This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft File: kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json) Hash identifier: eQLShnWoFghW8VHZpbIsBILBk/6byuz1rJcysEKMKI4= Subject key identifier: F9:C2:63:74:FF:55:BA:0B:66:4D:44:B5:A9:E3:BE:FD:E4:F1:C3:D2 Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 Certificate issuer: /CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Certificate serial: 019B7C38C1794FAD33908429F4DFF1A60DB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft Manifest number: 06BB Signing time: Fri 02 Jan 2026 01:00:52 +0000 Manifest this update: Fri 02 Jan 2026 01:00:52 +0000 Manifest next update: Sat 03 Jan 2026 01:00:52 +0000 Files and hashes: 1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: pFIaZv5nRWxYcXLuy75BL+Ou/qFDBQfhXxYKuxVP608=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:38:c1:79:4f:ad:33:90:84:29:f4:df:f1:a6:0d:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Validity Not Before: Jan 2 01:00:52 2026 GMT Not After : Jan 3 01:00:52 2026 GMT Subject: CN=f9c26374ff55ba0b664d44b5a9e3befde4f1c3d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:81:80:d1:f5:ca:ea:cb:e0:f6:92:2d:d4:70: 70:24:fa:5a:7c:42:a1:36:b7:e9:a2:18:c5:76:cb: 3e:b6:ad:34:c2:2b:ba:a7:54:fa:a1:9e:9d:c5:1f: bb:e2:36:34:06:68:6c:58:05:b2:71:54:e8:9e:f7: 59:8b:5c:19:30:62:f5:ed:07:3c:06:d3:2d:04:cc: ad:e2:a7:f2:5b:71:29:31:b7:eb:63:69:fb:e0:49: 89:66:63:84:d6:56:f3:74:f7:13:75:4f:e6:27:a7: c1:e7:91:75:3e:a2:36:b3:4e:48:17:b5:08:61:9c: 74:bf:76:6d:5e:db:6a:54:d2:1c:02:2c:8c:b5:87: 0b:0d:4a:8b:f1:d4:86:e1:80:ab:57:a7:56:0d:65: 8d:2e:64:8f:88:c9:12:fb:a7:78:fe:12:7a:c0:bc: db:fb:4f:a1:9c:a1:18:df:43:49:6c:38:00:56:cd: 57:12:83:38:e1:b4:41:fc:bc:04:f3:3b:74:f3:8e: 61:87:1f:7d:74:89:8f:22:ad:79:e8:f7:28:8b:88: b0:1f:99:c5:c1:ac:12:7a:f9:ac:6c:28:f3:33:a3: 5b:5a:d9:e8:2e:e7:b4:7f:9d:62:48:0c:49:8d:a0: fc:26:eb:99:f3:af:80:2d:e4:c4:c0:66:99:67:24: 31:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:C2:63:74:FF:55:BA:0B:66:4D:44:B5:A9:E3:BE:FD:E4:F1:C3:D2 X509v3 Authority Key Identifier: keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:5e:9a:fa:aa:b8:d5:6c:d6:b5:2c:a5:c9:34:f7:b1:a3:f8: c4:e4:27:45:b3:19:f6:d6:5d:74:65:20:d6:75:4c:72:25:b8: 53:16:0c:6e:08:31:2e:18:81:b9:88:fa:57:fb:c9:50:27:5c: 05:1c:00:bd:d3:8b:01:33:9c:ba:b6:f7:18:92:fb:75:b8:93: e3:ff:8a:0c:d5:2b:d9:d5:48:0e:98:f9:76:4c:38:74:e2:c7: 2c:ec:96:db:b1:48:84:77:c1:87:15:74:8d:b1:c1:c7:10:d9: b8:31:2a:90:1d:89:87:64:d8:6f:6a:d2:80:28:2a:c6:5e:3b: 9d:94:4d:cd:3a:67:25:5a:4a:b9:4e:ee:a0:82:f0:00:df:6f: 61:0b:d3:6f:78:e4:ca:a4:e0:85:0e:6a:3e:a9:be:59:31:1d: f5:ec:ab:18:e7:fb:4c:52:50:1f:be:06:3e:a2:2d:43:10:9b: d3:50:98:2f:49:5b:40:89:d7:ce:ec:d8:47:fa:16:8a:ce:f6: ee:2b:b8:e3:88:ed:47:31:2b:41:7e:08:0d:08:d8:df:77:14: fc:3c:4b:99:1a:10:2d:82:7b:60:51:51:7d:b3:0e:0a:c6:8c: fc:59:66:4c:ab:2d:f8:e3:d7:0f:7d:18:50:fe:3d:c8:d0:5f: f7:3b:a0:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt8OMF5T60zkIQp9N/xpg23MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh YTA4YjEwHhcNMjYwMTAyMDEwMDUyWhcNMjYwMTAzMDEwMDUyWjAzMTEwLwYDVQQD EyhmOWMyNjM3NGZmNTViYTBiNjY0ZDQ0YjVhOWUzYmVmZGU0ZjFjM2QyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YGA0fXK6svg9pIt1HBwJPpafEKh NrfpohjFdss+tq00wiu6p1T6oZ6dxR+74jY0BmhsWAWycVTonvdZi1wZMGL17Qc8 BtMtBMyt4qfyW3EpMbfrY2n74EmJZmOE1lbzdPcTdU/mJ6fB55F1PqI2s05IF7UI YZx0v3ZtXttqVNIcAiyMtYcLDUqL8dSG4YCrV6dWDWWNLmSPiMkS+6d4/hJ6wLzb +0+hnKEY30NJbDgAVs1XEoM44bRB/LwE8zt0845hhx99dImPIq156Pcoi4iwH5nF wawSevmsbCjzM6NbWtnoLue0f51iSAxJjaD8JuuZ86+ALeTEwGaZZyQxSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPnCY3T/VboLZk1Etanjvv3k8cPSMB8GA1UdIwQY MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0 LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABF6a+qq4 1WzWtSylyTT3saP4xOQnRbMZ9tZddGUg1nVMciW4UxYMbggxLhiBuYj6V/vJUCdc BRwAvdOLATOcurb3GJL7dbiT4/+KDNUr2dVIDpj5dkw4dOLHLOyW27FIhHfBhxV0 jbHBxxDZuDEqkB2Jh2TYb2rSgCgqxl47nZRNzTpnJVpKuU7uoILwAN9vYQvTb3jk yqTghQ5qPqm+WTEd9eyrGOf7TFJQH74GPqItQxCb01CYL0lbQInXzuzYR/oWis72 7iu444jtRzErQX4IDQjY33cU/DxLmRoQLYJ7YFFRfbMOCsaM/FlmTKst+OPXD30Y UP49yNBf9zugEw== -----END CERTIFICATE-----Generated at Fri Jan 2 08:17:48 2026 by rpki-client