This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft File: i9lSvUDOCXP5EEEfWS426QE2wuo.mft (raw, json) Hash identifier: M3QCUAMALTgaSV5snEdBsHgcJmQb3od/dxawZC0FSLo= Subject key identifier: FD:4D:93:47:B5:B5:FE:6D:F3:AD:D1:BB:32:3C:EC:78:73:37:31:25 Authority key identifier: 8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA Certificate issuer: /CN=8bd952bd40ce0973f910411f592e36e90136c2ea Certificate serial: 019C427E2AB422B5D58F7CA21449B44CDA0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft Manifest number: 098F Signing time: Mon 09 Feb 2026 13:01:30 +0000 Manifest this update: Mon 09 Feb 2026 13:01:30 +0000 Manifest next update: Tue 10 Feb 2026 13:01:30 +0000 Files and hashes: 1: i9lSvUDOCXP5EEEfWS426QE2wuo.crl (hash: xg9ogalNdO57jb6bcTD26xclRUUlEuWVovvfR8Y5Eac=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7e:2a:b4:22:b5:d5:8f:7c:a2:14:49:b4:4c:da:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bd952bd40ce0973f910411f592e36e90136c2ea Validity Not Before: Feb 9 13:01:30 2026 GMT Not After : Feb 10 13:01:30 2026 GMT Subject: CN=fd4d9347b5b5fe6df3add1bb323cec7873373125 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ed:bb:64:3f:50:f2:9b:52:48:b2:26:04:64: 06:d6:5b:ba:ee:59:28:7f:5c:1c:14:7b:90:1e:af: 8b:3b:29:84:43:ad:ef:d6:92:76:e0:56:73:6e:68: 7d:d8:eb:27:09:e0:85:80:ff:d3:42:04:e2:61:0c: a4:29:97:40:c5:67:08:9c:7a:d9:70:30:29:d8:d7: 4a:76:24:74:8b:00:f4:4b:a2:b9:8d:de:be:f7:ec: 5d:d6:fc:fa:da:43:eb:6c:5a:2a:35:a0:60:b2:42: 57:dc:69:6b:a3:9d:da:f5:2c:46:6d:4a:88:fa:d5: b2:6d:96:f5:f5:67:fc:2d:1e:f6:1c:21:b9:e1:4d: 9f:32:ea:89:7a:1c:be:ad:63:d1:01:54:1c:05:0e: dd:b7:a5:22:b8:10:56:2b:aa:a9:40:61:9d:ed:d3: 03:38:f1:8e:f7:e3:87:f5:93:d3:e8:26:46:d2:18: 65:0f:a0:9d:ed:54:76:0d:1b:ab:0b:fa:b2:7e:82: 40:d4:ec:b5:f8:0f:6f:9d:88:f1:5c:69:19:e7:3d: 3c:14:9a:83:95:43:4b:83:0f:0d:92:b7:fa:e5:b7: e4:96:ef:59:83:b1:25:68:7b:2f:18:89:af:ac:d2: d8:87:8b:e7:06:27:20:8a:99:5c:b3:1c:3f:51:85: e7:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:4D:93:47:B5:B5:FE:6D:F3:AD:D1:BB:32:3C:EC:78:73:37:31:25 X509v3 Authority Key Identifier: keyid:8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:f6:6d:e9:10:eb:96:c2:78:90:e3:19:1b:45:1a:5c:c7:63: 1a:bf:de:c6:e8:a0:a6:42:ea:87:6a:ff:ca:04:a4:f5:ae:92: 26:1e:ee:53:70:f7:e5:13:f2:23:d8:30:23:b5:ff:32:9b:1b: b2:a0:c7:76:cd:fc:64:1f:0a:09:de:df:c9:67:eb:4c:64:6b: 6c:70:66:2d:f2:71:1b:06:72:eb:9b:78:32:23:81:b6:7e:a9: 48:de:dd:69:8f:c9:ac:4c:ef:6b:9d:83:f6:2f:04:6d:e0:ad: 3e:21:61:93:77:63:50:21:6e:b8:a5:ba:07:80:f5:bb:91:8e: d7:f8:07:13:52:fb:d9:9d:50:f1:0a:b0:ca:02:ea:2a:7a:9d: 14:ca:9d:36:af:81:66:22:df:da:d7:df:67:ba:83:f9:2a:87: 56:c0:f3:b0:60:1b:bb:d5:4b:21:14:21:35:22:78:50:1e:1a: 72:5c:38:25:bb:23:07:a7:50:74:f1:dc:0a:b9:ce:86:ba:1e: 48:aa:db:b5:08:32:52:2a:e3:5a:f9:75:a3:cd:da:c2:7b:cd: 24:5d:66:14:85:0e:26:0d:11:3a:04:b1:c5:b7:4f:bb:87:ed: a4:28:ce:fc:3c:e8:f9:fb:55:96:b7:e8:57:7f:15:50:11:34: 10:8e:4d:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfiq0IrXVj3yiFEm0TNoLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiZDk1MmJkNDBjZTA5NzNmOTEwNDExZjU5MmUzNmU5MDEz NmMyZWEwHhcNMjYwMjA5MTMwMTMwWhcNMjYwMjEwMTMwMTMwWjAzMTEwLwYDVQQD EyhmZDRkOTM0N2I1YjVmZTZkZjNhZGQxYmIzMjNjZWM3ODczMzczMTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu27ZD9Q8ptSSLImBGQG1lu67lko f1wcFHuQHq+LOymEQ63v1pJ24FZzbmh92OsnCeCFgP/TQgTiYQykKZdAxWcInHrZ cDAp2NdKdiR0iwD0S6K5jd6+9+xd1vz62kPrbFoqNaBgskJX3Glro53a9SxGbUqI +tWybZb19Wf8LR72HCG54U2fMuqJehy+rWPRAVQcBQ7dt6UiuBBWK6qpQGGd7dMD OPGO9+OH9ZPT6CZG0hhlD6Cd7VR2DRurC/qyfoJA1Oy1+A9vnYjxXGkZ5z08FJqD lUNLgw8Nkrf65bfklu9Zg7ElaHsvGImvrNLYh4vnBicgiplcsxw/UYXnnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP1Nk0e1tf5t863RuzI87HhzNzElMB8GA1UdIwQY MBaAFIvZUr1Azglz+RBBH1kuNukBNsLqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYt NWMyYWJlNTM5NGU2LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYtNWMyYWJlNTM5NGU2 LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivZt6RDr lsJ4kOMZG0UaXMdjGr/exuigpkLqh2r/ygSk9a6SJh7uU3D35RPyI9gwI7X/Mpsb sqDHds38ZB8KCd7fyWfrTGRrbHBmLfJxGwZy65t4MiOBtn6pSN7daY/JrEzva52D 9i8EbeCtPiFhk3djUCFuuKW6B4D1u5GO1/gHE1L72Z1Q8QqwygLqKnqdFMqdNq+B ZiLf2tffZ7qD+SqHVsDzsGAbu9VLIRQhNSJ4UB4aclw4JbsjB6dQdPHcCrnOhroe SKrbtQgyUirjWvl1o83awnvNJF1mFIUOJg0ROgSxxbdPu4ftpCjO/Dzo+ftVlrfo V38VUBE0EI5N7g== -----END CERTIFICATE-----Generated at Mon Feb 9 19:51:58 2026 by rpki-client