This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json) Hash identifier: aKP6xBmthdaYKmsL7i9qIJhrbK/QoePFSKmoQbqfMQE= Subject key identifier: 1A:B0:62:CB:88:ED:EF:71:DB:02:C5:53:F0:7E:DE:50:1C:83:E4:F0 Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Certificate serial: 019B8195DACCB1BE0A851E3F53BAE551AB08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft Manifest number: 17AD Signing time: Sat 03 Jan 2026 02:00:40 +0000 Manifest this update: Sat 03 Jan 2026 02:00:40 +0000 Manifest next update: Sun 04 Jan 2026 02:00:40 +0000 Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: VC6rm99zxlCmsv6LT/k2r9WSOT2tjk6dgnyicSVbenU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:81:95:da:cc:b1:be:0a:85:1e:3f:53:ba:e5:51:ab:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Validity Not Before: Jan 3 02:00:40 2026 GMT Not After : Jan 4 02:00:40 2026 GMT Subject: CN=1ab062cb88edef71db02c553f07ede501c83e4f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:06:c0:d0:ab:08:78:2f:0b:d9:6a:09:78:8e: 3d:79:d6:9c:14:7e:b7:17:01:41:61:b5:5e:f2:d3: ff:f3:cc:27:87:57:da:36:bc:67:9d:0a:9f:f4:d5: 5f:ce:bd:e1:f7:70:c0:e1:b0:40:08:57:20:ff:74: 39:bb:e0:3d:9a:f7:0b:28:ed:78:f8:ac:aa:cc:35: c7:12:f1:e9:de:52:2b:89:36:83:66:32:71:ca:a4: 0d:ea:9c:db:c6:e4:1a:36:4d:79:c0:3f:57:9f:5a: 3e:0a:05:37:df:46:c6:dd:54:8c:17:65:4e:54:ba: 67:d3:97:e3:e7:53:fd:0b:2a:83:b2:6d:27:9c:27: 5b:d9:75:e3:e9:c5:b9:79:6e:4b:c6:35:9b:31:1f: dd:47:a4:fb:a9:91:90:19:8e:95:c7:53:49:c1:2b: 8f:02:1e:22:b6:c7:70:e5:97:4a:f9:22:c9:b0:5a: 8f:dc:e9:14:89:a5:76:c7:c9:6d:f5:f3:0b:78:c9: e3:a6:04:c3:29:d6:e5:05:dd:bc:2c:ed:ea:6a:72: a4:ff:ac:e5:07:98:1f:4c:18:b7:1b:dc:f1:9f:57: 10:32:c7:d6:55:42:50:27:c0:9c:71:8d:be:0a:b7: 4a:43:5e:99:54:91:ae:40:eb:44:5c:11:85:32:b4: b4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:B0:62:CB:88:ED:EF:71:DB:02:C5:53:F0:7E:DE:50:1C:83:E4:F0 X509v3 Authority Key Identifier: keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:c7:d8:b2:e9:5e:38:a6:b6:7f:37:e5:c1:df:8a:82:0b:0e: 0f:49:b9:08:f1:c8:c6:c9:1c:57:10:2e:65:61:58:b3:ab:30: 83:ad:2a:84:8f:72:7e:38:34:fb:2a:d6:98:79:52:dc:64:9a: b0:33:0c:9d:51:15:d6:2a:44:5e:85:c0:21:79:1c:6a:8e:fd: 75:d9:99:95:38:35:f4:43:a6:d7:9f:4f:0f:2b:e7:28:57:8a: 32:c9:83:f7:c7:fb:38:4f:af:3d:f6:3a:49:b5:fd:56:a8:54: ec:78:7f:cc:63:92:b9:fb:c0:31:29:e4:3b:80:27:63:a2:9f: 91:59:2c:9b:e0:a3:fd:f8:a2:84:7e:c4:a8:cf:60:83:33:78: 84:3e:53:d6:6c:ea:c3:53:90:e2:0d:60:fc:0d:51:3a:cc:9e: 7f:5b:3f:e5:70:e7:53:56:a0:7b:a8:95:65:60:d6:1e:25:63: 07:a8:8e:c0:af:14:72:67:04:85:b6:7f:3e:66:c1:29:dd:a6: e0:84:05:2d:3f:30:11:53:50:5e:64:63:93:c0:d6:17:28:30: 15:8e:eb:fe:8c:ad:e2:6d:2d:66:79:bf:bd:9c:81:cb:91:67: d7:c4:ce:15:a9:f5:1c:7c:52:2a:b4:50:d7:0a:0c:ce:c4:fc: 2c:c8:75:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuBldrMsb4KhR4/U7rlUasIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj ZTMyZGYwHhcNMjYwMTAzMDIwMDQwWhcNMjYwMTA0MDIwMDQwWjAzMTEwLwYDVQQD EygxYWIwNjJjYjg4ZWRlZjcxZGIwMmM1NTNmMDdlZGU1MDFjODNlNGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgbA0KsIeC8L2WoJeI49edacFH63 FwFBYbVe8tP/88wnh1faNrxnnQqf9NVfzr3h93DA4bBACFcg/3Q5u+A9mvcLKO14 +KyqzDXHEvHp3lIriTaDZjJxyqQN6pzbxuQaNk15wD9Xn1o+CgU330bG3VSMF2VO VLpn05fj51P9CyqDsm0nnCdb2XXj6cW5eW5LxjWbMR/dR6T7qZGQGY6Vx1NJwSuP Ah4itsdw5ZdK+SLJsFqP3OkUiaV2x8lt9fMLeMnjpgTDKdblBd28LO3qanKk/6zl B5gfTBi3G9zxn1cQMsfWVUJQJ8CccY2+CrdKQ16ZVJGuQOtEXBGFMrS0ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBqwYsuI7e9x2wLFU/B+3lAcg+TwMB8GA1UdIwQY MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8fYsule OKa2fzflwd+KggsOD0m5CPHIxskcVxAuZWFYs6swg60qhI9yfjg0+yrWmHlS3GSa sDMMnVEV1ipEXoXAIXkcao79ddmZlTg19EOm159PDyvnKFeKMsmD98f7OE+vPfY6 SbX9VqhU7Hh/zGOSufvAMSnkO4AnY6KfkVksm+Cj/fiihH7EqM9ggzN4hD5T1mzq w1OQ4g1g/A1ROsyef1s/5XDnU1age6iVZWDWHiVjB6iOwK8UcmcEhbZ/PmbBKd2m 4IQFLT8wEVNQXmRjk8DWFygwFY7r/oyt4m0tZnm/vZyBy5Fn18TOFan1HHxSKrRQ 1woMzsT8LMh1Bg== -----END CERTIFICATE-----Generated at Sat Jan 3 06:56:31 2026 by rpki-client