This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft File: Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json) Hash identifier: p5CR0TEN/rr/SrGkMkCczAuz2n67mro9b/l1a7HuDHs= Subject key identifier: 08:CB:64:EE:F6:AD:A2:11:AF:E9:B7:96:06:F7:30:D8:7F:69:CB:0A Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C Certificate issuer: /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c Certificate serial: 019C413490B8FF6F1EBEC1624F0A9846FB7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft Manifest number: 02C3 Signing time: Mon 09 Feb 2026 07:01:29 +0000 Manifest this update: Mon 09 Feb 2026 07:01:29 +0000 Manifest next update: Tue 10 Feb 2026 07:01:29 +0000 Files and hashes: 1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: aCacqhXCDlVDruGzqtGKKpTaqot5gFFTe/C2OaM5DRE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:34:90:b8:ff:6f:1e:be:c1:62:4f:0a:98:46:fb:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c Validity Not Before: Feb 9 07:01:29 2026 GMT Not After : Feb 10 07:01:29 2026 GMT Subject: CN=08cb64eef6ada211afe9b79606f730d87f69cb0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:60:70:79:9a:d2:52:91:05:d9:2e:13:28:01: 57:81:b4:8d:02:00:7e:5f:6a:4a:16:fd:66:4d:80: 87:e2:4e:4f:db:3b:49:d7:27:1f:8a:c8:53:47:e3: 51:26:d8:05:98:a3:fe:48:92:87:8e:86:c3:ca:a3: ed:74:5e:f1:63:e7:17:29:fe:70:e8:a1:a8:f7:ec: 32:44:07:9c:d8:62:d9:43:8d:10:e7:aa:0d:c2:49: d6:4f:ec:a2:59:36:c4:1b:0b:14:52:4b:9b:f3:95: 71:c7:80:57:fc:de:a3:ce:7e:26:6d:54:e7:54:c1: 46:2b:8d:08:59:53:fe:f2:c1:7d:c0:f2:de:d6:55: 76:a4:8e:2f:4d:9b:31:14:d3:09:55:cf:30:d0:61: 66:47:94:3d:ce:04:6b:b1:0a:a0:74:f9:ff:0e:a5: f4:ff:12:8e:68:38:48:39:17:32:01:04:6a:e4:83: 91:d1:e6:e7:9d:e8:64:24:18:bd:ac:e4:23:a5:4d: 9f:f1:50:f8:93:c1:a1:8e:69:92:46:31:5e:b7:a9: 55:1a:c3:eb:a6:a0:07:bf:b9:4f:9e:04:2d:ad:f1: c5:6a:c8:3c:bd:d7:d2:95:38:dc:e5:3b:9c:6c:0c: 1f:84:ee:62:b8:28:7f:44:c5:68:49:fe:8a:46:88: 57:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:CB:64:EE:F6:AD:A2:11:AF:E9:B7:96:06:F7:30:D8:7F:69:CB:0A X509v3 Authority Key Identifier: keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:90:d9:c7:04:98:d6:37:c7:87:ff:6e:c8:87:30:48:73:c6: 00:ef:5c:c2:f8:b4:0c:e3:aa:fc:6f:fa:5c:1e:7c:ce:d0:69: 54:43:05:d0:fe:65:57:46:d4:5e:dd:d8:d5:a1:46:92:bc:06: 9b:8d:be:42:d5:ae:70:eb:af:13:df:65:d3:14:25:5a:f9:d9: 93:5b:41:56:38:ca:db:9a:60:83:9f:0f:e0:54:0c:aa:ab:d9: 8a:93:98:7f:a6:82:c9:60:9d:f6:36:f6:f8:d2:a8:c1:cd:bf: 67:1a:97:66:4a:99:46:73:c0:42:ef:71:d7:a3:ab:f4:86:83: ab:50:17:c2:e7:9b:30:bc:e4:1e:57:97:e3:9d:34:3d:a0:f2: f0:ef:f3:23:4c:06:7a:07:d8:fe:57:29:75:7a:0b:80:0f:96: 54:8a:65:f1:29:55:25:ec:76:a3:57:41:a2:14:83:fc:23:87: 45:34:8c:6d:39:36:b7:20:22:5e:d6:3c:1d:21:c0:db:d5:e1: c9:da:a5:16:f0:e8:b7:b1:e6:29:7b:05:b5:21:26:4f:85:02: 98:8e:7c:dd:cf:f7:90:08:b5:82:53:46:0e:05:06:18:c7:b2: 1e:aa:c7:11:85:1d:34:05:a8:84:ba:e1:b1:e3:7b:68:6c:ab: 59:3b:35:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBNJC4/28evsFiTwqYRvt+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh MWQ3OGMwHhcNMjYwMjA5MDcwMTI5WhcNMjYwMjEwMDcwMTI5WjAzMTEwLwYDVQQD EygwOGNiNjRlZWY2YWRhMjExYWZlOWI3OTYwNmY3MzBkODdmNjljYjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2BweZrSUpEF2S4TKAFXgbSNAgB+ X2pKFv1mTYCH4k5P2ztJ1ycfishTR+NRJtgFmKP+SJKHjobDyqPtdF7xY+cXKf5w 6KGo9+wyRAec2GLZQ40Q56oNwknWT+yiWTbEGwsUUkub85Vxx4BX/N6jzn4mbVTn VMFGK40IWVP+8sF9wPLe1lV2pI4vTZsxFNMJVc8w0GFmR5Q9zgRrsQqgdPn/DqX0 /xKOaDhIORcyAQRq5IOR0ebnnehkJBi9rOQjpU2f8VD4k8GhjmmSRjFet6lVGsPr pqAHv7lPngQtrfHFasg8vdfSlTjc5TucbAwfhO5iuCh/RMVoSf6KRohXuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAjLZO72raIRr+m3lgb3MNh/acsKMB8GA1UdIwQY MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJDZxwSY 1jfHh/9uyIcwSHPGAO9cwvi0DOOq/G/6XB58ztBpVEMF0P5lV0bUXt3Y1aFGkrwG m42+QtWucOuvE99l0xQlWvnZk1tBVjjK25pgg58P4FQMqqvZipOYf6aCyWCd9jb2 +NKowc2/ZxqXZkqZRnPAQu9x16Or9IaDq1AXwuebMLzkHleX4500PaDy8O/zI0wG egfY/lcpdXoLgA+WVIpl8SlVJex2o1dBohSD/COHRTSMbTk2tyAiXtY8HSHA29Xh ydqlFvDot7HmKXsFtSEmT4UCmI583c/3kAi1glNGDgUGGMeyHqrHEYUdNAWohLrh seN7aGyrWTs1qQ== -----END CERTIFICATE-----Generated at Mon Feb 9 17:00:37 2026 by rpki-client