This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft File: upsYDHz0DC3X-keDflGa37wisD0.mft (raw, json) Hash identifier: 1ySZmjA0VpeRhN9sBtTRoPSDBt1GyiEMuyTN7/bsrHE= Subject key identifier: E0:7E:86:D0:64:67:4A:98:F3:5A:C7:B2:A0:E7:80:23:DB:D8:97:29 Authority key identifier: BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D Certificate issuer: /CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d Certificate serial: 019C43C73F13622BA8E0E236FAE13C1CB6A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft Manifest number: 017C Signing time: Mon 09 Feb 2026 19:00:57 +0000 Manifest this update: Mon 09 Feb 2026 19:00:57 +0000 Manifest next update: Tue 10 Feb 2026 19:00:57 +0000 Files and hashes: 1: upsYDHz0DC3X-keDflGa37wisD0.crl (hash: oyFgDtWTn7lKhVm3Do/bIUVRvoJ4Ot20PWZbk31Ax6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c7:3f:13:62:2b:a8:e0:e2:36:fa:e1:3c:1c:b6:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d Validity Not Before: Feb 9 19:00:57 2026 GMT Not After : Feb 10 19:00:57 2026 GMT Subject: CN=e07e86d064674a98f35ac7b2a0e78023dbd89729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:55:67:b4:9f:d9:fd:37:4f:3f:c9:c6:2d:e5: 16:a8:7e:ed:9c:ab:f7:af:75:55:0a:56:70:b5:e6: b4:9a:21:ec:15:29:48:ae:c0:09:c5:5e:95:f0:83: cf:c0:25:5b:ce:1e:94:45:c5:7a:47:2a:5e:12:b3: ff:1a:7a:f6:d0:89:5b:c5:4b:6f:fa:f4:d1:49:62: 38:ce:d9:2e:3c:3c:40:46:ef:69:2a:72:d8:35:f0: 42:e2:c2:ad:fc:a7:25:cd:2a:2f:de:d5:83:ab:e3: 65:c9:a3:d0:9d:93:5b:c7:53:5a:a8:f3:c8:80:a4: 92:ea:e3:06:17:2c:80:e7:f8:06:28:68:50:56:bd: 5f:bb:d9:b9:37:66:67:1e:b2:bc:b7:19:99:4d:3a: 6b:65:be:69:c2:cf:02:2b:72:c4:c3:a8:1c:4e:c1: f3:f2:4f:62:06:5c:f7:a8:21:04:87:42:e9:d0:aa: 59:00:e1:28:8f:f0:d7:95:ce:6e:5f:ce:7d:11:52: ac:e9:e6:e3:21:b3:8b:9f:0e:c1:76:1b:36:90:0c: d5:3a:39:f5:ff:fa:5f:17:cf:2d:b2:c9:d7:1a:67: 57:d9:d2:a4:4a:04:31:bf:25:3e:72:73:5a:53:f6: e9:0b:d3:d8:2e:db:df:cc:dc:39:81:df:77:11:bb: 87:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:7E:86:D0:64:67:4A:98:F3:5A:C7:B2:A0:E7:80:23:DB:D8:97:29 X509v3 Authority Key Identifier: keyid:BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:64:52:92:29:97:23:32:0a:19:39:89:1d:8d:de:ce:f0:8f: 59:d9:de:af:13:6f:f3:03:c7:b5:fe:7e:e9:66:7d:06:3b:74: af:25:03:b6:32:1d:a6:d1:c4:a4:cc:44:91:05:e6:72:7f:00: c2:8d:dc:ac:18:c7:36:82:e6:93:09:66:9e:d2:27:f4:66:e1: 24:f3:9b:6b:3b:f2:86:81:99:de:b1:f0:77:73:79:ba:5d:af: 70:3a:24:87:31:65:b0:56:2b:7b:52:46:cb:b4:63:da:61:c5: 84:e3:11:43:96:6c:5e:89:a4:05:20:e7:8c:a8:53:63:f7:eb: f9:06:73:ff:b2:15:f3:80:0d:f0:bd:0e:3c:67:d4:66:de:06: 01:7f:83:07:8f:60:fa:3f:5f:19:11:c3:a3:17:5c:a9:6b:1f: ce:24:e9:6b:86:6e:ab:ea:50:ba:cc:00:90:3a:62:af:25:e0: 87:b3:98:22:82:c0:f4:4d:c0:85:fb:74:3e:c4:08:c4:24:0e: 4c:2c:54:1d:48:0d:f8:a2:e6:8c:e5:3f:ad:e5:fe:5b:43:72: 86:c1:32:84:bb:c4:ac:d6:2b:37:09:17:b0:a0:bc:20:ba:16: b7:94:f6:1e:ae:4d:ff:aa:a8:1d:ff:8f:21:b4:07:40:33:c6: 3c:15:65:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxz8TYiuo4OI2+uE8HLagMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOWIxODBjN2NmNDBjMmRkN2ZhNDc4MzdlNTE5YWRmYmMy MmIwM2QwHhcNMjYwMjA5MTkwMDU3WhcNMjYwMjEwMTkwMDU3WjAzMTEwLwYDVQQD EyhlMDdlODZkMDY0Njc0YTk4ZjM1YWM3YjJhMGU3ODAyM2RiZDg5NzI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVVntJ/Z/TdPP8nGLeUWqH7tnKv3 r3VVClZwtea0miHsFSlIrsAJxV6V8IPPwCVbzh6URcV6RypeErP/Gnr20IlbxUtv +vTRSWI4ztkuPDxARu9pKnLYNfBC4sKt/KclzSov3tWDq+NlyaPQnZNbx1NaqPPI gKSS6uMGFyyA5/gGKGhQVr1fu9m5N2ZnHrK8txmZTTprZb5pws8CK3LEw6gcTsHz 8k9iBlz3qCEEh0Lp0KpZAOEoj/DXlc5uX859EVKs6ebjIbOLnw7Bdhs2kAzVOjn1 //pfF88tssnXGmdX2dKkSgQxvyU+cnNaU/bpC9PYLtvfzNw5gd93EbuHmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOB+htBkZ0qY81rHsqDngCPb2JcpMB8GA1UdIwQY MBaAFLqbGAx89Awt1/pHg35Rmt+8IrA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTkt NzRiNzc4YzBiNTQ2LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTktNzRiNzc4YzBiNTQ2 LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwGRSkimX IzIKGTmJHY3ezvCPWdnerxNv8wPHtf5+6WZ9Bjt0ryUDtjIdptHEpMxEkQXmcn8A wo3crBjHNoLmkwlmntIn9GbhJPObazvyhoGZ3rHwd3N5ul2vcDokhzFlsFYre1JG y7Rj2mHFhOMRQ5ZsXomkBSDnjKhTY/fr+QZz/7IV84AN8L0OPGfUZt4GAX+DB49g +j9fGRHDoxdcqWsfziTpa4Zuq+pQuswAkDpiryXgh7OYIoLA9E3Ahft0PsQIxCQO TCxUHUgN+KLmjOU/reX+W0NyhsEyhLvErNYrNwkXsKC8ILoWt5T2Hq5N/6qoHf+P IbQHQDPGPBVlZg== -----END CERTIFICATE-----Generated at Mon Feb 9 21:06:47 2026 by rpki-client