This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft File: 3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json) Hash identifier: EFPnwHw3RMW+1KxLkIYySrxZaCHM42+QXcU4bHClPZs= Subject key identifier: 17:35:63:79:48:75:73:DD:D4:12:A9:57:8F:F0:8B:16:91:8F:CD:96 Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 Certificate issuer: /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Certificate serial: 019C4322CA7C63B5CFB062E0EE134A41A9FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft Manifest number: 08A1 Signing time: Mon 09 Feb 2026 16:01:19 +0000 Manifest this update: Mon 09 Feb 2026 16:01:19 +0000 Manifest next update: Tue 10 Feb 2026 16:01:19 +0000 Files and hashes: 1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: Bm0S8tnRm7sFr/hLchUR7pvtYF6hWpokSuALrpEpA70=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:ca:7c:63:b5:cf:b0:62:e0:ee:13:4a:41:a9:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Validity Not Before: Feb 9 16:01:19 2026 GMT Not After : Feb 10 16:01:19 2026 GMT Subject: CN=17356379487573ddd412a9578ff08b16918fcd96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:de:e3:47:0c:a0:46:a8:a6:ff:ea:ec:2e:26: 9c:f6:89:59:0f:b1:7f:52:9f:ea:41:e7:dd:1a:8c: 6b:33:05:78:f6:31:03:01:04:59:29:db:5b:f5:eb: 6b:16:32:82:07:2b:a4:e7:b0:3d:f8:ba:85:c2:8b: 68:c1:30:09:1a:d6:4c:a4:29:5f:ba:25:73:73:1d: b5:2a:c8:61:64:a3:15:03:e1:b0:65:99:ca:2b:b2: 9d:1d:50:a3:74:17:b1:6c:f2:af:35:d1:ab:d3:43: 42:43:ee:ba:dc:ee:24:6f:00:a2:7a:e6:ad:89:21: fe:bd:99:3e:2b:d0:2c:3b:9d:47:9d:51:58:b7:63: ef:d1:f2:41:04:65:5d:30:74:9f:37:10:bb:3f:e6: 11:82:3c:42:d4:af:b3:90:47:38:a2:a3:0c:18:1d: 72:ee:53:0e:36:55:15:ca:97:85:58:72:63:6a:13: 18:c1:65:71:d9:90:3d:61:29:54:6d:ea:da:e7:2a: 72:dc:90:30:84:7b:f3:e1:11:07:55:c4:a5:a6:35: c3:31:e5:79:93:81:34:db:e6:7d:b8:02:45:44:2d: 7e:50:91:ec:10:ba:20:33:f9:db:aa:72:e7:e0:a8: 08:c6:f6:6a:47:7f:f0:79:78:3c:b5:77:32:23:0c: 92:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:35:63:79:48:75:73:DD:D4:12:A9:57:8F:F0:8B:16:91:8F:CD:96 X509v3 Authority Key Identifier: keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:c2:4c:d1:92:bf:9c:be:d0:11:4f:7e:8a:74:b0:4f:1e:cb: 2a:c2:94:a5:86:f2:93:e9:64:90:f2:da:31:83:23:a8:fa:18: 59:1f:b8:0d:97:62:58:04:97:dd:ae:f1:6a:78:e7:06:69:52: 80:c4:ad:a8:2b:9d:5a:86:88:84:d5:f0:9b:e2:19:45:e4:cd: 8d:7b:41:59:1f:3b:ee:3e:f5:85:e6:32:18:e0:5a:b1:3e:fc: 2a:38:2e:f5:df:67:50:3d:54:53:b8:69:8b:0a:ae:e1:84:4a: 49:c8:20:56:13:6f:b5:21:af:bc:67:c8:72:b1:08:eb:55:de: 7a:52:14:88:45:36:a1:ab:36:d1:48:18:31:2f:07:99:d8:ac: 6d:ef:0f:c9:10:04:cc:26:29:8e:86:a3:c0:d3:c9:bd:f5:f2: 7e:55:c7:4f:4f:39:87:f9:57:f3:eb:67:7b:07:43:97:27:1f: bc:38:43:c2:0a:2a:05:d4:b9:a6:33:1a:c4:38:82:07:f9:f3: e6:80:e7:75:e7:6c:8b:5d:1e:53:81:84:d3:e1:a0:3e:be:9d: cf:12:80:f8:ed:04:b4:d9:f4:4a:2b:91:b7:9f:25:47:ea:47: 88:8d:ac:34:db:50:cd:57:39:d7:e6:89:6b:97:01:e3:56:92: 5c:00:67:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIsp8Y7XPsGLg7hNKQan+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh OTIxNTIwHhcNMjYwMjA5MTYwMTE5WhcNMjYwMjEwMTYwMTE5WjAzMTEwLwYDVQQD EygxNzM1NjM3OTQ4NzU3M2RkZDQxMmE5NTc4ZmYwOGIxNjkxOGZjZDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN7jRwygRqim/+rsLiac9olZD7F/ Up/qQefdGoxrMwV49jEDAQRZKdtb9etrFjKCByuk57A9+LqFwotowTAJGtZMpClf uiVzcx21KshhZKMVA+GwZZnKK7KdHVCjdBexbPKvNdGr00NCQ+663O4kbwCieuat iSH+vZk+K9AsO51HnVFYt2Pv0fJBBGVdMHSfNxC7P+YRgjxC1K+zkEc4oqMMGB1y 7lMONlUVypeFWHJjahMYwWVx2ZA9YSlUbera5ypy3JAwhHvz4REHVcSlpjXDMeV5 k4E02+Z9uAJFRC1+UJHsELogM/nbqnLn4KgIxvZqR3/weXg8tXcyIwySSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBc1Y3lIdXPd1BKpV4/wixaRj82WMB8GA1UdIwQY MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8JM0ZK/ nL7QEU9+inSwTx7LKsKUpYbyk+lkkPLaMYMjqPoYWR+4DZdiWASX3a7xanjnBmlS gMStqCudWoaIhNXwm+IZReTNjXtBWR877j71heYyGOBasT78Kjgu9d9nUD1UU7hp iwqu4YRKScggVhNvtSGvvGfIcrEI61XeelIUiEU2oas20UgYMS8Hmdisbe8PyRAE zCYpjoajwNPJvfXyflXHT085h/lX8+tnewdDlycfvDhDwgoqBdS5pjMaxDiCB/nz 5oDndedsi10eU4GE0+GgPr6dzxKA+O0EtNn0SiuRt58lR+pHiI2sNNtQzVc51+aJ a5cB41aSXABnWg== -----END CERTIFICATE-----Generated at Mon Feb 9 21:08:02 2026 by rpki-client