This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft File: QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json) Hash identifier: pfYAPV96L3t+8boZnulqvRyJhRM2g4lp07k6MMOinyo= Subject key identifier: B0:3F:BB:49:2D:6D:D3:8E:96:1B:2F:99:51:B9:E4:A3:D9:E3:94:B2 Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A Certificate issuer: /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a Certificate serial: 019C420FC45BB418809D7C14DDA3F2B53EBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft Manifest number: 076C Signing time: Mon 09 Feb 2026 11:00:55 +0000 Manifest this update: Mon 09 Feb 2026 11:00:55 +0000 Manifest next update: Tue 10 Feb 2026 11:00:55 +0000 Files and hashes: 1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: J+1n5DPx/j7OL1syBnskAmi14ZnhroO0VoYBy+bohjU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:c4:5b:b4:18:80:9d:7c:14:dd:a3:f2:b5:3e:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a Validity Not Before: Feb 9 11:00:55 2026 GMT Not After : Feb 10 11:00:55 2026 GMT Subject: CN=b03fbb492d6dd38e961b2f9951b9e4a3d9e394b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:15:b7:c9:b4:43:f9:3e:6b:01:c4:b9:55:21: 40:5c:30:42:84:de:44:a6:2c:fc:63:16:a8:3c:de: 29:58:1d:97:0d:12:ec:d8:3e:44:c5:71:70:a5:53: b0:1a:13:35:25:c6:a3:9c:cb:3d:ce:90:2d:91:5f: bd:9f:ef:ff:d0:ae:cc:6a:ed:e0:72:20:38:8f:bf: 80:e0:10:8d:02:c8:54:eb:c6:f6:c9:da:14:3f:b1: bc:ad:a0:e4:ba:ec:91:43:26:67:e0:75:3a:b3:f2: f5:94:af:c2:46:2d:56:be:4d:80:23:22:d9:d9:9a: 01:c8:96:78:8a:5d:c9:ab:24:38:83:7a:54:b2:52: eb:6d:3e:18:6d:2f:03:44:de:69:46:b3:7b:4b:6e: 9f:97:78:b9:a0:20:39:46:ae:d9:0e:01:22:96:db: 69:0c:28:2f:3b:ed:81:ed:ba:2a:43:b2:94:1c:a9: 9c:81:13:0d:57:61:ff:0e:77:bd:a1:cf:34:01:4e: f0:dd:3e:1c:31:b8:7d:d6:2d:ba:ef:90:11:95:3f: 44:99:0b:4a:67:c0:12:6c:31:3c:d9:a3:3c:75:67: 73:f9:d1:4b:3a:bf:78:4b:ed:9e:bd:db:57:4b:be: 23:a1:cf:18:5e:dd:4e:19:4e:c6:85:8b:06:5f:30: 82:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:3F:BB:49:2D:6D:D3:8E:96:1B:2F:99:51:B9:E4:A3:D9:E3:94:B2 X509v3 Authority Key Identifier: keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:da:84:2d:40:16:8e:83:6d:10:f8:c5:c2:6f:50:0d:67:18: 1a:82:74:e5:f1:1a:e9:e0:9b:7f:61:56:43:6c:80:c6:62:50: 22:2b:a3:ba:91:8f:9e:a5:d6:a8:71:7f:56:59:29:ca:37:d6: e2:f2:2a:f3:77:96:29:d0:92:ac:8b:7e:f6:5e:92:21:a3:1c: 25:b3:cf:53:03:9d:14:63:05:32:6b:df:ad:be:d0:35:eb:65: 92:25:d1:d1:7b:80:85:5a:60:1c:94:39:bd:b4:d4:ca:f5:9b: a1:06:41:44:f1:1b:83:b4:ea:7a:7d:6c:66:24:34:fc:d2:1a: 0e:3f:12:89:d4:74:2e:d4:3f:04:96:8c:98:18:2f:b6:8d:87: eb:05:3e:11:30:d2:ca:a4:a0:c6:56:95:51:9d:d7:f9:3f:23: 43:66:f8:25:84:62:22:40:33:9a:ef:05:b2:a5:6e:a6:98:33: 28:cf:8e:c0:95:b2:3f:64:22:b7:cf:d1:64:65:01:21:f7:0b: ad:1e:66:7a:70:34:a2:c4:51:d9:a4:95:d6:34:e1:32:e1:99: b9:a4:02:f7:a2:dd:45:b0:7c:79:26:65:ea:13:b3:92:7e:e9: 1e:ee:26:e2:c8:e0:7c:27:05:eb:7f:6e:7e:b5:3e:fd:21:7a: 79:7a:e7:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD8RbtBiAnXwU3aPytT6/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj MmMxOGEwHhcNMjYwMjA5MTEwMDU1WhcNMjYwMjEwMTEwMDU1WjAzMTEwLwYDVQQD EyhiMDNmYmI0OTJkNmRkMzhlOTYxYjJmOTk1MWI5ZTRhM2Q5ZTM5NGIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xW3ybRD+T5rAcS5VSFAXDBChN5E piz8YxaoPN4pWB2XDRLs2D5ExXFwpVOwGhM1JcajnMs9zpAtkV+9n+//0K7Mau3g ciA4j7+A4BCNAshU68b2ydoUP7G8raDkuuyRQyZn4HU6s/L1lK/CRi1Wvk2AIyLZ 2ZoByJZ4il3JqyQ4g3pUslLrbT4YbS8DRN5pRrN7S26fl3i5oCA5Rq7ZDgEilttp DCgvO+2B7boqQ7KUHKmcgRMNV2H/Dne9oc80AU7w3T4cMbh91i2675ARlT9EmQtK Z8ASbDE82aM8dWdz+dFLOr94S+2evdtXS74joc8YXt1OGU7GhYsGXzCC3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLA/u0ktbdOOlhsvmVG55KPZ45SyMB8GA1UdIwQY MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2 LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNqELUAW joNtEPjFwm9QDWcYGoJ05fEa6eCbf2FWQ2yAxmJQIiujupGPnqXWqHF/VlkpyjfW 4vIq83eWKdCSrIt+9l6SIaMcJbPPUwOdFGMFMmvfrb7QNetlkiXR0XuAhVpgHJQ5 vbTUyvWboQZBRPEbg7Tqen1sZiQ0/NIaDj8SidR0LtQ/BJaMmBgvto2H6wU+ETDS yqSgxlaVUZ3X+T8jQ2b4JYRiIkAzmu8FsqVuppgzKM+OwJWyP2Qit8/RZGUBIfcL rR5menA0osRR2aSV1jThMuGZuaQC96LdRbB8eSZl6hOzkn7pHu4m4sjgfCcF639u frU+/SF6eXrn/A== -----END CERTIFICATE-----Generated at Mon Feb 9 18:33:24 2026 by rpki-client