This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft File: KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json) Hash identifier: CWwD53PfIDMIB8oGqWrq219zmpWJbt3iAJ99yS00uiQ= Subject key identifier: 69:95:7D:E9:B3:B7:38:BC:79:E3:9F:CD:96:91:2A:65:17:15:0A:FE Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 Certificate issuer: /CN=2880474a96161dde2942cfb9f1856c2ffc880904 Certificate serial: 019B7C01E336831F84FDFCE7353CA7BEF698 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft Manifest number: 0367 Signing time: Fri 02 Jan 2026 00:00:57 +0000 Manifest this update: Fri 02 Jan 2026 00:00:57 +0000 Manifest next update: Sat 03 Jan 2026 00:00:57 +0000 Files and hashes: 1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: lYHV7SGQTvCXwth9I7iM+f7kWshv82zNmqY5ZyXMpUQ=) 2: p5OtBuJ_H7AvfUmYp0Nby5w6BSc.roa (hash: oRePnKuJGEJuRAGyqz3spXqznhrS2YOXLr+XXfpc3VY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:01:e3:36:83:1f:84:fd:fc:e7:35:3c:a7:be:f6:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904 Validity Not Before: Jan 2 00:00:57 2026 GMT Not After : Jan 3 00:00:57 2026 GMT Subject: CN=69957de9b3b738bc79e39fcd96912a6517150afe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b5:1f:b2:9d:8e:0a:b4:13:c1:ff:e8:9e:21: c2:96:a8:8a:e9:15:01:f1:ff:b2:fb:79:b0:95:ba: 22:12:1b:f1:5d:ae:8b:74:2c:24:fb:ce:bf:e2:86: 5d:57:c8:44:fb:1c:2e:5e:b3:a3:01:a7:5e:b4:29: 28:c4:bb:6f:c8:56:26:a8:b3:f5:2c:cb:b7:7e:f4: 01:c7:6b:e3:92:92:09:e6:b7:4a:b1:43:6b:1a:24: 12:b1:2d:c8:97:41:07:7c:84:d3:3b:6e:c0:d3:b7: 66:d4:16:b6:8d:71:80:45:1d:82:ea:d5:5d:ac:fa: 09:d2:90:d7:a2:f8:5d:fc:5f:a7:ca:c4:5e:97:46: 21:c2:53:50:a8:a7:c1:24:55:a3:08:33:47:28:dc: 81:2d:b6:6f:cc:2b:c1:de:2a:24:d4:e7:3d:e4:4e: ac:56:7f:b3:ac:81:06:3f:ba:56:29:36:19:ae:a5: ec:65:1c:ff:a6:5d:74:93:68:80:84:21:fd:36:e7: a0:47:4f:df:dc:a3:7f:ed:31:89:05:a7:80:11:e1: 41:af:5c:09:b5:f8:1a:9f:d8:7f:9d:4c:b5:c1:b7: dd:5e:02:53:be:a1:36:f9:08:19:0b:6b:b6:b6:3f: 20:0f:a6:ea:ed:0c:89:fa:fa:64:b9:1d:f3:80:2a: b4:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:95:7D:E9:B3:B7:38:BC:79:E3:9F:CD:96:91:2A:65:17:15:0A:FE X509v3 Authority Key Identifier: keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:65:20:76:62:79:61:6c:57:cc:c6:3b:51:7c:f8:8f:f4:89: 2d:9d:29:d2:f7:b6:f9:43:11:9c:28:ba:ec:19:3f:04:d9:39: 33:af:ae:1e:94:f7:fd:88:77:63:0e:1a:03:f5:06:75:00:70: 08:a1:da:d2:6c:a5:e6:24:75:5b:99:41:00:40:7d:07:ee:4f: 7c:22:6d:bc:51:b5:1b:72:28:83:f9:54:70:19:0a:cf:e7:01: 89:ea:6a:8c:26:75:fd:33:64:2c:8e:42:ff:1d:aa:b5:ea:b3: a8:7f:55:9f:88:30:6f:da:c1:f7:d0:ab:82:68:96:68:2f:e4: eb:5d:92:5e:f5:1c:3d:9d:09:96:61:44:1b:08:6c:b5:bf:d0: 5e:c7:07:cf:80:34:07:c5:fb:9a:78:62:16:93:8c:7e:52:c9: 26:d2:6b:92:77:2a:e7:da:54:21:8e:64:83:07:37:83:76:10: 3f:f6:4d:64:b0:1d:f0:76:88:6e:ca:45:97:3d:10:31:35:ba: 6b:44:a7:2f:6b:6e:71:9e:0c:20:f1:3d:bc:00:35:98:b4:4a: 3f:8e:04:a2:6b:c8:69:15:5b:ad:62:28:06:e5:bb:61:de:63: 3a:5d:cb:06:b4:73:18:cb:03:d3:54:46:7e:0c:56:eb:2c:fe: 40:2c:43:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt8AeM2gx+E/fznNTynvvaYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4 ODA5MDQwHhcNMjYwMTAyMDAwMDU3WhcNMjYwMTAzMDAwMDU3WjAzMTEwLwYDVQQD Eyg2OTk1N2RlOWIzYjczOGJjNzllMzlmY2Q5NjkxMmE2NTE3MTUwYWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rUfsp2OCrQTwf/oniHClqiK6RUB 8f+y+3mwlboiEhvxXa6LdCwk+86/4oZdV8hE+xwuXrOjAadetCkoxLtvyFYmqLP1 LMu3fvQBx2vjkpIJ5rdKsUNrGiQSsS3Il0EHfITTO27A07dm1Ba2jXGARR2C6tVd rPoJ0pDXovhd/F+nysRel0YhwlNQqKfBJFWjCDNHKNyBLbZvzCvB3iok1Oc95E6s Vn+zrIEGP7pWKTYZrqXsZRz/pl10k2iAhCH9NuegR0/f3KN/7TGJBaeAEeFBr1wJ tfgan9h/nUy1wbfdXgJTvqE2+QgZC2u2tj8gD6bq7QyJ+vpkuR3zgCq0jQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGmVfemztzi8eeOfzZaRKmUXFQr+MB8GA1UdIwQY MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANWUgdmJ5 YWxXzMY7UXz4j/SJLZ0p0ve2+UMRnCi67Bk/BNk5M6+uHpT3/Yh3Yw4aA/UGdQBw CKHa0myl5iR1W5lBAEB9B+5PfCJtvFG1G3Iog/lUcBkKz+cBiepqjCZ1/TNkLI5C /x2qteqzqH9Vn4gwb9rB99CrgmiWaC/k612SXvUcPZ0JlmFEGwhstb/QXscHz4A0 B8X7mnhiFpOMflLJJtJrkncq59pUIY5kgwc3g3YQP/ZNZLAd8HaIbspFlz0QMTW6 a0SnL2tucZ4MIPE9vAA1mLRKP44EomvIaRVbrWIoBuW7Yd5jOl3LBrRzGMsD01RG fgxW6yz+QCxDAg== -----END CERTIFICATE-----Generated at Fri Jan 2 03:35:27 2026 by rpki-client