This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft File: OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json) Hash identifier: YmhIkpoOQfSY9iAH/sgp0P4ImYD7A+Yg4tPvIQr6Auc= Subject key identifier: A9:8E:F7:B6:1A:CE:11:10:AF:49:C8:F9:30:EA:31:25:94:04:AC:96 Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2 Certificate issuer: /CN=398936603edb8558b619823c077e9eb8694758b2 Certificate serial: 019C43FE51932CEBF53BD82BCBE00BCB5B5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft Manifest number: 070D Signing time: Mon 09 Feb 2026 20:01:06 +0000 Manifest this update: Mon 09 Feb 2026 20:01:06 +0000 Manifest next update: Tue 10 Feb 2026 20:01:06 +0000 Files and hashes: 1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: k4a2lwl9W0gZUNNA/dsH5W3VuTHCtQS4cQApG7+m4zc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fe:51:93:2c:eb:f5:3b:d8:2b:cb:e0:0b:cb:5b:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=398936603edb8558b619823c077e9eb8694758b2 Validity Not Before: Feb 9 20:01:06 2026 GMT Not After : Feb 10 20:01:06 2026 GMT Subject: CN=a98ef7b61ace1110af49c8f930ea31259404ac96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e9:92:3c:33:6d:0f:87:25:e8:33:16:88:b2: d5:5a:88:40:b6:e3:bf:0e:81:37:76:de:0f:95:4b: 8a:68:eb:35:10:cd:cb:03:63:d6:c9:e1:62:9d:fd: 5f:57:8c:68:d3:08:94:6d:c9:21:04:b7:12:77:ff: 61:e9:41:7b:84:0a:00:b9:bb:bd:48:f4:e0:8d:7e: 30:2e:f0:d2:87:ee:a5:87:db:e5:d7:96:d7:4b:d9: 56:79:ba:20:70:50:ad:ac:2e:fe:f8:8a:b6:97:cd: 83:7e:d9:6f:bf:39:58:54:0a:f8:84:1e:b5:c1:df: 84:2f:d6:56:fc:71:a4:15:2d:59:d0:f7:5e:05:8a: 9c:43:fb:34:b5:1a:5d:a3:b7:fb:6c:36:ab:86:1b: 09:81:fa:09:69:ee:a4:11:e0:6a:35:dd:27:07:35: 09:53:78:c7:8f:f3:84:02:15:ea:1e:65:a1:11:8b: 81:ce:52:e4:dd:1a:e5:29:4c:7f:c3:41:c7:75:6c: 6e:e3:20:1f:9b:eb:53:62:4a:0d:e2:37:55:94:19: 89:25:73:77:2f:f0:bf:64:20:18:ff:e2:d4:80:9d: 3e:3e:30:33:15:2e:07:d6:22:67:79:50:e2:49:de: f3:5b:8d:a8:d6:5e:5a:fe:9a:c1:89:90:f8:ff:06: 9d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:8E:F7:B6:1A:CE:11:10:AF:49:C8:F9:30:EA:31:25:94:04:AC:96 X509v3 Authority Key Identifier: keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:5c:06:a9:c8:8b:97:b7:cb:e9:2e:25:9b:23:99:33:8c:db: 41:24:1f:9a:cc:4f:6d:54:8a:6d:42:ad:5f:2e:e0:fb:8f:a1: fd:fd:82:86:6d:35:50:aa:25:d6:17:8d:0f:3c:0b:1a:08:0b: 4e:4d:6b:e0:d6:07:15:c3:85:2c:4f:68:7d:0e:4a:13:90:5b: a3:2a:c0:10:d5:cd:76:6b:82:ba:c0:88:4d:f9:a2:2c:20:4a: f9:d6:c5:52:ae:37:8e:dc:4a:f1:79:a0:08:d6:eb:02:9d:73: 8c:d5:22:fa:42:76:16:a9:76:4d:ca:22:23:09:c9:d3:53:33: 79:75:87:c8:2b:e2:6b:0f:36:c9:b2:72:c6:c0:f8:db:cf:55: 90:f3:76:92:f0:ed:59:2c:44:e7:0b:8d:e1:2e:f1:ad:7b:cd: 24:e1:af:d9:92:6e:da:3f:85:3e:b9:d5:6b:91:59:9c:26:7c: df:65:ac:fd:00:6b:22:17:3a:56:b0:34:ae:82:9d:c4:98:e6: a0:02:12:5b:e7:11:52:a3:26:10:32:57:73:89:d2:fd:d3:bc: bf:33:11:01:3e:75:60:3d:3d:93:f8:62:f4:3b:24:50:65:4d: 43:af:4f:35:a4:56:b6:12:54:17:a4:83:12:43:3c:b5:5b:8c: 56:4e:08:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/lGTLOv1O9gry+ALy1taMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0 NzU4YjIwHhcNMjYwMjA5MjAwMTA2WhcNMjYwMjEwMjAwMTA2WjAzMTEwLwYDVQQD EyhhOThlZjdiNjFhY2UxMTEwYWY0OWM4ZjkzMGVhMzEyNTk0MDRhYzk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOmSPDNtD4cl6DMWiLLVWohAtuO/ DoE3dt4PlUuKaOs1EM3LA2PWyeFinf1fV4xo0wiUbckhBLcSd/9h6UF7hAoAubu9 SPTgjX4wLvDSh+6lh9vl15bXS9lWebogcFCtrC7++Iq2l82DftlvvzlYVAr4hB61 wd+EL9ZW/HGkFS1Z0PdeBYqcQ/s0tRpdo7f7bDarhhsJgfoJae6kEeBqNd0nBzUJ U3jHj/OEAhXqHmWhEYuBzlLk3RrlKUx/w0HHdWxu4yAfm+tTYkoN4jdVlBmJJXN3 L/C/ZCAY/+LUgJ0+PjAzFS4H1iJneVDiSd7zW42o1l5a/prBiZD4/wadFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmO97YazhEQr0nI+TDqMSWUBKyWMB8GA1UdIwQY MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4 LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADFwGqciL l7fL6S4lmyOZM4zbQSQfmsxPbVSKbUKtXy7g+4+h/f2Chm01UKol1heNDzwLGggL Tk1r4NYHFcOFLE9ofQ5KE5BboyrAENXNdmuCusCITfmiLCBK+dbFUq43jtxK8Xmg CNbrAp1zjNUi+kJ2Fql2TcoiIwnJ01MzeXWHyCviaw82ybJyxsD4289VkPN2kvDt WSxE5wuN4S7xrXvNJOGv2ZJu2j+FPrnVa5FZnCZ832Ws/QBrIhc6VrA0roKdxJjm oAISW+cRUqMmEDJXc4nS/dO8vzMRAT51YD09k/hi9DskUGVNQ69PNaRWthJUF6SD EkM8tVuMVk4Ilg== -----END CERTIFICATE-----Generated at Tue Feb 10 01:42:46 2026 by rpki-client