This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft File: kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json) Hash identifier: 4M1Lr3xCaDINjaRqKkm2vp5+RBCda5g5qMURd00Esbc= Subject key identifier: 49:8E:6B:B4:E7:63:A0:7D:11:33:F9:E9:41:85:38:CC:C2:3F:A2:8A Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Certificate serial: 019B785CCF38D88B96A24D9D8C4B52370FE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft Manifest number: 17B2 Signing time: Thu 01 Jan 2026 07:01:46 +0000 Manifest this update: Thu 01 Jan 2026 07:01:46 +0000 Manifest next update: Fri 02 Jan 2026 07:01:46 +0000 Files and hashes: 1: 1-w_Sx8LRPBvLvkJLZOQlFfGluOo.roa (hash: jW6TH6eaQc46mg+HMpMqf3iTbPrehVKAIBq6ffyUgyg=) 2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: eVpbr+2pebz3BCNdLJI7CMy+KCdid7B81IQp7ParUJM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 07:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:5c:cf:38:d8:8b:96:a2:4d:9d:8c:4b:52:37:0f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Validity Not Before: Jan 1 07:01:46 2026 GMT Not After : Jan 2 07:01:46 2026 GMT Subject: CN=498e6bb4e763a07d1133f9e9418538ccc23fa28a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:4f:72:0e:57:e2:36:a3:e8:a8:99:d4:a7:64: d0:be:ea:3a:48:cb:e1:b2:5e:e4:d4:62:7f:1c:16: 7d:c1:94:ad:f0:8d:b9:c9:00:97:47:4a:07:47:dc: 63:25:87:c4:1e:dc:e2:26:d5:28:e7:64:a1:b8:ae: db:c6:12:84:09:b5:fc:f4:04:3c:32:1e:a2:c9:2d: 4e:84:d1:e1:65:b8:55:ca:dc:3f:f1:1c:af:72:9c: 87:de:2b:eb:08:64:cd:10:aa:9d:25:af:e9:e7:69: 46:6c:f6:30:31:8d:0e:14:38:db:35:7f:5f:5c:c3: 29:06:f5:d2:06:95:1f:b5:33:6f:c3:88:e0:99:57: 75:05:70:db:54:9e:27:f7:56:e2:68:0f:87:28:b5: 50:f9:a9:c8:b1:ec:be:9e:30:c2:24:13:c4:18:36: 99:3e:0c:f6:bd:e7:76:91:5e:01:b0:bf:27:44:0d: 10:ae:c6:ab:c6:f3:72:39:bf:70:1d:a3:c6:f3:26: 9d:db:dd:3e:8e:ba:f9:df:36:d0:f9:48:27:de:68: fe:bb:62:ca:7b:59:aa:e7:60:65:20:ab:cb:09:d0: c4:35:6a:39:50:d5:af:e5:20:ad:eb:50:de:24:cf: f1:8b:e0:c2:23:ed:43:1f:8a:c3:60:d1:af:eb:b4: 43:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:8E:6B:B4:E7:63:A0:7D:11:33:F9:E9:41:85:38:CC:C2:3F:A2:8A X509v3 Authority Key Identifier: keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:36:9e:b1:bf:62:a7:1e:e5:c9:a0:2a:d8:50:b4:93:22:95: a1:d7:0d:f5:5e:da:21:03:39:56:e9:26:f0:cd:16:b6:ad:7b: df:e7:60:0b:9e:cf:09:a8:21:2c:79:92:84:09:46:22:51:86: 1a:2d:00:4b:85:f8:47:dd:50:ac:0c:e4:37:b7:14:a3:f6:97: 3a:a3:f9:b5:37:6f:68:6f:90:e7:44:1d:f8:2a:cc:7f:04:c9: 83:55:3c:3a:c7:b7:0c:26:9a:b3:a4:4a:2b:61:d2:0d:cd:64: c5:36:19:6b:17:1e:00:56:a7:75:30:a3:96:85:96:67:ca:8c: 76:12:40:6c:71:35:75:31:f1:3d:d1:ff:09:36:f0:d1:86:73: 2e:db:a8:f9:90:40:01:ab:25:4e:a7:7a:66:88:d3:bb:c4:18: 09:aa:6a:00:9a:af:10:40:08:99:a2:a6:d8:ab:6d:91:98:b4: 57:27:6a:bd:99:c2:7d:7d:75:73:7d:26:79:f8:95:46:f1:ae: 89:6e:ef:64:05:cb:ab:c1:e9:a6:75:0f:1e:12:24:3f:68:2a: 57:75:b4:f4:cc:12:b6:35:34:b5:84:e3:10:48:5f:69:26:39: 3c:e3:8d:f7:b4:69:16:8d:2e:99:ec:9d:f1:ba:a4:c7:87:fc: f4:6b:40:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt4XM842IuWok2djEtSNw/gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl ODU0NDQwHhcNMjYwMTAxMDcwMTQ2WhcNMjYwMTAyMDcwMTQ2WjAzMTEwLwYDVQQD Eyg0OThlNmJiNGU3NjNhMDdkMTEzM2Y5ZTk0MTg1MzhjY2MyM2ZhMjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE9yDlfiNqPoqJnUp2TQvuo6SMvh sl7k1GJ/HBZ9wZSt8I25yQCXR0oHR9xjJYfEHtziJtUo52ShuK7bxhKECbX89AQ8 Mh6iyS1OhNHhZbhVytw/8RyvcpyH3ivrCGTNEKqdJa/p52lGbPYwMY0OFDjbNX9f XMMpBvXSBpUftTNvw4jgmVd1BXDbVJ4n91biaA+HKLVQ+anIsey+njDCJBPEGDaZ Pgz2ved2kV4BsL8nRA0QrsarxvNyOb9wHaPG8yad290+jrr53zbQ+Ugn3mj+u2LK e1mq52BlIKvLCdDENWo5UNWv5SCt61DeJM/xi+DCI+1DH4rDYNGv67RDHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEmOa7TnY6B9ETP56UGFOMzCP6KKMB8GA1UdIwQY MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDaesb9i px7lyaAq2FC0kyKVodcN9V7aIQM5Vukm8M0Wtq173+dgC57PCaghLHmShAlGIlGG Gi0AS4X4R91QrAzkN7cUo/aXOqP5tTdvaG+Q50Qd+CrMfwTJg1U8Ose3DCaas6RK K2HSDc1kxTYZaxceAFandTCjloWWZ8qMdhJAbHE1dTHxPdH/CTbw0YZzLtuo+ZBA AaslTqd6ZojTu8QYCapqAJqvEEAImaKm2KttkZi0VydqvZnCfX11c30mefiVRvGu iW7vZAXLq8HppnUPHhIkP2gqV3W09MwStjU0tYTjEEhfaSY5POON97RpFo0umeyd 8bqkx4f89GtALg== -----END CERTIFICATE-----Generated at Thu Jan 1 14:25:58 2026 by rpki-client