This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft File: ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json) Hash identifier: G/3GYpL4WBJCOzOvkUljOMDzYR3hBAp6uYyBSdtoiH8= Subject key identifier: A5:F6:10:87:82:04:52:D0:F2:6E:FA:4A:10:E1:43:9A:FA:FE:C9:E4 Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16 Certificate issuer: /CN=654d692160dd4627038799297d47751480d07f16 Certificate serial: 019C43C6F0EE33DF46EFF404BC50C7528B6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft Manifest number: 167D Signing time: Mon 09 Feb 2026 19:00:37 +0000 Manifest this update: Mon 09 Feb 2026 19:00:37 +0000 Manifest next update: Tue 10 Feb 2026 19:00:37 +0000 Files and hashes: 1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: QAJpYDVuK9UdZ7RG25fDz3MLG64cPDP76BUuNhbxAfc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c6:f0:ee:33:df:46:ef:f4:04:bc:50:c7:52:8b:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=654d692160dd4627038799297d47751480d07f16 Validity Not Before: Feb 9 19:00:37 2026 GMT Not After : Feb 10 19:00:37 2026 GMT Subject: CN=a5f61087820452d0f26efa4a10e1439afafec9e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:41:72:c6:93:2b:f4:7f:dc:66:94:99:52:16: c9:7d:58:95:53:20:39:61:b3:53:c6:27:11:29:7f: 7f:40:f1:19:d0:be:e1:3b:8e:6e:de:bf:0c:f9:a0: ce:e0:9b:dc:1f:f1:c2:81:c6:5e:f6:06:dc:5e:28: 01:7e:a9:24:8c:c6:52:5d:cb:3e:1b:8c:27:59:d8: 8c:2b:3f:35:83:da:60:83:29:cb:4e:74:7b:49:4c: 66:a5:a8:ab:23:25:f9:b2:d3:a2:63:00:57:69:83: 3a:a5:d7:69:77:bb:ee:af:a4:53:fc:82:1f:08:ac: 70:4f:9c:16:05:95:13:08:2d:a5:da:d5:2d:b0:59: 4a:80:19:89:f5:fb:bf:3e:32:6a:89:52:d8:53:ed: d0:31:46:10:cf:19:2a:a9:4d:46:ac:db:71:9e:95: 07:b0:46:21:2c:39:85:ed:ef:aa:ee:12:c1:86:0b: 18:73:08:d2:0a:c0:a8:f7:90:fa:c2:e8:07:b4:fe: d0:41:90:86:a9:a3:70:fe:0d:12:a5:2b:5f:a0:b3: c3:ed:ca:2e:7a:f0:4f:2d:54:eb:12:32:80:85:4f: 18:95:51:8a:c0:a6:01:0e:4e:0c:f1:0c:e0:4d:63: 5b:3e:70:e4:cc:f3:a5:bc:50:5a:fd:d1:32:a5:0e: 05:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:F6:10:87:82:04:52:D0:F2:6E:FA:4A:10:E1:43:9A:FA:FE:C9:E4 X509v3 Authority Key Identifier: keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:f5:69:51:2e:39:13:c6:de:d1:bd:05:92:74:9d:01:c4:26: c7:af:4f:56:88:a7:8e:63:6d:27:5f:0d:53:15:ec:78:b3:66: a0:81:76:97:24:fc:63:d6:09:5d:54:12:60:39:e3:63:c1:68: 77:04:31:32:5e:a2:8f:d5:0e:09:bd:21:37:b6:4a:84:d4:cc: 65:29:71:88:b8:e7:2d:63:2b:3e:66:ff:23:ab:7e:91:8c:9e: 4e:4b:de:00:f5:d8:85:2a:1c:5c:2d:8f:8d:7b:0b:63:3e:ba: 46:e1:b1:22:f8:04:eb:22:e9:0a:e2:e4:f7:ce:4a:37:d6:89: 5e:fd:3d:ed:83:0f:0e:01:02:8f:55:99:8d:d9:13:f3:5a:cc: f7:78:73:a6:53:3d:4a:16:b4:29:b0:ec:b0:54:88:63:e5:91: 88:9f:f4:49:53:66:cb:77:d0:32:ad:33:8f:87:2e:49:a4:2d: 88:46:7c:be:2e:b0:c0:5a:0a:e9:0d:7c:62:3b:5a:18:90:a5: f2:56:c7:e2:d0:10:07:60:ad:04:f7:94:9f:ad:82:dd:1e:63: 47:de:56:03:9c:0f:f1:cb:57:6b:bc:a0:0b:72:f2:89:3e:2e: c6:48:19:dc:42:65:5c:43:b2:62:11:48:55:a8:57:de:9b:0c: 46:e9:d8:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxvDuM99G7/QEvFDHUotsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk MDdmMTYwHhcNMjYwMjA5MTkwMDM3WhcNMjYwMjEwMTkwMDM3WjAzMTEwLwYDVQQD EyhhNWY2MTA4NzgyMDQ1MmQwZjI2ZWZhNGExMGUxNDM5YWZhZmVjOWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkFyxpMr9H/cZpSZUhbJfViVUyA5 YbNTxicRKX9/QPEZ0L7hO45u3r8M+aDO4JvcH/HCgcZe9gbcXigBfqkkjMZSXcs+ G4wnWdiMKz81g9pggynLTnR7SUxmpairIyX5stOiYwBXaYM6pddpd7vur6RT/IIf CKxwT5wWBZUTCC2l2tUtsFlKgBmJ9fu/PjJqiVLYU+3QMUYQzxkqqU1GrNtxnpUH sEYhLDmF7e+q7hLBhgsYcwjSCsCo95D6wugHtP7QQZCGqaNw/g0SpStfoLPD7cou evBPLVTrEjKAhU8YlVGKwKYBDk4M8QzgTWNbPnDkzPOlvFBa/dEypQ4FRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKX2EIeCBFLQ8m76ShDhQ5r6/snkMB8GA1UdIwQY MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPVpUS45 E8be0b0FknSdAcQmx69PVoinjmNtJ18NUxXseLNmoIF2lyT8Y9YJXVQSYDnjY8Fo dwQxMl6ij9UOCb0hN7ZKhNTMZSlxiLjnLWMrPmb/I6t+kYyeTkveAPXYhSocXC2P jXsLYz66RuGxIvgE6yLpCuLk985KN9aJXv097YMPDgECj1WZjdkT81rM93hzplM9 Sha0KbDssFSIY+WRiJ/0SVNmy3fQMq0zj4cuSaQtiEZ8vi6wwFoK6Q18YjtaGJCl 8lbH4tAQB2CtBPeUn62C3R5jR95WA5wP8ctXa7ygC3LyiT4uxkgZ3EJlXEOyYhFI VahX3psMRunY1Q== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:15 2026 by rpki-client