This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft File: aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json) Hash identifier: o44ABZzS2mbIJyFMaqLZYDi+7Frl3LOQauS16Fathnw= Subject key identifier: 3E:34:90:0F:A1:73:56:AF:CB:6C:A3:96:6C:3A:15:A5:28:DB:03:9F Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 Certificate issuer: /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Certificate serial: 019C41D89A0BB3930BF24EED0FC6E1CD838C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft Manifest number: 0F29 Signing time: Mon 09 Feb 2026 10:00:40 +0000 Manifest this update: Mon 09 Feb 2026 10:00:40 +0000 Manifest next update: Tue 10 Feb 2026 10:00:40 +0000 Files and hashes: 1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: Lx9bf7RBq8VxJ3d8SpcZG1DwiHAWWc7PYhhB8Jz94gA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:d8:9a:0b:b3:93:0b:f2:4e:ed:0f:c6:e1:cd:83:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Validity Not Before: Feb 9 10:00:40 2026 GMT Not After : Feb 10 10:00:40 2026 GMT Subject: CN=3e34900fa17356afcb6ca3966c3a15a528db039f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:6c:94:2a:aa:82:98:f5:0e:d0:db:e4:2a:89: ce:63:e0:18:f3:21:ac:67:b2:94:16:fb:dc:dd:86: 37:bb:ff:22:90:87:d4:ed:39:27:f1:58:19:af:fe: 73:ed:fe:76:45:f6:73:d9:1f:07:e3:5a:d0:d2:db: be:1a:48:16:04:f1:16:b2:ad:a5:6e:2c:45:dd:29: a0:ff:42:6d:c9:bd:9c:67:ce:0a:f4:64:4c:c8:80: f4:6e:6a:97:b3:b5:9e:b6:c1:10:c8:a7:0e:4a:4b: 2a:67:14:4b:3a:e5:f1:29:46:85:a1:a2:57:f2:e1: 95:0e:c0:c6:e1:fb:c7:5d:e4:a7:ba:bc:d6:a6:05: 77:2c:5a:e3:76:97:76:3b:e0:3c:10:75:92:29:e7: 26:6f:2e:1a:94:0e:dc:40:59:0d:f4:44:d3:15:c5: dd:11:dc:67:50:4b:0a:61:1e:e1:fc:f3:12:bd:26: 10:13:4f:78:ca:2f:69:b8:e4:1e:80:4b:c9:47:c6: 7e:77:ca:cc:08:31:2d:e3:82:f3:9a:5d:b0:45:60: 36:d6:60:2d:fc:dc:74:e1:31:0a:e8:57:36:a1:a5: 84:c4:b0:3f:0b:b4:d0:0b:c3:83:28:1d:71:10:fa: ce:93:a4:7b:47:4e:6b:36:71:48:1f:e2:a3:a9:83: 31:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:34:90:0F:A1:73:56:AF:CB:6C:A3:96:6C:3A:15:A5:28:DB:03:9F X509v3 Authority Key Identifier: keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:da:22:a5:2c:eb:c5:21:76:fc:14:d6:f0:e0:d7:24:7b:1f: 93:42:24:4a:d4:5e:c1:90:0f:15:9b:da:76:fe:e3:3a:08:d6: a4:bf:63:0f:7e:04:18:bf:f3:3f:a1:f7:4b:f4:64:54:63:5a: 6c:33:a7:75:b3:73:67:d1:e1:45:d1:0a:20:06:18:97:b2:14: 80:96:35:f1:48:a1:97:03:dd:02:24:ee:3e:a1:14:31:f1:ae: 36:50:4b:0d:96:19:7e:5d:40:bd:31:8a:05:f1:ce:42:a9:ba: 89:20:a2:24:63:36:fe:a6:c7:0a:5d:b4:9c:aa:af:36:08:27: 78:16:61:0f:28:66:84:2a:61:80:12:36:ee:29:bd:4c:4b:27: b1:a0:d3:60:14:fb:23:65:95:ec:80:df:cb:13:42:c9:f5:f1: d3:7f:aa:19:6f:11:32:4f:9e:05:93:57:00:8d:e9:d0:db:7a: 86:76:88:a4:11:49:b2:d5:b9:43:b8:18:06:60:dc:e4:54:af: 84:be:8b:0f:05:7d:98:7b:99:0a:f5:03:cb:05:b9:68:2e:af: c7:aa:14:9d:df:1e:82:9f:ad:11:23:67:4d:af:97:4c:81:0f: 67:5c:53:23:4a:43:d1:18:77:52:ca:ba:d8:18:25:ff:21:18: 4b:1b:02:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxB2JoLs5ML8k7tD8bhzYOMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1 OTYwYTEwHhcNMjYwMjA5MTAwMDQwWhcNMjYwMjEwMTAwMDQwWjAzMTEwLwYDVQQD EygzZTM0OTAwZmExNzM1NmFmY2I2Y2EzOTY2YzNhMTVhNTI4ZGIwMzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGyUKqqCmPUO0NvkKonOY+AY8yGs Z7KUFvvc3YY3u/8ikIfU7Tkn8VgZr/5z7f52RfZz2R8H41rQ0tu+GkgWBPEWsq2l bixF3Smg/0Jtyb2cZ84K9GRMyID0bmqXs7WetsEQyKcOSksqZxRLOuXxKUaFoaJX 8uGVDsDG4fvHXeSnurzWpgV3LFrjdpd2O+A8EHWSKecmby4alA7cQFkN9ETTFcXd EdxnUEsKYR7h/PMSvSYQE094yi9puOQegEvJR8Z+d8rMCDEt44Lzml2wRWA21mAt /Nx04TEK6Fc2oaWExLA/C7TQC8ODKB1xEPrOk6R7R05rNnFIH+KjqYMxGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD40kA+hc1avy2yjlmw6FaUo2wOfMB8GA1UdIwQY MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNoipSzr xSF2/BTW8ODXJHsfk0IkStRewZAPFZvadv7jOgjWpL9jD34EGL/zP6H3S/RkVGNa bDOndbNzZ9HhRdEKIAYYl7IUgJY18UihlwPdAiTuPqEUMfGuNlBLDZYZfl1AvTGK BfHOQqm6iSCiJGM2/qbHCl20nKqvNggneBZhDyhmhCphgBI27im9TEsnsaDTYBT7 I2WV7IDfyxNCyfXx03+qGW8RMk+eBZNXAI3p0Nt6hnaIpBFJstW5Q7gYBmDc5FSv hL6LDwV9mHuZCvUDywW5aC6vx6oUnd8egp+tESNnTa+XTIEPZ1xTI0pD0Rh3Usq6 2Bgl/yEYSxsCkg== -----END CERTIFICATE-----Generated at Mon Feb 9 16:54:21 2026 by rpki-client