This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft File: kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json) Hash identifier: zAKn/pjJz3AHDjj9WRihURdOvOhNTAm3vcFDEcVjZUs= Subject key identifier: B2:DD:DA:2A:88:B1:9D:FA:C2:AE:2F:1F:F3:FB:52:9E:A5:9E:25:24 Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC Certificate issuer: /CN=918687c8542442170cc51ef5316d3963609708dc Certificate serial: 019BAE6F95CEEBC7601B6BF2223602F3078D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft Manifest number: 13CF Signing time: Sun 11 Jan 2026 19:01:46 +0000 Manifest this update: Sun 11 Jan 2026 19:01:46 +0000 Manifest next update: Mon 12 Jan 2026 19:01:46 +0000 Files and hashes: 1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: DO6ZKltg7SVjYa/TFay6GtID8rl9IwKCrIBcsJWgkLc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ae:6f:95:ce:eb:c7:60:1b:6b:f2:22:36:02:f3:07:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=918687c8542442170cc51ef5316d3963609708dc Validity Not Before: Jan 11 19:01:46 2026 GMT Not After : Jan 12 19:01:46 2026 GMT Subject: CN=b2ddda2a88b19dfac2ae2f1ff3fb529ea59e2524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:82:98:a8:9b:42:2c:8c:c2:b3:73:1d:7a:0c: 05:63:9f:c0:6d:db:00:7f:77:b4:e9:2a:9d:c2:44: 3f:0f:f1:37:59:92:ca:aa:3b:27:55:9e:7f:b2:a5: b3:08:42:36:b1:6a:95:25:3a:18:52:9e:b5:3e:e6: e9:aa:57:f8:6f:9d:df:1c:30:f6:9b:18:51:b1:9a: 1a:a6:90:0a:5d:88:ef:60:5e:c8:af:3e:71:c6:56: 49:76:87:66:b7:c6:b8:71:8a:04:b1:2a:11:72:2c: 24:ad:6b:d5:e9:5f:1f:0b:b3:1a:83:78:ad:a2:70: dc:b6:93:3c:c1:e5:df:d9:a7:05:39:7b:83:3e:23: 16:1e:40:3c:4e:03:3a:3a:76:06:94:e5:54:a3:44: c8:e7:2a:14:23:ea:6b:f9:6c:ce:dd:e0:e5:4f:2c: 0c:15:07:fb:2e:b6:8c:22:d9:2e:31:5d:e5:d2:eb: b1:c5:36:70:c2:73:d4:34:2a:4b:af:8c:1a:0a:e3: aa:50:8a:9a:eb:c5:a9:91:d7:b3:65:8d:3c:ff:06: 29:5c:44:27:25:44:68:fc:3e:e2:2e:f2:0f:ec:3b: 95:8c:1e:d1:f7:98:4d:b3:93:0f:85:75:10:c7:16: 88:8e:c5:d0:92:f1:59:35:72:12:49:9b:81:47:c8: e4:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:DD:DA:2A:88:B1:9D:FA:C2:AE:2F:1F:F3:FB:52:9E:A5:9E:25:24 X509v3 Authority Key Identifier: keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:98:d5:bb:00:38:24:c5:4b:3f:e7:6b:55:b8:62:3b:b6:d7: b5:3c:4e:ab:df:93:7c:22:fb:6b:9c:97:f7:0d:e0:56:9d:1c: d8:0d:00:0a:8b:f2:8d:55:16:49:8c:55:64:30:d4:08:89:95: 7a:a9:ae:50:4e:f7:4c:83:66:17:68:c4:43:2f:6e:6f:54:8e: 9d:00:84:f5:f4:a2:4a:b3:fa:a2:cd:ed:12:3a:2f:09:cb:9b: 92:9f:99:1a:cd:4c:79:58:be:e3:54:1a:1e:d6:8b:e8:29:69: ce:5f:b2:9b:e3:f9:74:2b:c7:2d:ae:84:82:37:ea:27:67:61: fd:f1:89:e5:f1:f2:84:f7:d2:4b:30:a2:dc:04:3b:31:98:5c: fd:4f:8d:96:e4:ff:10:0f:9c:d5:2b:46:32:35:2b:c8:41:08: 06:85:4d:f7:4b:1d:0c:06:ca:df:0e:81:51:f9:d2:ca:93:e1: d2:50:b9:af:ac:ab:4f:9c:c2:76:77:e5:d9:e9:12:b7:f2:91: d9:44:6d:65:69:98:65:e8:90:1e:78:da:a0:5d:92:f0:74:37: 4f:f3:65:6f:73:72:85:ec:d8:32:8f:a3:c8:bd:37:54:82:11: 70:3c:17:a3:33:83:09:09:60:cd:3c:07:70:7e:9b:ae:22:b2: 48:d9:53:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuub5XO68dgG2vyIjYC8weNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5 NzA4ZGMwHhcNMjYwMTExMTkwMTQ2WhcNMjYwMTEyMTkwMTQ2WjAzMTEwLwYDVQQD EyhiMmRkZGEyYTg4YjE5ZGZhYzJhZTJmMWZmM2ZiNTI5ZWE1OWUyNTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYKYqJtCLIzCs3MdegwFY5/AbdsA f3e06SqdwkQ/D/E3WZLKqjsnVZ5/sqWzCEI2sWqVJToYUp61Pubpqlf4b53fHDD2 mxhRsZoappAKXYjvYF7Irz5xxlZJdodmt8a4cYoEsSoRciwkrWvV6V8fC7Mag3it onDctpM8weXf2acFOXuDPiMWHkA8TgM6OnYGlOVUo0TI5yoUI+pr+WzO3eDlTywM FQf7LraMItkuMV3l0uuxxTZwwnPUNCpLr4waCuOqUIqa68WpkdezZY08/wYpXEQn JURo/D7iLvIP7DuVjB7R95hNs5MPhXUQxxaIjsXQkvFZNXISSZuBR8jkGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLd2iqIsZ36wq4vH/P7Up6lniUkMB8GA1UdIwQY MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5jVuwA4 JMVLP+drVbhiO7bXtTxOq9+TfCL7a5yX9w3gVp0c2A0ACovyjVUWSYxVZDDUCImV eqmuUE73TINmF2jEQy9ub1SOnQCE9fSiSrP6os3tEjovCcubkp+ZGs1MeVi+41Qa HtaL6Clpzl+ym+P5dCvHLa6EgjfqJ2dh/fGJ5fHyhPfSSzCi3AQ7MZhc/U+NluT/ EA+c1StGMjUryEEIBoVN90sdDAbK3w6BUfnSypPh0lC5r6yrT5zCdnfl2ekSt/KR 2URtZWmYZeiQHnjaoF2S8HQ3T/Nlb3NyhezYMo+jyL03VIIRcDwXozODCQlgzTwH cH6briKySNlTrg== -----END CERTIFICATE-----Generated at Mon Jan 12 01:48:17 2026 by rpki-client