This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft File: H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json) Hash identifier: YJz1k+XOKoq+RMFsE7Rp9Y6YyIa70P8ys7yUvLbfqHk= Subject key identifier: B8:AC:2B:0A:81:FB:27:4E:99:12:70:53:C6:38:06:99:79:17:DF:B2 Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2 Certificate issuer: /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2 Certificate serial: 019C42EB0D0AC0D5DAA243F92E356B212F31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft Manifest number: 0F85 Signing time: Mon 09 Feb 2026 15:00:26 +0000 Manifest this update: Mon 09 Feb 2026 15:00:26 +0000 Manifest next update: Tue 10 Feb 2026 15:00:26 +0000 Files and hashes: 1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: Oi7zt92wb6JgBY7526mrYNBjnC5rkBbuTcEdKc1CY3Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:eb:0d:0a:c0:d5:da:a2:43:f9:2e:35:6b:21:2f:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2 Validity Not Before: Feb 9 15:00:26 2026 GMT Not After : Feb 10 15:00:26 2026 GMT Subject: CN=b8ac2b0a81fb274e99127053c63806997917dfb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:9f:2b:07:56:d4:70:26:ca:73:31:55:3b:c5: 3f:c7:5a:7b:10:56:28:4d:b6:87:9d:be:92:54:33: d2:b8:76:19:9e:b3:c9:61:17:8d:97:60:b7:6d:eb: ac:87:71:dc:7c:9b:03:f8:68:cd:e3:59:fa:f7:ea: 9e:3a:db:b6:d5:1c:d1:ea:af:03:6d:cb:00:b1:a0: 89:b2:6a:a0:1c:4b:ae:33:2c:3d:a9:31:3c:e0:37: 7c:6e:a6:bb:74:da:2c:37:2d:af:d8:87:80:5a:62: 65:4a:49:85:2a:c9:83:b4:0c:44:cf:d4:e2:b7:db: 80:35:40:9d:7b:d7:69:0d:2c:de:dc:b9:9e:b5:ce: 84:23:ac:64:60:e6:de:b4:17:08:48:83:08:c1:41: 76:15:be:0b:c9:61:07:42:e8:3e:18:a7:e7:00:35: f4:d9:58:a7:6d:8c:a8:33:6c:fa:86:35:5b:68:b0: 91:5c:70:de:8f:4b:39:80:c0:32:b5:d5:57:29:72: 7e:0b:7c:26:dd:5e:a2:30:cf:84:49:ef:a3:2e:eb: d8:52:01:1d:41:70:2e:75:b0:91:13:c2:80:15:0f: 47:d6:3f:67:b9:8e:c8:f2:07:2a:d8:8b:ed:10:ad: 2a:42:fe:d7:1c:26:c9:4a:4f:96:80:46:cc:32:48: 4d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:AC:2B:0A:81:FB:27:4E:99:12:70:53:C6:38:06:99:79:17:DF:B2 X509v3 Authority Key Identifier: keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:85:56:05:ac:c1:e5:2d:e2:32:35:16:c4:af:52:80:bd:63: a7:27:32:f3:b7:4d:34:57:28:2b:be:76:22:a9:63:0b:3e:c3: aa:8f:a7:f5:9b:2d:9e:92:32:58:21:e5:c5:27:4a:3d:c7:15: 77:9f:18:1e:58:69:70:17:62:88:26:63:4b:80:0b:98:f8:c4: a2:10:cb:9d:5e:e9:cc:c1:af:3d:0a:50:f5:5e:81:92:e8:9f: 2e:45:cc:1f:b2:92:07:97:0c:2a:d8:0e:66:9c:fb:b0:b2:24: ed:62:7c:54:a5:08:35:e2:14:cf:9c:24:5a:ef:90:d6:9f:e5: f4:6c:fc:f8:c9:39:ac:64:b1:42:51:c9:c3:36:d8:68:67:1f: 8c:99:c7:22:c2:c5:f0:8b:9b:f1:81:5d:3a:ed:0c:e9:41:5d: 9c:50:43:ae:5f:5a:6a:90:9f:5e:0d:74:c7:13:9f:f6:40:d5: 60:3f:d4:1c:69:c0:cb:bf:65:75:a6:b8:3f:f9:0c:69:8d:9f: 41:11:12:7d:15:9a:6a:77:5f:30:69:50:68:4b:cd:82:79:cb: e9:a4:8f:e7:ac:65:8f:92:36:83:41:7e:03:22:07:a6:1c:da: 4a:73:b7:f1:e7:ca:74:07:1b:2f:83:a1:c8:1c:a3:24:a7:53: 1b:63:1b:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxC6w0KwNXaokP5LjVrIS8xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi NTYxZTIwHhcNMjYwMjA5MTUwMDI2WhcNMjYwMjEwMTUwMDI2WjAzMTEwLwYDVQQD EyhiOGFjMmIwYTgxZmIyNzRlOTkxMjcwNTNjNjM4MDY5OTc5MTdkZmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+J8rB1bUcCbKczFVO8U/x1p7EFYo TbaHnb6SVDPSuHYZnrPJYReNl2C3beush3HcfJsD+GjN41n69+qeOtu21RzR6q8D bcsAsaCJsmqgHEuuMyw9qTE84Dd8bqa7dNosNy2v2IeAWmJlSkmFKsmDtAxEz9Ti t9uANUCde9dpDSze3Lmetc6EI6xkYObetBcISIMIwUF2Fb4LyWEHQug+GKfnADX0 2VinbYyoM2z6hjVbaLCRXHDej0s5gMAytdVXKXJ+C3wm3V6iMM+ESe+jLuvYUgEd QXAudbCRE8KAFQ9H1j9nuY7I8gcq2IvtEK0qQv7XHCbJSk+WgEbMMkhNcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLisKwqB+ydOmRJwU8Y4Bpl5F9+yMB8GA1UdIwQY MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoVWBazB 5S3iMjUWxK9SgL1jpycy87dNNFcoK752IqljCz7Dqo+n9ZstnpIyWCHlxSdKPccV d58YHlhpcBdiiCZjS4ALmPjEohDLnV7pzMGvPQpQ9V6BkuifLkXMH7KSB5cMKtgO Zpz7sLIk7WJ8VKUINeIUz5wkWu+Q1p/l9Gz8+Mk5rGSxQlHJwzbYaGcfjJnHIsLF 8Iub8YFdOu0M6UFdnFBDrl9aapCfXg10xxOf9kDVYD/UHGnAy79ldaa4P/kMaY2f QRESfRWaandfMGlQaEvNgnnL6aSP56xlj5I2g0F+AyIHphzaSnO38efKdAcbL4Oh yByjJKdTG2MbJA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:49:20 2026 by rpki-client