This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json) Hash identifier: wrFJRu/ZT03yXjip/H1NWz2dvlfrlD7caG6f1DOpaYc= Subject key identifier: 7B:61:53:B0:60:92:42:25:D9:E0:D4:FF:AA:9D:81:51:5E:3D:DC:20 Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef Certificate serial: 019BAEDCBD2C371508F3D3BEAC7E42554848 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft Manifest number: 093F Signing time: Sun 11 Jan 2026 21:01:00 +0000 Manifest this update: Sun 11 Jan 2026 21:01:00 +0000 Manifest next update: Mon 12 Jan 2026 21:01:00 +0000 Files and hashes: 1: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: seJEg+GhRFoYCZZnzZArDF22o4NP3ReoQywAjNpBZxc=) 2: wyIJp-MtwD9wUV37AIQAnQ5KD5g.roa (hash: 27rqphnZqec6wo9U62eKve93o5VP/+kmAfxs2ybJPtU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:dc:bd:2c:37:15:08:f3:d3:be:ac:7e:42:55:48:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef Validity Not Before: Jan 11 21:01:00 2026 GMT Not After : Jan 12 21:01:00 2026 GMT Subject: CN=7b6153b060924225d9e0d4ffaa9d81515e3ddc20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:24:30:80:67:f8:6c:96:fb:74:27:70:cb:dd: 22:ee:df:05:a0:c0:39:4c:e5:3e:52:a8:55:2c:03: 36:f2:c9:61:0c:70:6d:2e:06:e6:0f:80:7c:ad:eb: 85:8c:b9:98:53:60:ed:6c:34:cc:ba:a1:49:62:66: e6:11:7e:32:15:fe:1d:98:29:02:b4:9a:f1:67:3a: c6:1e:94:cf:45:4b:47:39:1e:8a:50:34:97:91:75: c3:68:31:19:2d:31:56:78:d2:26:96:73:8b:8e:f6: af:7f:3e:62:c2:50:77:2d:d2:d1:29:31:d0:04:1f: 38:bd:77:2e:b8:cf:58:6a:67:76:0b:9b:a7:76:a6: 7e:35:f7:ba:e7:a2:a3:ad:9f:2e:4f:55:f5:65:1d: 06:0a:f2:48:63:c9:02:78:3d:e5:85:8d:45:5b:6e: 99:8b:73:41:fd:3f:f7:3f:a9:04:ba:c5:9b:e3:72: 1f:31:fb:73:79:fb:c9:27:f9:63:eb:dc:67:13:94: 7a:ed:0f:36:b2:5c:8f:13:99:1c:ed:87:a8:10:2b: 7c:33:58:f2:c9:54:6c:65:88:6f:6e:e2:40:f2:2c: 00:82:17:4a:be:0a:f2:85:c8:5d:e2:a7:27:71:45: 19:0c:20:d6:87:6a:6e:d2:ce:55:af:0f:c4:18:d1: bf:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:61:53:B0:60:92:42:25:D9:E0:D4:FF:AA:9D:81:51:5E:3D:DC:20 X509v3 Authority Key Identifier: keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:1d:d0:e0:f9:08:30:5d:68:c8:53:58:1e:f5:35:6d:d0:0d: 80:d5:dd:3b:56:6e:f0:36:e5:35:20:e9:59:7f:86:89:36:75: 05:4b:32:40:50:35:a8:87:82:8e:70:ce:97:fd:e7:16:18:5f: b4:0c:3c:0e:00:4e:d2:c6:aa:3b:a9:dd:6d:15:44:8b:df:d1: aa:a3:42:48:ed:94:f2:60:cc:02:49:28:33:30:77:0e:47:cd: c7:12:94:e2:23:d2:98:3a:80:9c:98:98:2b:9a:74:89:7f:9c: bd:e8:77:d3:5d:9f:ad:23:e1:c1:fe:ec:6c:f5:16:a6:50:53: c5:4a:7d:d8:e8:21:9c:b8:df:a4:ed:97:25:1f:08:b1:0b:07: bc:65:f2:ca:02:05:96:79:fe:d4:b8:28:a0:b9:c9:25:e9:8c: 5b:0e:78:5e:22:5c:bf:5a:8b:95:ac:d7:79:9b:30:cc:a9:ef: fc:5a:6d:a0:76:89:04:e9:f6:76:4d:bb:34:12:58:28:51:a5: 27:d1:47:26:d8:26:63:70:1f:38:97:5e:f6:a2:3d:4a:50:09: 94:68:8f:69:1b:ef:ca:90:b5:d7:ab:fc:2c:9f:f5:e2:38:9c: 1f:c5:3c:35:87:49:15:d3:9a:87:72:61:a6:0d:64:4f:ca:00: 9c:b6:5f:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuu3L0sNxUI89O+rH5CVUhIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix OTQwZWYwHhcNMjYwMTExMjEwMTAwWhcNMjYwMTEyMjEwMTAwWjAzMTEwLwYDVQQD Eyg3YjYxNTNiMDYwOTI0MjI1ZDllMGQ0ZmZhYTlkODE1MTVlM2RkYzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiQwgGf4bJb7dCdwy90i7t8FoMA5 TOU+UqhVLAM28slhDHBtLgbmD4B8reuFjLmYU2DtbDTMuqFJYmbmEX4yFf4dmCkC tJrxZzrGHpTPRUtHOR6KUDSXkXXDaDEZLTFWeNImlnOLjvavfz5iwlB3LdLRKTHQ BB84vXcuuM9Yamd2C5undqZ+Nfe656KjrZ8uT1X1ZR0GCvJIY8kCeD3lhY1FW26Z i3NB/T/3P6kEusWb43IfMftzefvJJ/lj69xnE5R67Q82slyPE5kc7YeoECt8M1jy yVRsZYhvbuJA8iwAghdKvgryhchd4qcncUUZDCDWh2pu0s5Vrw/EGNG/fQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHthU7BgkkIl2eDU/6qdgVFePdwgMB8GA1UdIwQY MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGR3Q4PkI MF1oyFNYHvU1bdANgNXdO1Zu8DblNSDpWX+GiTZ1BUsyQFA1qIeCjnDOl/3nFhhf tAw8DgBO0saqO6ndbRVEi9/RqqNCSO2U8mDMAkkoMzB3DkfNxxKU4iPSmDqAnJiY K5p0iX+cveh3012frSPhwf7sbPUWplBTxUp92OghnLjfpO2XJR8IsQsHvGXyygIF lnn+1LgooLnJJemMWw54XiJcv1qLlazXeZswzKnv/FptoHaJBOn2dk27NBJYKFGl J9FHJtgmY3AfOJde9qI9SlAJlGiPaRvvypC116v8LJ/14jicH8U8NYdJFdOah3Jh pg1kT8oAnLZfVQ== -----END CERTIFICATE-----Generated at Mon Jan 12 00:52:39 2026 by rpki-client