This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json) Hash identifier: YIcwFwiTbGqwyLyl2ywJu81CMAFSBIjo2N89ljJ2hDc= Subject key identifier: 58:32:B6:04:8F:A8:E6:91:3F:26:23:42:78:46:5B:FF:90:5A:14:22 Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Certificate serial: 019BB1DDF5CD8F73EEEB85828CEE0CF31D19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft Manifest number: 17C6 Signing time: Mon 12 Jan 2026 11:01:12 +0000 Manifest this update: Mon 12 Jan 2026 11:01:12 +0000 Manifest next update: Tue 13 Jan 2026 11:01:12 +0000 Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: LBklcR6gg6ajQOUEpiEsvoUWGHlNgwD5rdo7LbDVcrg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b1:dd:f5:cd:8f:73:ee:eb:85:82:8c:ee:0c:f3:1d:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Validity Not Before: Jan 12 11:01:12 2026 GMT Not After : Jan 13 11:01:12 2026 GMT Subject: CN=5832b6048fa8e6913f26234278465bff905a1422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2b:ec:a8:a1:53:43:1d:7d:88:a4:b7:ba:f7: 6d:7f:d9:fa:7d:e7:33:78:dd:81:f1:1a:b2:67:ef: 2b:2e:de:04:4c:83:71:d4:74:68:03:94:40:48:69: 74:bb:34:18:f7:6d:87:3e:53:20:30:27:6e:9e:31: 92:b5:28:02:94:f6:3b:70:80:61:86:12:ba:88:3e: fa:c4:65:da:59:58:18:c3:b0:f5:62:e2:f2:c6:65: a2:30:10:81:b8:00:db:1e:ba:d3:40:a7:68:44:e6: b7:f4:a7:7f:62:5d:12:9f:38:7d:08:4c:21:9f:01: 50:7d:ed:87:f0:f5:53:75:39:87:ef:7c:35:b1:7f: d2:79:e5:d5:0a:fa:0c:04:bc:93:e7:f0:39:6f:fc: 87:b7:0f:00:b1:48:12:3e:fb:8d:b8:32:dc:2d:4b: 1d:c6:0a:91:a8:8f:f6:d7:69:70:5e:eb:07:f3:52: a6:1c:a8:01:06:1a:9c:c3:2c:4c:a5:0b:99:cf:d6: 7e:a0:6b:d0:1b:30:70:9f:ec:5e:1c:93:56:8a:92: 52:78:50:9b:e5:9c:65:c9:a1:8b:b4:3a:60:10:90: 86:60:01:be:f1:25:14:ed:12:4d:1e:2d:1d:19:ab: c3:06:50:0a:aa:3b:38:e0:e9:5e:e1:8b:b6:3e:96: 25:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:32:B6:04:8F:A8:E6:91:3F:26:23:42:78:46:5B:FF:90:5A:14:22 X509v3 Authority Key Identifier: keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c7:16:a2:e9:c2:12:36:8c:38:52:ce:1d:83:fe:93:4d:7e:fe: f7:1a:12:1b:f8:9f:ab:ef:b6:1f:e0:9d:0d:69:6b:4b:ef:c3: 0a:b9:ec:9c:7b:d5:2a:9a:4b:04:1d:a0:2c:93:b0:80:c8:b0: 22:92:56:e2:e6:83:a0:7d:ea:4b:4a:4c:f6:ca:2a:32:f7:20: 1a:67:e1:bd:51:02:3a:61:69:31:0d:e9:f2:7d:b2:a6:0e:71: 6f:31:4f:ca:cc:e0:eb:bf:75:35:91:2c:f6:60:12:cb:70:ee: 4b:9a:3e:14:43:73:6e:cc:6f:c9:18:38:c2:2f:ff:61:a6:eb: c3:f4:48:17:21:39:d4:74:bc:1e:2f:46:a8:12:4a:1f:e1:a8: 68:a7:64:77:d1:dc:1f:93:c0:ba:48:03:cb:b1:e6:5a:2f:7e: 82:9c:12:05:54:70:dd:b7:74:67:8c:91:9d:78:bc:65:35:27: fb:f9:e1:cf:7c:51:db:92:0d:4b:05:61:ca:02:24:88:91:81: 8a:19:2b:40:70:71:f6:4c:a1:8b:28:f6:11:a9:8a:df:b6:67: 49:58:65:61:76:07:d0:4e:e8:74:46:5f:41:27:dd:77:b2:6f: 3e:78:53:c4:b8:d5:ab:7a:da:6c:e8:6a:e8:da:1a:f0:9e:3f: 6d:97:2c:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZux3fXNj3Pu64WCjO4M8x0ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj ZTMyZGYwHhcNMjYwMTEyMTEwMTEyWhcNMjYwMTEzMTEwMTEyWjAzMTEwLwYDVQQD Eyg1ODMyYjYwNDhmYThlNjkxM2YyNjIzNDI3ODQ2NWJmZjkwNWExNDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCvsqKFTQx19iKS3uvdtf9n6fecz eN2B8RqyZ+8rLt4ETINx1HRoA5RASGl0uzQY922HPlMgMCdunjGStSgClPY7cIBh hhK6iD76xGXaWVgYw7D1YuLyxmWiMBCBuADbHrrTQKdoROa39Kd/Yl0Snzh9CEwh nwFQfe2H8PVTdTmH73w1sX/SeeXVCvoMBLyT5/A5b/yHtw8AsUgSPvuNuDLcLUsd xgqRqI/212lwXusH81KmHKgBBhqcwyxMpQuZz9Z+oGvQGzBwn+xeHJNWipJSeFCb 5ZxlyaGLtDpgEJCGYAG+8SUU7RJNHi0dGavDBlAKqjs44Ole4Yu2PpYlAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFgytgSPqOaRPyYjQnhGW/+QWhQiMB8GA1UdIwQY MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxxai6cIS Now4Us4dg/6TTX7+9xoSG/ifq++2H+CdDWlrS+/DCrnsnHvVKppLBB2gLJOwgMiw IpJW4uaDoH3qS0pM9soqMvcgGmfhvVECOmFpMQ3p8n2ypg5xbzFPyszg6791NZEs 9mASy3DuS5o+FENzbsxvyRg4wi//Yabrw/RIFyE51HS8Hi9GqBJKH+GoaKdkd9Hc H5PAukgDy7HmWi9+gpwSBVRw3bd0Z4yRnXi8ZTUn+/nhz3xR25INSwVhygIkiJGB ihkrQHBx9kyhiyj2EamK37ZnSVhlYXYH0E7odEZfQSfdd7JvPnhTxLjVq3rabOhq 6Noa8J4/bZcsvg== -----END CERTIFICATE-----Generated at Mon Jan 12 13:46:33 2026 by rpki-client