This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft File: xfFStqDQBGJ9KF2Hmqg-WEYast8.mft (raw, json) Hash identifier: rlgOGAHfU3PkUxUL/8DgbY2DJteHCNv1n/+6IAepP/M= Subject key identifier: 89:2E:90:42:20:B5:A4:76:49:4B:D1:23:D0:2B:77:01:D5:B0:71:A2 Authority key identifier: C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF Certificate issuer: /CN=c5f152b6a0d004627d285d879aa83e58461ab2df Certificate serial: 019C4322B23AC5A45C6A16F090EAEF5C2996 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft Manifest number: 1430 Signing time: Mon 09 Feb 2026 16:01:13 +0000 Manifest this update: Mon 09 Feb 2026 16:01:13 +0000 Manifest next update: Tue 10 Feb 2026 16:01:13 +0000 Files and hashes: 1: xfFStqDQBGJ9KF2Hmqg-WEYast8.crl (hash: /fyakKrfv7m6F85KBrZ6Cn8YJ3xjWhaaYmD+Qlao/GM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:b2:3a:c5:a4:5c:6a:16:f0:90:ea:ef:5c:29:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5f152b6a0d004627d285d879aa83e58461ab2df Validity Not Before: Feb 9 16:01:13 2026 GMT Not After : Feb 10 16:01:13 2026 GMT Subject: CN=892e904220b5a476494bd123d02b7701d5b071a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:9f:dc:28:d9:d3:16:70:2c:1c:ba:5f:c7:63: 22:cc:b6:a2:13:08:98:07:b4:f8:c3:fc:81:a7:31: 89:55:63:7a:40:44:df:2e:25:60:7d:e8:9d:61:99: 5f:46:5f:bd:3e:e5:a2:c9:7a:59:84:e7:2d:3d:6e: 13:8e:27:02:f4:e0:b8:05:b8:af:9d:a9:de:47:df: 36:9d:c0:f9:24:cf:26:89:ed:9c:0d:b3:b5:b3:b2: 66:45:2c:a1:46:e9:da:7a:cd:7f:c1:a3:ce:e0:2a: d3:a6:f4:e0:09:eb:30:f6:60:7c:b7:b5:bb:31:93: 7e:c6:c1:a0:ea:49:9a:11:6a:81:20:1c:b1:f1:62: ac:d8:30:52:19:e6:d0:8f:72:32:a8:02:17:40:82: b5:98:6c:82:3e:30:34:6b:a1:13:dd:0f:be:92:03: e2:5a:e7:ac:7b:f1:c5:5e:40:ab:f0:ad:96:86:dd: 0f:7a:99:65:18:30:2c:22:02:4f:21:e5:8c:31:d8: 30:a3:f9:73:b2:d7:b8:d8:40:4c:d1:6c:14:ef:a2: f3:a9:7a:5d:4b:da:e4:14:d9:d6:8f:fc:84:f4:63: d5:b1:4d:4c:7f:7c:ab:23:cb:f8:59:48:5d:e9:a3: f3:a0:14:82:99:aa:3a:35:17:0e:cc:02:1c:6f:33: 79:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:2E:90:42:20:B5:A4:76:49:4B:D1:23:D0:2B:77:01:D5:B0:71:A2 X509v3 Authority Key Identifier: keyid:C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:2d:da:e5:9d:2a:f9:a7:7f:13:7a:9c:24:e9:4e:cb:57:34: c7:a5:6e:ce:e6:df:7a:08:c3:06:a8:5f:9e:1b:8f:1b:86:7c: 59:2f:aa:24:73:f0:4b:e9:72:0c:d2:da:38:1f:53:21:14:9a: 8e:a7:be:2f:90:eb:82:15:5c:47:61:f8:6e:86:92:dd:75:3c: 59:a5:ed:07:66:ae:13:63:fe:e2:73:2c:f6:b5:69:60:b0:e8: 1a:60:3a:e8:c3:cb:10:0d:64:07:2f:42:a7:19:15:84:0a:8d: a4:7c:da:05:70:40:13:b1:6a:ab:9c:60:80:17:a9:2c:96:07: b9:2d:24:c9:42:c2:13:49:ab:73:27:7a:d8:ad:cf:f3:aa:1c: 32:40:c0:d4:f9:19:17:53:db:64:ff:d3:e2:c6:69:aa:a7:e5: d2:1b:8c:8b:5f:27:0a:c9:15:b3:f9:02:1b:4d:a7:c0:20:63: b8:b5:20:08:6f:aa:c5:c9:a3:cc:61:c6:ae:21:eb:36:b0:5a: a3:dc:a4:2d:2c:1a:f2:d6:65:d9:ee:a8:be:62:37:4c:b5:78: 38:0d:da:d5:c6:eb:33:e7:9a:f2:54:b0:f1:04:53:ef:74:f1: 9c:eb:98:63:b7:7c:9f:b7:8f:28:28:1f:3e:fd:71:8e:d6:7b: e6:23:bb:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIrI6xaRcahbwkOrvXCmWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1ZjE1MmI2YTBkMDA0NjI3ZDI4NWQ4NzlhYTgzZTU4NDYx YWIyZGYwHhcNMjYwMjA5MTYwMTEzWhcNMjYwMjEwMTYwMTEzWjAzMTEwLwYDVQQD Eyg4OTJlOTA0MjIwYjVhNDc2NDk0YmQxMjNkMDJiNzcwMWQ1YjA3MWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9p/cKNnTFnAsHLpfx2MizLaiEwiY B7T4w/yBpzGJVWN6QETfLiVgfeidYZlfRl+9PuWiyXpZhOctPW4TjicC9OC4Bbiv naneR982ncD5JM8mie2cDbO1s7JmRSyhRunaes1/waPO4CrTpvTgCesw9mB8t7W7 MZN+xsGg6kmaEWqBIByx8WKs2DBSGebQj3IyqAIXQIK1mGyCPjA0a6ET3Q++kgPi Wuese/HFXkCr8K2Wht0PepllGDAsIgJPIeWMMdgwo/lzste42EBM0WwU76LzqXpd S9rkFNnWj/yE9GPVsU1Mf3yrI8v4WUhd6aPzoBSCmao6NRcOzAIcbzN58wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIkukEIgtaR2SUvRI9ArdwHVsHGiMB8GA1UdIwQY MBaAFMXxUrag0ARifShdh5qoPlhGGrLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYt NzM3ZTc4Yzg3MDEyLzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYtNzM3ZTc4Yzg3MDEy LzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeC3a5Z0q +ad/E3qcJOlOy1c0x6VuzubfegjDBqhfnhuPG4Z8WS+qJHPwS+lyDNLaOB9TIRSa jqe+L5DrghVcR2H4boaS3XU8WaXtB2auE2P+4nMs9rVpYLDoGmA66MPLEA1kBy9C pxkVhAqNpHzaBXBAE7Fqq5xggBepLJYHuS0kyULCE0mrcyd62K3P86ocMkDA1PkZ F1PbZP/T4sZpqqfl0huMi18nCskVs/kCG02nwCBjuLUgCG+qxcmjzGHGriHrNrBa o9ykLSwa8tZl2e6ovmI3TLV4OA3a1cbrM+ea8lSw8QRT73TxnOuYY7d8n7ePKCgf Pv1xjtZ75iO7kg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:47:35 2026 by rpki-client