This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft File: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json) Hash identifier: R/cIliczfgqr4Jt0P746luuP+NEMdfVyfoq9ZCSU3zY= Subject key identifier: 65:93:65:6F:54:44:08:21:0E:9D:81:76:1D:C0:D5:50:25:DA:63:F4 Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 Certificate issuer: /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Certificate serial: 019C4133AA1FEC3E2DDB9F947714EE08DE95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft Manifest number: 0EF0 Signing time: Mon 09 Feb 2026 07:00:30 +0000 Manifest this update: Mon 09 Feb 2026 07:00:30 +0000 Manifest next update: Tue 10 Feb 2026 07:00:30 +0000 Files and hashes: 1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: M9+HHpuTWuj7AOZMFGqMb1RiCnHoxJmn2lsLj5sKUwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:33:aa:1f:ec:3e:2d:db:9f:94:77:14:ee:08:de:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Validity Not Before: Feb 9 07:00:30 2026 GMT Not After : Feb 10 07:00:30 2026 GMT Subject: CN=6593656f544408210e9d81761dc0d55025da63f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:cd:38:fe:2b:ba:51:a9:e2:c8:2d:31:2c:68: 7d:62:fa:86:ad:03:7d:50:e9:25:8e:2a:73:14:4b: 39:63:7e:70:0b:2d:ea:ca:2c:83:b5:53:ee:01:fc: e5:6e:50:c8:7b:69:2a:25:96:52:83:22:b2:59:6e: 16:af:b5:b2:19:04:d0:b7:08:93:d4:a2:b6:6d:36: e5:35:d2:d0:f3:0c:f7:4f:4c:ec:68:a9:98:1e:62: e6:e2:d0:ba:d5:7c:ce:70:08:dc:16:31:da:36:c0: 86:b5:28:d7:d5:e1:b0:74:3f:59:80:6e:b2:8e:19: a1:6c:c2:9f:45:da:a5:00:2d:b3:97:cc:f0:54:22: 47:8e:b1:7b:a6:12:e9:82:ba:43:6a:a3:99:7d:00: c3:52:f6:42:aa:0d:14:bc:0b:de:fb:29:17:0c:96: 3a:af:74:22:b5:a2:4c:87:bd:af:04:e3:94:e8:49: b2:d6:50:c8:ce:4b:12:4e:a9:0c:5c:f9:ad:39:b0: 94:7d:b2:13:99:99:77:fa:20:bd:a3:f8:39:f0:cb: 1d:48:19:aa:0f:bf:0c:ed:5d:82:32:61:54:4e:77: 6e:63:da:be:b1:78:89:65:52:bb:8a:fd:18:8d:ce: b0:7d:f5:0c:81:95:9b:2b:de:96:ff:b4:86:f2:7f: 33:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:93:65:6F:54:44:08:21:0E:9D:81:76:1D:C0:D5:50:25:DA:63:F4 X509v3 Authority Key Identifier: keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:2b:a4:b1:32:fd:cf:fe:2c:59:5f:3b:b4:8d:79:03:78:95: 0c:c0:71:ab:4b:29:96:1d:13:0e:d9:d1:fe:fc:12:dc:4a:49: 14:91:8a:08:c2:01:48:1f:ff:c7:81:23:58:fe:b2:67:18:c5: fc:a5:66:e7:68:56:17:0f:e4:cb:ab:4d:3f:d8:10:0f:cc:ad: 6d:4f:e7:e9:78:14:26:ef:86:74:10:6e:42:31:21:07:3d:93: d0:9d:e3:d7:5e:15:7a:16:1e:b9:b9:55:69:c6:42:51:83:06: eb:bf:84:0a:f1:42:49:0a:18:50:20:96:b1:26:df:69:88:da: ec:47:e1:dd:b7:9c:8c:5b:4d:b2:c0:51:2f:a3:6e:30:1a:9f: c6:34:59:94:b4:30:1e:f2:c9:7e:17:c0:19:0d:ba:5e:80:b0: 3b:22:60:8c:04:66:d2:00:59:33:c8:3d:fd:f1:8c:08:7d:ad: 4c:dc:2b:2e:0d:2a:f2:df:b0:1d:03:4a:28:68:f2:8a:b6:a7: fd:c5:45:2e:c9:bd:62:10:16:29:9e:c6:91:f2:09:ce:df:c9: 8d:48:7d:14:df:fa:00:79:02:ff:3c:98:0e:65:0e:8a:bf:04: c4:5a:98:eb:9b:81:97:65:77:1e:a0:d8:1f:5a:b1:06:38:dc: d8:8c:7b:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBM6of7D4t25+UdxTuCN6VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2 ZWNkZDcwHhcNMjYwMjA5MDcwMDMwWhcNMjYwMjEwMDcwMDMwWjAzMTEwLwYDVQQD Eyg2NTkzNjU2ZjU0NDQwODIxMGU5ZDgxNzYxZGMwZDU1MDI1ZGE2M2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo804/iu6UaniyC0xLGh9YvqGrQN9 UOkljipzFEs5Y35wCy3qyiyDtVPuAfzlblDIe2kqJZZSgyKyWW4Wr7WyGQTQtwiT 1KK2bTblNdLQ8wz3T0zsaKmYHmLm4tC61XzOcAjcFjHaNsCGtSjX1eGwdD9ZgG6y jhmhbMKfRdqlAC2zl8zwVCJHjrF7phLpgrpDaqOZfQDDUvZCqg0UvAve+ykXDJY6 r3QitaJMh72vBOOU6Emy1lDIzksSTqkMXPmtObCUfbITmZl3+iC9o/g58MsdSBmq D78M7V2CMmFUTnduY9q+sXiJZVK7iv0Yjc6wffUMgZWbK96W/7SG8n8zQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGWTZW9URAghDp2Bdh3A1VAl2mP0MB8GA1UdIwQY MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0 LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyuksTL9 z/4sWV87tI15A3iVDMBxq0splh0TDtnR/vwS3EpJFJGKCMIBSB//x4EjWP6yZxjF /KVm52hWFw/ky6tNP9gQD8ytbU/n6XgUJu+GdBBuQjEhBz2T0J3j114VehYeublV acZCUYMG67+ECvFCSQoYUCCWsSbfaYja7Efh3becjFtNssBRL6NuMBqfxjRZlLQw HvLJfhfAGQ26XoCwOyJgjARm0gBZM8g9/fGMCH2tTNwrLg0q8t+wHQNKKGjyiran /cVFLsm9YhAWKZ7GkfIJzt/JjUh9FN/6AHkC/zyYDmUOir8ExFqY65uBl2V3HqDY H1qxBjjc2Ix77w== -----END CERTIFICATE-----Generated at Mon Feb 9 16:56:32 2026 by rpki-client