3:2f:a1:7c:2b:66:ab:5f: e9:cf:56:f7:33:79:06:6b:1f:7b:50:18:3e:6c:17: 58:34:e8:30:a8:03:58:ac:75:3f:ca:3d:57:b4:30: 5b:d2:e6:1b:db:6c:18:86:b7:59:dc:91:c0:72:1b: e9:24:77:c8:2b:9c:8e:da:d5:e8:e1:77:ec:81:c7: af:85:30:9e:22:b1:fc:65:b7:02:08:34:31:9e:d1: 98:9d:16:76:ca:cf:51:c1:ac:8d:a0:7e:53:51:51: 24:35:40:11:a4:14:12:42:36:34:17:42:02:4a:ed: f3:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:9B:6A:93:C6:9C:5C:2C:82:27:5A:20:2D:8F:A4:81:BF:BD:D3:6D X509v3 Authority Key Identifier: keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:58:ae:bc:ab:e7:85:4a:39:32:59:f3:4d:ad:d5:8d:c6:80: a1:b6:84:1f:78:d3:31:0e:4c:84:1d:98:94:c1:d1:fd:9a:8e: 11:8b:32:a0:25:8b:cd:2e:48:15:84:c2:66:38:09:15:04:58: 82:a9:00:d6:31:01:96:58:e1:4a:cb:35:8c:fb:1d:85:ce:88: ca:30:02:73:55:83:d4:a0:d3:6a:5f:9f:19:7b:a7:33:c7:0f: 83:ca:0c:31:db:01:d0:50:7c:33:3b:28:e4:c3:e4:f0:1c:06: e9:bf:6f:3d:17:4c:97:c7:ab:e1:cb:1d:17:11:21:d3:e1:c4: d9:db:a3:86:9f:a9:01:37:ae:a4:56:b8:27:29:7a:2c:4e:51: ec:ec:8f:a4:ab:94:de:cf:ba:a4:bf:ea:1a:64:c7:67:4e:99: 61:41:50:fd:1d:88:24:0f:04:ac:31:6a:41:19:47:4e:95:8d: 06:55:95:3d:07:ef:d4:b3:b6:29:0e:66:fa:6f:1f:22:2d:6e: 23:4f:f3:31:e7:12:3e:b2:8d:f7:a4:a9:a1:ab:29:a4:3e:00: 2e:38:72:86:98:fd:56:74:8d:0a:83:05:68:58:89:27:c9:cd: c6:26:48:a3:01:07:27:1d:98:07:fa:be:d6:8e:fc:92:05:68: e2:3f:ca:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZufoIidhTmVoRk795dbiQHQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy MTkwOTYwHhcNMjYwMTA4MjIwMDU2WhcNMjYwMTA5MjIwMDU2WjAzMTEwLwYDVQQD Eyg3ODliNmE5M2M2OWM1YzJjODIyNzVhMjAyZDhmYTQ4MWJmYmRkMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00/SK1s0camgIOwKxZ2ql8FgVJPJ Xjfvkb3Yof5xAPvp6OxG5Rtf0JJshustMcu4cYuNNPINxBWnr9vo7IG0KXuoP/xW Yh/5fie9vJW1zLCW7ZmvPttLbWFlF8hjuA0Ca7eNWaK89nTojX4x9lBIgF6m+VDU ZG3jX/8y4mJY59wWGARngO9erpdLdUGz4y+hfCtmq1/pz1b3M3kGax97UBg+bBdY NOgwqANYrHU/yj1XtDBb0uYb22wYhrdZ3JHAchvpJHfIK5yO2tXo4XfsgcevhTCe IrH8ZbcCCDQxntGYnRZ2ys9RwayNoH5TUVEkNUARpBQSQjY0F0ICSu3zHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHibapPGnFwsgidaIC2PpIG/vdNtMB8GA1UdIwQY MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3 LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWliuvKvn hUo5MlnzTa3VjcaAobaEH3jTMQ5MhB2YlMHR/ZqOEYsyoCWLzS5IFYTCZjgJFQRY gqkA1jEBlljhSss1jPsdhc6IyjACc1WD1KDTal+fGXunM8cPg8oMMdsB0FB8Mzso 5MPk8BwG6b9vPRdMl8er4csdFxEh0+HE2dujhp+pATeupFa4Jyl6LE5R7OyPpKuU 3s+6pL/qGmTHZ06ZYUFQ/R2IJA8ErDFqQRlHTpWNBlWVPQfv1LO2KQ5m+m8fIi1u I0/zMecSPrKN96SpoasppD4ALjhyhpj9VnSNCoMFaFiJJ8nNxiZIowEHJx2YB/q+ 1o78kgVo4j/Kqg== -----END CERTIFICATE-----Generated at Fri Jan 9 00:14:51 2026 by rpki-client