This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft File: iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json) Hash identifier: FCx2CR2dTjt8lAQcgL4Uk3CEXqDQWysuUs3uskqN9Q4= Subject key identifier: F7:63:B6:C9:BF:5E:55:84:79:54:49:72:75:01:C6:8A:EC:68:45:CD Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC Certificate issuer: /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc Certificate serial: 019C4358F5A0CD39FA8AFD7E68C363A21C2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft Manifest number: 0CA0 Signing time: Mon 09 Feb 2026 17:00:29 +0000 Manifest this update: Mon 09 Feb 2026 17:00:29 +0000 Manifest next update: Tue 10 Feb 2026 17:00:29 +0000 Files and hashes: 1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: FfCCTpsHnArA9f/lqfRg++NRRtR5Ao7CZUkXWQi5kWw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:58:f5:a0:cd:39:fa:8a:fd:7e:68:c3:63:a2:1c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc Validity Not Before: Feb 9 17:00:29 2026 GMT Not After : Feb 10 17:00:29 2026 GMT Subject: CN=f763b6c9bf5e5584795449727501c68aec6845cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:eb:f1:4d:81:97:78:5c:b7:ba:29:a3:13:95: c6:ff:55:0f:2b:df:fb:5e:45:74:c9:4b:f5:e2:70: a7:12:2e:59:29:d2:3f:3c:45:3d:f4:cc:c0:e7:80: 93:03:93:49:08:8b:99:e9:27:6c:9b:85:b9:ca:c7: e7:54:f9:df:b5:0a:34:e2:04:b4:a7:0a:31:6b:e6: a1:30:1b:df:37:0b:0c:c1:42:1d:9c:7d:88:f8:a1: 64:d4:e7:11:09:f0:48:bd:90:64:a0:ae:d9:c9:fc: 36:bf:ef:15:26:e9:00:96:f7:6f:27:f8:63:14:4a: d6:f2:34:62:de:ff:52:bc:4c:12:af:fa:b0:12:bd: b0:00:c1:0d:43:14:d3:57:3c:ce:43:12:52:73:b0: a9:3e:1a:e8:61:a9:b1:21:3b:76:4a:a7:75:28:cd: 48:25:81:a6:21:a5:ca:2c:33:b3:ce:52:af:9b:ad: 8f:00:5d:58:3f:c6:7b:4c:fe:16:ad:18:6d:67:c4: e0:9b:14:36:63:29:86:52:c3:22:3e:8e:18:a5:27: 33:ef:51:33:a7:c0:4b:97:78:7b:92:d9:12:4d:02: 5c:70:5b:58:9b:bf:2a:79:69:7c:03:25:47:7f:fb: 71:1a:35:71:64:b7:47:18:c3:00:d5:97:8d:c0:3a: a2:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:63:B6:C9:BF:5E:55:84:79:54:49:72:75:01:C6:8A:EC:68:45:CD X509v3 Authority Key Identifier: keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:0b:68:a6:eb:1b:37:9e:bc:cb:01:dc:24:75:6e:dc:fc:3e: 2c:00:f9:b3:19:37:86:9e:d6:79:c9:58:89:28:44:17:15:08: 93:00:6e:78:6a:96:40:9a:f3:cf:e6:de:f9:a1:59:58:af:0d: 14:be:2f:9e:21:0c:2a:55:64:44:6c:ce:2f:59:1e:1e:7b:47: 6d:1d:65:3f:a3:7d:30:0d:26:ca:bc:ca:ca:3b:3e:c5:6f:84: d1:52:36:7d:cd:be:56:c6:fd:41:1d:ce:59:49:ac:ef:8f:db: 15:dc:7e:70:92:89:0c:72:07:67:ed:00:d8:e6:4f:b9:7e:b4: f1:7e:87:9f:1a:ba:54:05:85:76:85:2a:77:15:20:40:c7:a8: 6b:2a:1f:1d:67:85:eb:9b:7d:39:5a:24:42:51:90:0b:ad:83: 50:b6:3c:b6:33:a0:08:cb:19:e9:e6:9c:bc:af:a2:5c:7d:5d: a9:c7:05:38:e1:0f:53:0e:e8:ff:df:7b:dd:ea:dd:b0:59:88: 3d:e0:25:6d:3e:58:91:e8:91:aa:52:3f:2e:97:89:1d:f3:31: a9:34:4c:16:c2:a7:cc:9e:74:28:88:97:bd:67:44:06:fd:c3: e2:2f:a2:22:61:41:11:90:a6:a3:43:69:79:95:88:78:79:7c: e2:23:a8:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDWPWgzTn6iv1+aMNjohwsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj MjczZGMwHhcNMjYwMjA5MTcwMDI5WhcNMjYwMjEwMTcwMDI5WjAzMTEwLwYDVQQD EyhmNzYzYjZjOWJmNWU1NTg0Nzk1NDQ5NzI3NTAxYzY4YWVjNjg0NWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OvxTYGXeFy3uimjE5XG/1UPK9/7 XkV0yUv14nCnEi5ZKdI/PEU99MzA54CTA5NJCIuZ6Sdsm4W5ysfnVPnftQo04gS0 pwoxa+ahMBvfNwsMwUIdnH2I+KFk1OcRCfBIvZBkoK7Zyfw2v+8VJukAlvdvJ/hj FErW8jRi3v9SvEwSr/qwEr2wAMENQxTTVzzOQxJSc7CpPhroYamxITt2Sqd1KM1I JYGmIaXKLDOzzlKvm62PAF1YP8Z7TP4WrRhtZ8TgmxQ2YymGUsMiPo4YpScz71Ez p8BLl3h7ktkSTQJccFtYm78qeWl8AyVHf/txGjVxZLdHGMMA1ZeNwDqiOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPdjtsm/XlWEeVRJcnUBxorsaEXNMB8GA1UdIwQY MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAtopusb N568ywHcJHVu3Pw+LAD5sxk3hp7WeclYiShEFxUIkwBueGqWQJrzz+be+aFZWK8N FL4vniEMKlVkRGzOL1keHntHbR1lP6N9MA0myrzKyjs+xW+E0VI2fc2+Vsb9QR3O WUms74/bFdx+cJKJDHIHZ+0A2OZPuX608X6Hnxq6VAWFdoUqdxUgQMeoayofHWeF 65t9OVokQlGQC62DULY8tjOgCMsZ6eacvK+iXH1dqccFOOEPUw7o/9973erdsFmI PeAlbT5YkeiRqlI/LpeJHfMxqTRMFsKnzJ50KIiXvWdEBv3D4i+iImFBEZCmo0Np eZWIeHl84iOoWA== -----END CERTIFICATE-----Generated at Mon Feb 9 20:53:37 2026 by rpki-client