This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft File: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft (raw, json) Hash identifier: bvzqtBhLPX4LU8R2C3m273i6sMsAtQMBey0/V++BT2E= Subject key identifier: 0E:92:F2:3D:54:D3:97:B2:8D:58:64:BD:1B:EA:D4:5E:9A:CD:C0:22 Authority key identifier: 2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C Certificate issuer: /CN=2a5275ad89c9976b51030c5bd256799b7926560c Certificate serial: 019BB4035E7A082DE526A2333860BF00BF47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft Manifest number: 0B76 Signing time: Mon 12 Jan 2026 21:01:18 +0000 Manifest this update: Mon 12 Jan 2026 21:01:18 +0000 Manifest next update: Tue 13 Jan 2026 21:01:18 +0000 Files and hashes: 1: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl (hash: wzUZAPQjzTPPHphoNb/oyrqZx6uGbNoXggDLN5hBtwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 16:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b4:03:5e:7a:08:2d:e5:26:a2:33:38:60:bf:00:bf:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a5275ad89c9976b51030c5bd256799b7926560c Validity Not Before: Jan 12 21:01:18 2026 GMT Not After : Jan 13 21:01:18 2026 GMT Subject: CN=0e92f23d54d397b28d5864bd1bead45e9acdc022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9d:c6:26:36:81:1a:83:f1:3b:36:f3:1c:77: 0c:7b:5e:bc:e1:d4:48:13:3b:35:37:da:e2:26:7c: 2e:cf:ac:f7:1e:fa:02:f1:7f:9b:0b:ee:2d:81:77: 4f:a3:9a:0d:ac:e9:46:2d:b1:56:8e:18:c4:e8:cf: 59:48:4d:38:0f:52:f9:c9:24:2e:d1:e0:91:a9:e2: b3:31:a0:3e:1b:46:91:32:d2:28:ed:d7:00:3c:60: 98:a4:9a:12:1f:34:87:47:8e:ac:fd:9c:a0:a4:34: da:fe:95:e8:63:32:15:10:d6:2e:98:65:d7:2a:17: dd:01:4a:d8:41:73:c8:b8:00:5b:db:fa:a7:f4:0a: ee:3b:73:0a:8f:30:cc:43:b4:a5:fb:03:61:4a:f1: 44:9b:e7:ee:0c:f3:6d:ad:8d:08:f6:dd:cb:0c:79: 53:a0:52:d5:44:a4:34:c0:77:12:d0:e7:8c:c3:c1: 73:81:c3:78:5e:d7:e0:1f:51:c6:d7:3e:4f:b0:43: d2:63:82:e2:2a:c9:6d:db:6d:ef:99:b7:42:fb:09: e1:8e:e4:92:83:86:4d:46:15:04:66:3c:bf:6c:d7: 1a:e3:aa:0e:c4:92:c4:77:77:b4:19:b5:88:73:1d: 92:b2:f5:26:56:da:7a:42:29:05:d8:38:3d:6b:22: 8e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:92:F2:3D:54:D3:97:B2:8D:58:64:BD:1B:EA:D4:5E:9A:CD:C0:22 X509v3 Authority Key Identifier: keyid:2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:db:1a:b7:3f:6c:ef:0b:fa:3f:18:3a:2a:b8:76:ba:e2:77: 21:85:61:91:de:40:bb:cc:ee:28:18:af:32:e1:55:70:dd:19: d4:44:55:31:ee:d0:43:cb:41:3a:40:12:7e:56:46:92:58:32: a4:d4:22:78:3d:c6:9b:f0:f2:9b:3e:6e:c4:9a:ae:56:d0:5c: e0:84:24:49:8f:b4:69:cf:11:d5:d6:20:05:d0:d7:91:b5:55: d2:74:ee:7a:d9:0a:58:33:57:95:a5:36:5b:4f:d8:b3:98:a9: 91:b3:4a:fd:f9:fd:6c:24:b3:18:fd:5f:bc:c7:5a:ea:3a:e6: 95:ef:44:6e:b7:4d:81:30:3a:40:00:fd:2e:35:c4:f8:0b:0e: a3:ae:b7:da:7b:75:8e:51:df:63:69:2b:14:6d:d2:f3:de:e4: 10:76:fd:b1:22:fa:6e:9e:83:76:c3:a2:f8:ee:5e:72:2c:90: 9f:f9:33:72:19:fb:52:0b:3e:c6:7d:6d:75:8d:7d:d3:0c:48: 32:1f:79:4e:36:5d:39:8f:1f:5b:52:37:b5:5a:c9:6c:e1:1e: e1:f3:13:88:2c:31:7a:a7:25:25:88:f5:42:92:77:99:eb:a2: 8a:f9:7b:dc:63:a7:cb:47:c6:d7:69:f7:71:60:47:54:5c:fc: ec:ea:f5:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZu0A156CC3lJqIzOGC/AL9HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNTI3NWFkODljOTk3NmI1MTAzMGM1YmQyNTY3OTliNzky NjU2MGMwHhcNMjYwMTEyMjEwMTE4WhcNMjYwMTEzMjEwMTE4WjAzMTEwLwYDVQQD EygwZTkyZjIzZDU0ZDM5N2IyOGQ1ODY0YmQxYmVhZDQ1ZTlhY2RjMDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp3GJjaBGoPxOzbzHHcMe1684dRI Ezs1N9riJnwuz6z3HvoC8X+bC+4tgXdPo5oNrOlGLbFWjhjE6M9ZSE04D1L5ySQu 0eCRqeKzMaA+G0aRMtIo7dcAPGCYpJoSHzSHR46s/ZygpDTa/pXoYzIVENYumGXX KhfdAUrYQXPIuABb2/qn9AruO3MKjzDMQ7Sl+wNhSvFEm+fuDPNtrY0I9t3LDHlT oFLVRKQ0wHcS0OeMw8FzgcN4XtfgH1HG1z5PsEPSY4LiKslt223vmbdC+wnhjuSS g4ZNRhUEZjy/bNca46oOxJLEd3e0GbWIcx2SsvUmVtp6QikF2Dg9ayKOfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6S8j1U05eyjVhkvRvq1F6azcAiMB8GA1UdIwQY MBaAFCpSda2JyZdrUQMMW9JWeZt5JlYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQt MTE1NjY5MGE0M2I1LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQtMTE1NjY5MGE0M2I1 LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9satz9s 7wv6Pxg6Krh2uuJ3IYVhkd5Au8zuKBivMuFVcN0Z1ERVMe7QQ8tBOkASflZGklgy pNQieD3Gm/Dymz5uxJquVtBc4IQkSY+0ac8R1dYgBdDXkbVV0nTuetkKWDNXlaU2 W0/Ys5ipkbNK/fn9bCSzGP1fvMda6jrmle9EbrdNgTA6QAD9LjXE+AsOo6632nt1 jlHfY2krFG3S897kEHb9sSL6bp6DdsOi+O5eciyQn/kzchn7Ugs+xn1tdY190wxI Mh95TjZdOY8fW1I3tVrJbOEe4fMTiCwxeqclJYj1QpJ3meuiivl73GOny0fG12n3 cWBHVFz87Or1qw== -----END CERTIFICATE-----Generated at Mon Jan 12 23:52:55 2026 by rpki-client