This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft File: 2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json) Hash identifier: +rfCFui88ZBKJIYrUlTZbBXqfUYwdjWHao8iCE3T8c0= Subject key identifier: A9:A8:38:CC:34:55:33:E0:DD:60:0C:E9:8C:4F:70:BF:58:DA:5C:AE Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D Certificate issuer: /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Certificate serial: 019C420FC3302F29DA79093A150A5BACC4B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft Manifest number: 0C1C Signing time: Mon 09 Feb 2026 11:00:55 +0000 Manifest this update: Mon 09 Feb 2026 11:00:55 +0000 Manifest next update: Tue 10 Feb 2026 11:00:55 +0000 Files and hashes: 1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: W0dkLQnhAP45yyFaS8EKAaTyVyGjsRcW/6p0O/mFswI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:c3:30:2f:29:da:79:09:3a:15:0a:5b:ac:c4:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Validity Not Before: Feb 9 11:00:55 2026 GMT Not After : Feb 10 11:00:55 2026 GMT Subject: CN=a9a838cc345533e0dd600ce98c4f70bf58da5cae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:39:c9:6a:9a:28:17:f2:96:5b:a2:85:b7:e3: 0f:25:6f:96:5b:ec:4e:48:c9:ad:7a:c9:d9:08:cb: 6f:90:a8:c6:81:8c:5c:cf:43:99:c6:5d:f6:30:a5: 14:7a:8c:fc:28:21:19:d6:c4:79:70:88:96:74:a6: 80:49:44:b9:46:6b:71:32:0a:c0:15:c0:89:59:91: a1:17:f6:62:86:f9:bb:37:bb:c2:21:68:c2:22:8b: 22:76:42:8d:6e:60:7e:e1:33:1a:d0:f2:ba:17:5f: d9:53:70:52:98:d0:cf:14:47:0e:ea:16:42:79:05: 29:ca:ab:94:d4:80:61:84:15:2f:ad:ad:cb:00:78: 29:9c:75:fa:c0:dc:d0:4d:a7:41:83:b7:c7:62:e0: 9c:1d:27:96:ea:b7:79:53:9e:39:2f:1d:48:1e:1b: b2:84:f1:6a:87:0c:ca:91:71:22:79:29:7d:47:87: a2:80:f3:7a:44:96:6e:d7:da:18:31:2b:e7:12:2b: 82:66:9d:6f:33:27:c6:34:82:bb:2f:06:73:cf:0d: 46:48:8e:e4:18:76:ed:8b:b2:de:b2:70:05:7b:d0: bf:86:4a:16:e7:e2:3e:2f:0d:f6:f9:9c:47:3b:a8: 36:71:9a:e5:b7:fd:3a:aa:08:76:42:2d:85:a3:d9: ba:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:A8:38:CC:34:55:33:E0:DD:60:0C:E9:8C:4F:70:BF:58:DA:5C:AE X509v3 Authority Key Identifier: keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:42:1c:62:a4:58:db:8a:53:03:ee:2a:62:e0:5d:04:8a:7d: b4:fe:0f:c4:b3:a2:1b:46:29:dc:38:40:07:f1:53:2d:77:0f: be:59:c5:f3:3d:c5:93:ff:76:4c:09:41:6c:54:b5:dc:f1:2c: 7e:eb:64:58:27:c9:fb:5a:9c:6f:c3:6b:6c:a4:c4:7a:21:16: c9:1d:6e:0b:a8:3d:21:1e:bb:27:88:6e:eb:1a:93:42:3d:fc: 5d:75:3c:fd:3a:64:33:68:8c:8a:15:18:b7:e3:5a:70:32:5b: 7f:7a:e3:ca:da:bc:b2:d7:df:86:97:b0:18:eb:f4:11:48:28: 8a:e8:87:cf:b2:49:77:1e:ae:e0:2b:99:d8:b0:02:7e:94:1c: 43:cc:9f:84:25:15:03:02:60:c3:48:be:17:8e:64:15:a0:63: 75:f3:dd:7c:39:43:bc:88:5b:ce:01:fe:91:7c:61:df:e1:ee: 7b:c4:4a:cf:85:49:48:92:30:7c:fc:55:89:b8:9a:35:43:3b: 80:06:b1:a7:70:51:c5:da:b2:a5:d1:5b:70:69:8c:a0:83:7d: ee:6b:8b:3f:68:4d:54:e7:42:16:c0:14:f7:16:e2:79:8d:7f: 95:3c:06:61:76:4e:00:bb:9f:e1:28:6e:eb:f2:ff:9d:6b:35: 58:2c:9e:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD8MwLynaeQk6FQpbrMS0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx MjZkMGQwHhcNMjYwMjA5MTEwMDU1WhcNMjYwMjEwMTEwMDU1WjAzMTEwLwYDVQQD EyhhOWE4MzhjYzM0NTUzM2UwZGQ2MDBjZTk4YzRmNzBiZjU4ZGE1Y2FlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlznJapooF/KWW6KFt+MPJW+WW+xO SMmtesnZCMtvkKjGgYxcz0OZxl32MKUUeoz8KCEZ1sR5cIiWdKaASUS5RmtxMgrA FcCJWZGhF/Zihvm7N7vCIWjCIosidkKNbmB+4TMa0PK6F1/ZU3BSmNDPFEcO6hZC eQUpyquU1IBhhBUvra3LAHgpnHX6wNzQTadBg7fHYuCcHSeW6rd5U545Lx1IHhuy hPFqhwzKkXEieSl9R4eigPN6RJZu19oYMSvnEiuCZp1vMyfGNIK7LwZzzw1GSI7k GHbti7LesnAFe9C/hkoW5+I+Lw32+ZxHO6g2cZrlt/06qgh2Qi2Fo9m6gwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmoOMw0VTPg3WAM6YxPcL9Y2lyuMB8GA1UdIwQY MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmUIcYqRY 24pTA+4qYuBdBIp9tP4PxLOiG0Yp3DhAB/FTLXcPvlnF8z3Fk/92TAlBbFS13PEs futkWCfJ+1qcb8NrbKTEeiEWyR1uC6g9IR67J4hu6xqTQj38XXU8/TpkM2iMihUY t+NacDJbf3rjytq8stffhpewGOv0EUgoiuiHz7JJdx6u4CuZ2LACfpQcQ8yfhCUV AwJgw0i+F45kFaBjdfPdfDlDvIhbzgH+kXxh3+Hue8RKz4VJSJIwfPxVibiaNUM7 gAaxp3BRxdqypdFbcGmMoIN97muLP2hNVOdCFsAU9xbieY1/lTwGYXZOALuf4Shu 6/L/nWs1WCyeIQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:09 2026 by rpki-client