This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft File: bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json) Hash identifier: vHv1hj+X2K0Y1cTn7Ljew0k9WmxQTykEWnhVxgSwW8c= Subject key identifier: 5D:83:DD:5D:8F:0C:B7:2E:1A:B9:82:D4:9D:44:F5:71:A0:68:DA:3A Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 Certificate issuer: /CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Certificate serial: 019C42B457FB8ADE5EFCDFA9447E35385317 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft Manifest number: 0524 Signing time: Mon 09 Feb 2026 14:00:41 +0000 Manifest this update: Mon 09 Feb 2026 14:00:41 +0000 Manifest next update: Tue 10 Feb 2026 14:00:41 +0000 Files and hashes: 1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: 37GtjMmwz1/k29KjT8rdzo/tCX+vhU1bo7SjZuCvfRg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:57:fb:8a:de:5e:fc:df:a9:44:7e:35:38:53:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Validity Not Before: Feb 9 14:00:41 2026 GMT Not After : Feb 10 14:00:41 2026 GMT Subject: CN=5d83dd5d8f0cb72e1ab982d49d44f571a068da3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:bf:e4:2f:8e:57:f3:5e:50:b3:5e:12:d5:ce: 1c:bc:37:fe:39:66:d8:c7:c1:11:33:dd:f0:ae:8c: 23:70:cc:8f:c0:f7:fc:9d:a5:ce:c7:01:06:cb:0f: a6:b1:28:fa:df:0e:bc:5d:bc:8c:b8:94:60:25:67: b9:b0:f6:d6:94:aa:bf:26:30:5b:56:17:c6:05:7d: 75:5c:38:da:9c:16:65:83:b7:f9:91:0c:53:ff:50: ad:7b:91:50:c0:9d:79:35:e8:4c:97:d7:8c:00:92: 6e:b8:ba:d5:64:79:fd:7d:00:64:cc:11:ff:89:c8: 4e:cd:83:7d:49:8c:9a:f7:c3:5e:db:15:c1:5e:78: 7c:83:44:e3:cd:b6:e1:40:f5:82:6b:54:12:35:44: f7:b1:6a:35:12:66:0d:b1:f0:28:8b:7a:de:a5:4a: dd:77:0c:75:e3:1c:6d:74:26:db:01:94:a5:b8:f7: d4:c4:ef:19:6b:4d:8c:82:13:da:c6:bc:c9:09:9a: 31:74:ab:c0:38:d0:15:2d:bb:7d:dc:95:80:b6:d9: 86:d2:29:4f:fb:ce:26:28:b7:5b:0a:ad:4f:88:c3: 30:ea:c1:da:47:56:f0:d5:e8:27:74:41:45:71:64: 12:2d:33:26:c5:60:fb:25:2c:a9:92:b0:2c:26:b6: aa:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:83:DD:5D:8F:0C:B7:2E:1A:B9:82:D4:9D:44:F5:71:A0:68:DA:3A X509v3 Authority Key Identifier: keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:6f:ae:04:7f:44:b9:64:6f:47:ac:86:ee:ef:17:c3:8c:a7: 85:42:10:a6:77:e7:7d:47:e3:6b:7e:6a:64:28:00:10:c3:b6: d7:ea:f9:1c:98:d7:50:2b:e3:6c:5f:68:60:15:be:6d:d5:f1: 2e:8d:82:29:63:fa:b6:10:8c:8a:cf:c2:ac:1b:8c:1e:71:88: c5:f1:57:56:cf:f5:96:b3:ed:7f:d0:00:e7:f5:01:cc:96:97: 90:43:a2:dc:10:c1:cb:0c:91:6f:be:b2:f6:b1:90:4c:cc:ca: 0d:bc:91:5e:72:41:15:cd:6f:fd:8c:3c:72:2e:6c:6a:ff:a8: 84:9b:be:82:21:ac:7f:87:4f:8d:d9:58:f0:c8:1a:9e:9e:31: 57:fd:f8:d6:62:40:a2:90:cd:b1:eb:ae:cd:2a:a3:03:d1:89: 36:43:91:60:3f:76:f5:ac:a2:49:98:43:38:99:66:c6:16:3a: 96:9b:09:38:4e:d1:b7:3b:8b:0e:aa:ba:d2:d5:33:d1:10:ae: fc:3d:12:22:21:02:6c:51:11:55:ad:11:5f:02:a2:a5:4f:ad: 77:aa:c1:92:fe:9b:7c:f7:33:bc:07:78:44:c1:4f:b1:b7:84: 99:0a:2f:25:47:77:b7:28:7e:e3:da:1f:1a:ce:ca:94:37:f2: 5c:a0:77:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtFf7it5e/N+pRH41OFMXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk NjY4YTAwHhcNMjYwMjA5MTQwMDQxWhcNMjYwMjEwMTQwMDQxWjAzMTEwLwYDVQQD Eyg1ZDgzZGQ1ZDhmMGNiNzJlMWFiOTgyZDQ5ZDQ0ZjU3MWEwNjhkYTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6r/kL45X815Qs14S1c4cvDf+OWbY x8ERM93wrowjcMyPwPf8naXOxwEGyw+msSj63w68XbyMuJRgJWe5sPbWlKq/JjBb VhfGBX11XDjanBZlg7f5kQxT/1Cte5FQwJ15NehMl9eMAJJuuLrVZHn9fQBkzBH/ ichOzYN9SYya98Ne2xXBXnh8g0TjzbbhQPWCa1QSNUT3sWo1EmYNsfAoi3repUrd dwx14xxtdCbbAZSluPfUxO8Za02MghPaxrzJCZoxdKvAONAVLbt93JWAttmG0ilP +84mKLdbCq1PiMMw6sHaR1bw1egndEFFcWQSLTMmxWD7JSypkrAsJraqDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF2D3V2PDLcuGrmC1J1E9XGgaNo6MB8GA1UdIwQY MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU2+uBH9E uWRvR6yG7u8Xw4ynhUIQpnfnfUfja35qZCgAEMO21+r5HJjXUCvjbF9oYBW+bdXx Lo2CKWP6thCMis/CrBuMHnGIxfFXVs/1lrPtf9AA5/UBzJaXkEOi3BDBywyRb76y 9rGQTMzKDbyRXnJBFc1v/Yw8ci5sav+ohJu+giGsf4dPjdlY8Mganp4xV/341mJA opDNseuuzSqjA9GJNkORYD929ayiSZhDOJlmxhY6lpsJOE7RtzuLDqq60tUz0RCu /D0SIiECbFERVa0RXwKipU+td6rBkv6bfPczvAd4RMFPsbeEmQovJUd3tyh+49of Gs7KlDfyXKB3Ug== -----END CERTIFICATE-----Generated at Mon Feb 9 21:06:46 2026 by rpki-client