This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft File: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json) Hash identifier: IWEemqzuS+ow5BeR7t+oghpXg/gFVQVOjuovepdoZ1s= Subject key identifier: B6:59:59:B5:8E:C6:2A:75:F6:9A:12:2D:FE:2F:ED:41:E1:CD:D7:BC Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4 Certificate issuer: /CN=a4068c6655c333fc712832c113f67f1fd688aec4 Certificate serial: 019C44DA3B8FF2BD495FC272412DA4E00111 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft Manifest number: 150E Signing time: Tue 10 Feb 2026 00:01:18 +0000 Manifest this update: Tue 10 Feb 2026 00:01:18 +0000 Manifest next update: Wed 11 Feb 2026 00:01:18 +0000 Files and hashes: 1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: aw3rZ422r1tthMUApO+txC/57dC8xQdzMFMcUtWqKCo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:da:3b:8f:f2:bd:49:5f:c2:72:41:2d:a4:e0:01:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4 Validity Not Before: Feb 10 00:01:18 2026 GMT Not After : Feb 11 00:01:18 2026 GMT Subject: CN=b65959b58ec62a75f69a122dfe2fed41e1cdd7bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:03:8f:1f:e9:8e:f7:51:d4:ae:2c:e1:e2:e0: 85:b4:d2:d2:a3:58:90:6c:95:c5:b5:9b:36:76:46: a1:9e:34:80:b1:75:a6:ac:30:ad:12:e0:10:04:20: 02:d8:f3:5e:fa:48:ad:eb:39:3c:09:48:e5:83:48: 56:cd:17:00:6c:2d:93:13:b1:19:45:24:2c:61:71: 20:0e:00:d0:c1:2b:4d:41:21:fc:c4:cf:5e:37:5d: 8d:fc:8b:a8:37:60:f4:da:f9:b3:6a:9d:a6:a7:23: e0:0f:60:13:e3:f8:22:30:cc:de:49:48:78:4e:35: da:66:54:70:ce:b0:19:39:dd:bc:e4:50:f3:84:02: 5d:05:8a:73:01:28:91:b7:3f:37:0a:90:fd:e0:83: 8a:7a:56:de:8a:04:66:e6:fe:8c:c5:e2:77:e5:ba: 16:20:48:3f:0e:33:fe:39:f1:1f:59:39:c6:8c:07: 0b:36:3d:82:87:d3:70:e9:5c:e9:22:58:9e:95:d9: 9f:64:40:8e:b9:3f:85:24:5e:62:23:fc:2d:ea:ac: 8a:84:76:29:2d:e9:48:f6:45:9c:85:69:dd:10:ca: cc:01:fe:cb:51:90:82:9d:23:39:a1:f3:9c:86:98: 94:fd:76:ee:d2:1b:7b:33:e9:e4:00:ac:74:17:0c: f3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:59:59:B5:8E:C6:2A:75:F6:9A:12:2D:FE:2F:ED:41:E1:CD:D7:BC X509v3 Authority Key Identifier: keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:fa:0a:3b:82:e2:fc:f4:ba:2e:be:13:f6:84:e4:b9:dd:a8: f0:e7:10:aa:2f:e0:00:47:c5:10:14:8e:1e:e6:9f:8d:97:74: 2d:39:28:f7:54:f7:58:aa:2d:d5:6d:93:1b:53:45:c0:0e:c2: 09:b6:14:92:fb:9f:6b:37:66:2c:bf:2f:7a:de:e2:53:5b:f5: 74:55:e6:db:cf:20:64:79:2b:0c:ab:e3:c5:dc:b6:06:e8:3a: 33:d0:98:24:b4:0d:ed:f5:10:06:ef:12:8c:cd:09:71:65:58: 7a:bc:72:3d:d3:56:94:91:d4:cd:4d:85:5a:28:73:ca:33:9a: d6:aa:5e:7b:5e:5c:5c:9c:b6:fc:0c:82:5f:04:67:bf:d4:c1: 0a:c6:23:51:08:2a:45:4b:18:58:da:7f:a7:e5:aa:1a:1b:c0: d3:4a:54:cf:f5:17:fa:01:14:93:cb:9e:bc:7d:e7:cf:c3:33: 64:df:56:f9:e8:d5:bb:5a:8b:c8:6c:94:2a:00:64:80:30:92: 73:6c:ef:3e:4b:e5:e7:7a:c9:8e:a5:de:af:cf:55:fa:64:2c: fd:d2:54:5e:20:6a:0d:1d:18:2a:80:49:92:cf:89:9a:dc:c7: 9a:a5:0f:35:5f:76:3e:75:33:5b:da:7f:1e:7c:b5:ca:61:71: 66:cd:d6:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxE2juP8r1JX8JyQS2k4AERMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4 OGFlYzQwHhcNMjYwMjEwMDAwMTE4WhcNMjYwMjExMDAwMTE4WjAzMTEwLwYDVQQD EyhiNjU5NTliNThlYzYyYTc1ZjY5YTEyMmRmZTJmZWQ0MWUxY2RkN2JjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQOPH+mO91HUrizh4uCFtNLSo1iQ bJXFtZs2dkahnjSAsXWmrDCtEuAQBCAC2PNe+kit6zk8CUjlg0hWzRcAbC2TE7EZ RSQsYXEgDgDQwStNQSH8xM9eN12N/IuoN2D02vmzap2mpyPgD2AT4/giMMzeSUh4 TjXaZlRwzrAZOd285FDzhAJdBYpzASiRtz83CpD94IOKelbeigRm5v6MxeJ35boW IEg/DjP+OfEfWTnGjAcLNj2Ch9Nw6VzpIlieldmfZECOuT+FJF5iI/wt6qyKhHYp LelI9kWchWndEMrMAf7LUZCCnSM5ofOchpiU/Xbu0ht7M+nkAKx0FwzztQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLZZWbWOxip19poSLf4v7UHhzde8MB8GA1UdIwQY MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfoKO4Li /PS6Lr4T9oTkud2o8OcQqi/gAEfFEBSOHuafjZd0LTko91T3WKot1W2TG1NFwA7C CbYUkvufazdmLL8vet7iU1v1dFXm288gZHkrDKvjxdy2Bug6M9CYJLQN7fUQBu8S jM0JcWVYerxyPdNWlJHUzU2FWihzyjOa1qpee15cXJy2/AyCXwRnv9TBCsYjUQgq RUsYWNp/p+WqGhvA00pUz/UX+gEUk8uevH3nz8MzZN9W+ejVu1qLyGyUKgBkgDCS c2zvPkvl53rJjqXer89V+mQs/dJUXiBqDR0YKoBJks+JmtzHmqUPNV92PnUzW9p/ Hny1ymFxZs3Weg== -----END CERTIFICATE-----Generated at Tue Feb 10 01:45:33 2026 by rpki-client