This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft File: 5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json) Hash identifier: LmBCnSb+O1v63IWMVrxNrDW5wJb5Rd8W47TqLMRTxbk= Subject key identifier: 38:6D:B8:E5:76:E4:88:E8:35:21:CB:8F:D5:08:44:09:D8:0B:AC:9C Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90 Certificate issuer: /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090 Certificate serial: 019C420F680DFDCFD1FF1362AD2AD16FB4B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft Manifest number: 04B3 Signing time: Mon 09 Feb 2026 11:00:31 +0000 Manifest this update: Mon 09 Feb 2026 11:00:31 +0000 Manifest next update: Tue 10 Feb 2026 11:00:31 +0000 Files and hashes: 1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: zFSehg3+xDNvgy3S0ckSrcqCmB12HzZ5s2brDfvNDao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:68:0d:fd:cf:d1:ff:13:62:ad:2a:d1:6f:b4:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090 Validity Not Before: Feb 9 11:00:31 2026 GMT Not After : Feb 10 11:00:31 2026 GMT Subject: CN=386db8e576e488e83521cb8fd5084409d80bac9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:5c:ea:37:de:b6:e8:7b:a4:5f:1e:b1:4d:49: 41:f3:23:8c:98:62:06:9a:34:e6:4e:0f:42:a5:02: 22:36:de:64:6d:51:b7:83:a6:26:24:82:d8:d0:dc: 7c:d8:96:45:1e:1b:50:63:ef:f4:d7:b7:66:66:29: 9a:ae:50:99:5b:3e:18:f5:2e:56:49:d0:43:da:7e: c2:ee:d8:90:38:ac:de:a5:59:d8:dc:ce:7e:5e:e9: 99:6d:22:71:7d:f8:d1:ca:cf:20:b7:66:ab:95:14: f1:f6:12:f7:71:80:65:24:98:6d:28:81:c0:6e:5c: 87:48:a6:d9:97:5d:95:40:56:42:62:0b:a2:7f:03: 0b:0d:e9:16:84:d2:57:aa:dc:70:fa:2b:0e:97:9e: e1:7c:6d:05:3f:ae:6c:63:c9:8c:1a:9f:71:79:80: b1:d8:83:48:02:12:b3:df:53:9e:24:ed:04:4e:74: 5a:c1:55:e9:ed:6c:de:8a:ae:50:6c:38:cc:fc:33: 24:06:c5:59:46:84:63:84:61:4d:4b:f9:0e:18:74: 49:49:fe:63:15:4e:2d:d1:bc:32:1f:4c:4d:6c:e4: 3b:ce:83:2f:cc:bd:58:f1:f4:b2:e9:c4:f0:18:72: 31:22:01:4b:ba:34:c0:ca:7c:66:6a:0b:c2:19:bd: 1f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:6D:B8:E5:76:E4:88:E8:35:21:CB:8F:D5:08:44:09:D8:0B:AC:9C X509v3 Authority Key Identifier: keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:33:fe:75:84:6c:66:71:c8:23:ef:d9:fb:d6:63:36:65:60: 6d:5e:59:14:12:36:04:73:89:32:0d:9e:18:a1:b6:d9:96:a0: 9c:15:68:56:14:ea:67:d2:b2:b4:a1:a9:49:ce:58:c2:35:3e: 68:ac:d1:47:88:2f:79:90:66:16:06:8c:9c:02:3b:9a:16:91: 33:97:47:01:68:10:de:bb:63:43:83:43:b0:a2:7b:40:e8:1f: 47:40:59:88:41:ec:03:e6:9b:66:4c:58:19:e8:90:1b:30:6c: 51:3a:f7:0b:3a:0a:92:72:b8:e3:2a:f1:fa:2a:7a:db:15:52: ca:9e:de:21:dd:7d:1b:9f:3b:d2:1e:6f:ac:e2:bb:3f:e3:fe: 00:4d:3d:66:9f:73:48:2e:95:09:e6:cc:93:e4:d6:28:ab:38: e6:88:73:56:a2:60:0e:42:66:d2:8f:53:6b:73:69:4f:04:9a: cf:5d:fa:99:ce:3e:d6:b2:f6:8e:64:9a:6a:f7:80:f9:6b:e1: 89:9c:6f:20:33:da:82:07:15:ba:8a:a3:14:27:30:a4:65:35: 88:44:53:46:d1:c3:ce:b0:63:cc:33:40:29:7e:0f:c6:00:23: 2e:4b:ca:71:bc:fa:8f:e0:86:35:bf:72:c2:fb:fa:68:a6:40: c8:e1:76:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD2gN/c/R/xNirSrRb7SzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl MmUwOTAwHhcNMjYwMjA5MTEwMDMxWhcNMjYwMjEwMTEwMDMxWjAzMTEwLwYDVQQD EygzODZkYjhlNTc2ZTQ4OGU4MzUyMWNiOGZkNTA4NDQwOWQ4MGJhYzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolzqN9626HukXx6xTUlB8yOMmGIG mjTmTg9CpQIiNt5kbVG3g6YmJILY0Nx82JZFHhtQY+/017dmZimarlCZWz4Y9S5W SdBD2n7C7tiQOKzepVnY3M5+XumZbSJxffjRys8gt2arlRTx9hL3cYBlJJhtKIHA blyHSKbZl12VQFZCYguifwMLDekWhNJXqtxw+isOl57hfG0FP65sY8mMGp9xeYCx 2INIAhKz31OeJO0ETnRawVXp7Wzeiq5QbDjM/DMkBsVZRoRjhGFNS/kOGHRJSf5j FU4t0bwyH0xNbOQ7zoMvzL1Y8fSy6cTwGHIxIgFLujTAynxmagvCGb0fuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDhtuOV25IjoNSHLj9UIRAnYC6ycMB8GA1UdIwQY MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2 LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTP+dYRs ZnHII+/Z+9ZjNmVgbV5ZFBI2BHOJMg2eGKG22ZagnBVoVhTqZ9KytKGpSc5YwjU+ aKzRR4gveZBmFgaMnAI7mhaRM5dHAWgQ3rtjQ4NDsKJ7QOgfR0BZiEHsA+abZkxY GeiQGzBsUTr3CzoKknK44yrx+ip62xVSyp7eId19G5870h5vrOK7P+P+AE09Zp9z SC6VCebMk+TWKKs45ohzVqJgDkJm0o9Ta3NpTwSaz136mc4+1rL2jmSaaveA+Wvh iZxvIDPaggcVuoqjFCcwpGU1iERTRtHDzrBjzDNAKX4PxgAjLkvKcbz6j+CGNb9y wvv6aKZAyOF27A== -----END CERTIFICATE-----Generated at Mon Feb 9 17:00:31 2026 by rpki-client