This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft File: CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft (raw, json) Hash identifier: fKd9xOYpAu+lW8/jVTkKA/mq7xojXARY5n308Z5HuA0= Subject key identifier: 2E:26:FA:CA:B9:78:66:C9:F2:E0:A4:AC:A0:52:F4:9D:07:49:25:79 Authority key identifier: 08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F Certificate issuer: /CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f Certificate serial: 019BB05DB76C8F5A6B7B00FA70CFB8041C5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft Manifest number: 05D3 Signing time: Mon 12 Jan 2026 04:01:30 +0000 Manifest this update: Mon 12 Jan 2026 04:01:30 +0000 Manifest next update: Tue 13 Jan 2026 04:01:30 +0000 Files and hashes: 1: CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl (hash: NVjkUTKiAL9BMuyltilRHpy3KTKkS6O37J5FV2MBxEQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b0:5d:b7:6c:8f:5a:6b:7b:00:fa:70:cf:b8:04:1c:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f Validity Not Before: Jan 12 04:01:30 2026 GMT Not After : Jan 13 04:01:30 2026 GMT Subject: CN=2e26facab97866c9f2e0a4aca052f49d07492579 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b3:3a:7a:e0:36:22:73:7d:05:ed:45:04:0b: 03:0a:42:73:14:85:7e:fd:65:de:9c:3f:32:ac:e6: e9:24:c4:1b:1f:1b:d4:09:75:2c:67:5d:6f:e5:a5: d6:4c:d0:f8:e5:c3:ed:72:47:7e:12:39:86:e7:6c: 05:f4:77:f8:de:9a:6e:dd:aa:de:d9:fb:65:74:55: ec:e1:ab:d7:4f:d9:c4:3f:dc:fe:d8:b8:20:66:6d: c9:3d:5c:40:87:8e:6d:a9:44:3a:85:c8:9c:74:b8: 8b:45:38:c2:36:11:af:49:95:b0:fa:0c:e9:11:50: 09:5c:90:5e:ec:e4:84:89:97:70:dc:9b:cc:44:f4: b5:b8:b6:eb:94:b0:4e:2d:f4:a5:c9:7f:03:8d:ae: f2:97:a6:e3:e7:85:a8:80:21:e9:71:e7:c4:82:fe: 69:2c:d7:16:14:ec:49:a8:cd:c8:b0:c4:71:4b:70: f7:31:8a:14:a3:e1:67:b0:af:08:1c:8e:ff:8e:3c: 83:72:70:a5:f3:68:3c:fe:f1:9c:42:ad:27:42:f5: 0c:b2:9d:ca:8e:b5:f1:4d:00:d5:1d:d9:8e:72:28: 93:c2:b9:55:18:eb:cb:4d:8d:f6:12:09:74:6a:50: 7e:72:13:d9:61:cf:cf:9e:19:89:cd:d8:3d:9d:3f: db:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:26:FA:CA:B9:78:66:C9:F2:E0:A4:AC:A0:52:F4:9D:07:49:25:79 X509v3 Authority Key Identifier: keyid:08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:45:23:57:3b:4c:a6:9f:04:e5:44:c0:c3:fd:34:f8:32:e2: 39:eb:41:07:b8:95:88:66:7e:ce:4c:d1:86:1d:ae:0d:9b:9a: 20:75:d0:b7:a8:ff:93:b6:e2:81:c4:f7:cc:b7:36:3b:12:12: f1:0c:6f:5b:cc:f6:c0:46:2e:23:4b:f3:89:4f:75:10:0d:be: 64:7a:ae:c4:81:5c:21:61:c7:e5:a9:2d:2c:1d:7c:64:66:a7: 96:e1:96:fd:e3:96:c6:13:32:d2:04:fd:66:e6:76:7b:a2:3a: e1:fd:1f:f1:99:71:74:0b:a7:c2:50:f5:99:30:0d:f8:03:62: a0:e0:13:16:4d:92:e7:d5:7d:7a:2b:c0:29:80:34:78:92:90: 21:c6:db:1a:51:b3:6c:9f:5b:2e:ad:42:98:d7:14:ca:6d:76: 97:63:41:b4:eb:85:82:1a:53:a3:e8:3b:f4:be:de:c9:91:f4: e8:bc:1e:c8:e4:6b:ce:a7:86:f1:05:5e:de:d4:14:95:97:c5: 7b:fd:da:21:71:32:a6:ec:1c:c1:5c:72:d4:de:47:8a:5e:a5: ae:5b:4a:b5:51:0a:28:dc:0f:84:91:52:1b:80:35:8b:a6:70: 99:a1:a6:e3:73:19:88:34:00:f8:b3:23:76:37:cb:66:bb:90: 0c:95:f8:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuwXbdsj1prewD6cM+4BBxfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YThiOGZlMGM4ODVhNDVmMjQ4NTUyMzM0MmU5YmE4ZGM4 OWU2OGYwHhcNMjYwMTEyMDQwMTMwWhcNMjYwMTEzMDQwMTMwWjAzMTEwLwYDVQQD EygyZTI2ZmFjYWI5Nzg2NmM5ZjJlMGE0YWNhMDUyZjQ5ZDA3NDkyNTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrM6euA2InN9Be1FBAsDCkJzFIV+ /WXenD8yrObpJMQbHxvUCXUsZ11v5aXWTND45cPtckd+EjmG52wF9Hf43ppu3are 2ftldFXs4avXT9nEP9z+2LggZm3JPVxAh45tqUQ6hcicdLiLRTjCNhGvSZWw+gzp EVAJXJBe7OSEiZdw3JvMRPS1uLbrlLBOLfSlyX8Dja7yl6bj54WogCHpcefEgv5p LNcWFOxJqM3IsMRxS3D3MYoUo+FnsK8IHI7/jjyDcnCl82g8/vGcQq0nQvUMsp3K jrXxTQDVHdmOciiTwrlVGOvLTY32Egl0alB+chPZYc/PnhmJzdg9nT/b6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC4m+sq5eGbJ8uCkrKBS9J0HSSV5MB8GA1UdIwQY MBaAFAiouP4MiFpF8khVIzQum6jcieaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUt OWVlNTM0NDJjM2U5LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUtOWVlNTM0NDJjM2U5 LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI0UjVztM pp8E5UTAw/00+DLiOetBB7iViGZ+zkzRhh2uDZuaIHXQt6j/k7bigcT3zLc2OxIS 8QxvW8z2wEYuI0vziU91EA2+ZHquxIFcIWHH5aktLB18ZGanluGW/eOWxhMy0gT9 ZuZ2e6I64f0f8ZlxdAunwlD1mTAN+ANioOATFk2S59V9eivAKYA0eJKQIcbbGlGz bJ9bLq1CmNcUym12l2NBtOuFghpTo+g79L7eyZH06LweyORrzqeG8QVe3tQUlZfF e/3aIXEypuwcwVxy1N5Hil6lrltKtVEKKNwPhJFSG4A1i6ZwmaGm43MZiDQA+LMj djfLZruQDJX4UQ== -----END CERTIFICATE-----Generated at Mon Jan 12 10:00:52 2026 by rpki-client