This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft File: tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json) Hash identifier: 2D6A6gPLlAkIJN7apCfHmIqQ0tpliCEHhfL6z31lzfo= Subject key identifier: 48:DD:BF:81:62:AA:B2:70:F4:5F:0F:A3:06:7C:EE:22:C9:37:E3:5C Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 Certificate issuer: /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Certificate serial: 019C439026517FA786A4EEAB7B7BC6C77CC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft Manifest number: 0A25 Signing time: Mon 09 Feb 2026 18:00:46 +0000 Manifest this update: Mon 09 Feb 2026 18:00:46 +0000 Manifest next update: Tue 10 Feb 2026 18:00:46 +0000 Files and hashes: 1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: HewExO6/Ocov6AmeEs2ebMDqaePkS6tKvFDsb98G35s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:26:51:7f:a7:86:a4:ee:ab:7b:7b:c6:c7:7c:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Validity Not Before: Feb 9 18:00:46 2026 GMT Not After : Feb 10 18:00:46 2026 GMT Subject: CN=48ddbf8162aab270f45f0fa3067cee22c937e35c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:41:21:3a:0a:7b:db:a7:73:a7:7d:3a:de:91: 88:93:f5:78:d3:90:c8:74:1c:8c:df:d2:17:ea:46: f1:7b:88:7d:61:e4:78:09:6f:5b:61:69:47:a7:4b: 1a:e0:33:d2:f3:4e:d0:0e:c3:c9:d9:25:6b:db:da: 13:71:7d:99:e4:3d:29:16:a4:fd:10:a1:ad:3e:60: 7b:8d:72:6b:59:65:74:5d:08:e4:1b:68:39:2e:52: d4:1c:6b:21:d3:74:cd:fa:c0:cb:18:7d:37:40:71: 7d:9c:08:08:31:04:05:1e:50:ee:d4:0a:da:7f:15: 8f:2f:fd:77:1c:28:e2:fc:38:27:6a:c3:c2:f5:2c: 1d:77:a5:42:ef:78:e8:a1:14:f0:46:ae:4b:ef:6e: 0a:0e:0d:55:f8:1d:59:db:d0:59:0f:95:c4:fd:fd: 35:c0:01:57:04:44:0b:fd:3b:48:dc:32:db:24:c9: 3e:6e:07:f7:17:52:dd:5d:f3:4a:fc:56:ae:0a:27: b4:58:81:a0:6c:e1:e0:a0:8a:b6:ef:17:f4:30:74: a8:f0:8d:64:67:cd:82:cb:31:b7:2e:69:3a:2a:78: 90:9b:57:7b:98:b4:45:f2:82:47:58:29:fd:48:c2: d4:30:c1:8e:a7:50:2f:33:b8:38:fb:4b:44:db:4d: 07:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:DD:BF:81:62:AA:B2:70:F4:5F:0F:A3:06:7C:EE:22:C9:37:E3:5C X509v3 Authority Key Identifier: keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:5f:3a:c5:11:82:b7:20:a3:00:4c:89:e3:c6:69:21:87:bd: e9:5e:1d:8c:be:0e:78:14:91:d6:cb:d2:8f:e2:d4:3e:5f:94: 4a:a9:60:f3:2a:33:56:bd:92:cc:2f:14:35:9e:55:ee:64:48: 01:1d:af:30:a8:b7:98:0c:99:ff:d9:20:48:f7:98:6d:9b:0a: 61:21:3c:2e:0d:07:ba:06:7f:2d:c4:46:77:be:65:a2:8b:22: 04:dc:e5:1f:32:37:a8:11:2c:60:eb:27:52:c2:57:ed:27:8e: 81:98:78:98:75:f8:92:ff:52:36:4e:fc:1b:79:66:17:cf:56: 3a:b8:94:51:8f:07:c0:0d:e5:a8:71:61:25:e4:0e:36:07:19: dc:cf:8a:48:0c:b8:32:a1:43:2c:8a:df:73:83:80:c4:11:cc: 77:bf:7a:7e:6b:9e:94:49:30:de:9d:58:c3:b0:c7:e6:87:33: 90:1e:ed:3b:21:a8:fc:12:fc:b8:a9:d5:2b:0c:18:64:7c:36: 47:d8:b2:36:fd:fe:38:d1:a5:4b:9d:63:b0:6a:4e:8c:b2:38: c0:db:38:33:30:4e:58:5c:32:0c:8f:38:62:e6:96:bc:3f:c0: b6:8c:22:a8:b0:34:54:a7:94:25:ed:5e:e4:1d:b1:b8:b9:8d: f2:bd:63:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkCZRf6eGpO6re3vGx3zGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl YTNjZDgwHhcNMjYwMjA5MTgwMDQ2WhcNMjYwMjEwMTgwMDQ2WjAzMTEwLwYDVQQD Eyg0OGRkYmY4MTYyYWFiMjcwZjQ1ZjBmYTMwNjdjZWUyMmM5MzdlMzVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00EhOgp726dzp3063pGIk/V405DI dByM39IX6kbxe4h9YeR4CW9bYWlHp0sa4DPS807QDsPJ2SVr29oTcX2Z5D0pFqT9 EKGtPmB7jXJrWWV0XQjkG2g5LlLUHGsh03TN+sDLGH03QHF9nAgIMQQFHlDu1Ara fxWPL/13HCji/DgnasPC9Swdd6VC73jooRTwRq5L724KDg1V+B1Z29BZD5XE/f01 wAFXBEQL/TtI3DLbJMk+bgf3F1LdXfNK/FauCie0WIGgbOHgoIq27xf0MHSo8I1k Z82CyzG3Lmk6KniQm1d7mLRF8oJHWCn9SMLUMMGOp1AvM7g4+0tE200HtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEjdv4FiqrJw9F8PowZ87iLJN+NcMB8GA1UdIwQY MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3 LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX186xRGC tyCjAEyJ48ZpIYe96V4djL4OeBSR1svSj+LUPl+USqlg8yozVr2SzC8UNZ5V7mRI AR2vMKi3mAyZ/9kgSPeYbZsKYSE8Lg0HugZ/LcRGd75loosiBNzlHzI3qBEsYOsn UsJX7SeOgZh4mHX4kv9SNk78G3lmF89WOriUUY8HwA3lqHFhJeQONgcZ3M+KSAy4 MqFDLIrfc4OAxBHMd796fmuelEkw3p1Yw7DH5oczkB7tOyGo/BL8uKnVKwwYZHw2 R9iyNv3+ONGlS51jsGpOjLI4wNs4MzBOWFwyDI84YuaWvD/AtowiqLA0VKeUJe1e 5B2xuLmN8r1jPA== -----END CERTIFICATE-----Generated at Tue Feb 10 01:31:13 2026 by rpki-client