This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft File: NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json) Hash identifier: FidQIIQ5+esObQ5phow1QaUJIVQyIp8S65tzD+FGoyk= Subject key identifier: F6:87:D9:DF:42:9C:18:57:09:99:90:05:10:3D:88:3C:A7:46:5A:8B Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E Certificate issuer: /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Certificate serial: 019C4434FD27594B5A77770AAB33E2CD5D5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft Manifest number: 08E9 Signing time: Mon 09 Feb 2026 21:00:49 +0000 Manifest this update: Mon 09 Feb 2026 21:00:49 +0000 Manifest next update: Tue 10 Feb 2026 21:00:49 +0000 Files and hashes: 1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: I3SU/0Dk1gl96SJJcsaSltuOsvcsssF0Kf7vS22W27g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:44:34:fd:27:59:4b:5a:77:77:0a:ab:33:e2:cd:5d:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e Validity Not Before: Feb 9 21:00:49 2026 GMT Not After : Feb 10 21:00:49 2026 GMT Subject: CN=f687d9df429c185709999005103d883ca7465a8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:87:16:08:0b:b5:2e:e6:2a:4a:14:70:d0:d2: 77:3e:ee:5f:32:89:07:ef:93:b5:90:f2:c9:a0:f6: 36:87:37:2a:b4:ca:9a:43:81:0a:1e:0b:e8:66:0f: ea:dd:67:e4:75:37:3c:97:cb:cb:6b:e8:82:da:ba: e7:d0:29:57:23:54:1f:f9:b8:4b:d5:74:70:a5:79: 6f:48:46:0e:af:cb:e7:96:30:52:17:68:69:b9:2e: 3c:49:8c:21:05:79:40:cd:c3:7d:cd:05:bd:94:8f: 81:08:d1:76:9a:77:3b:e6:fc:04:4d:2f:21:ec:4c: af:bd:b7:70:aa:9f:61:6b:ba:05:17:46:0e:63:33: 40:02:cf:0b:a4:a6:0a:33:ac:0f:87:03:41:c8:05: e3:8c:b4:cd:af:96:7c:86:1f:7f:e7:dc:84:f7:de: 71:d0:29:ed:69:c8:8f:f7:96:fd:5d:03:e5:21:d8: ef:7e:8f:6c:7a:95:79:ab:0b:32:74:22:33:e1:d1: 59:e6:ff:c9:4e:d2:5c:03:79:98:c6:65:8d:51:fa: 96:6a:7e:fd:49:1a:37:e9:21:84:c7:a0:a7:72:9b: ed:8b:9a:9b:92:7e:c5:47:1b:dd:a9:84:15:cf:eb: 4a:04:f0:86:62:d3:17:f8:e2:4f:42:82:19:a5:d6: 21:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:87:D9:DF:42:9C:18:57:09:99:90:05:10:3D:88:3C:A7:46:5A:8B X509v3 Authority Key Identifier: keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:73:db:56:09:e4:c8:7e:b3:5c:aa:23:4f:48:bf:d8:c0:5c: 75:57:98:72:94:6f:2c:fd:84:bd:6c:c8:c5:5b:24:d1:9a:09: 6f:a8:70:8c:57:98:26:e3:a2:aa:47:12:7e:18:6c:3a:1a:0c: 50:04:a6:c0:cc:46:68:e4:0c:13:46:37:85:7f:0f:cc:08:c6: 80:e5:28:2b:21:24:16:5f:93:9c:2a:b8:cc:96:b8:b2:53:a4: 22:55:2e:4b:23:de:d3:96:50:36:0a:9c:33:7d:85:ec:50:95: fc:d9:08:bb:4e:1a:da:14:89:db:4b:87:7d:ad:99:13:c4:ab: 26:81:7c:00:b8:a8:a7:4d:31:a8:65:fa:e2:74:44:d8:4b:6e: fe:8d:4e:e4:37:a0:f4:19:91:7a:f9:1a:b2:d2:69:61:82:c8: 58:9a:b2:b8:c9:68:56:35:85:ba:a0:2d:3e:a2:07:c5:38:11: 54:c5:cb:0f:08:f9:71:26:1f:93:42:01:ba:84:3a:65:1b:11: b0:fc:f4:c5:33:80:4f:82:28:05:c1:04:51:cb:01:c7:85:66: 55:98:bc:8f:41:dd:cc:5f:40:b4:b1:80:ab:2c:67:6f:d9:8b: 5f:f9:46:c7:1c:c0:71:7c:cd:47:7e:f3:c7:0c:81:f1:ba:cd: 69:aa:f1:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxENP0nWUtad3cKqzPizV1bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm NDg2OWUwHhcNMjYwMjA5MjEwMDQ5WhcNMjYwMjEwMjEwMDQ5WjAzMTEwLwYDVQQD EyhmNjg3ZDlkZjQyOWMxODU3MDk5OTkwMDUxMDNkODgzY2E3NDY1YThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIcWCAu1LuYqShRw0NJ3Pu5fMokH 75O1kPLJoPY2hzcqtMqaQ4EKHgvoZg/q3WfkdTc8l8vLa+iC2rrn0ClXI1Qf+bhL 1XRwpXlvSEYOr8vnljBSF2hpuS48SYwhBXlAzcN9zQW9lI+BCNF2mnc75vwETS8h 7Eyvvbdwqp9ha7oFF0YOYzNAAs8LpKYKM6wPhwNByAXjjLTNr5Z8hh9/59yE995x 0CntaciP95b9XQPlIdjvfo9sepV5qwsydCIz4dFZ5v/JTtJcA3mYxmWNUfqWan79 SRo36SGEx6Cncpvti5qbkn7FRxvdqYQVz+tKBPCGYtMX+OJPQoIZpdYhqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPaH2d9CnBhXCZmQBRA9iDynRlqLMB8GA1UdIwQY MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfnPbVgnk yH6zXKojT0i/2MBcdVeYcpRvLP2EvWzIxVsk0ZoJb6hwjFeYJuOiqkcSfhhsOhoM UASmwMxGaOQME0Y3hX8PzAjGgOUoKyEkFl+TnCq4zJa4slOkIlUuSyPe05ZQNgqc M32F7FCV/NkIu04a2hSJ20uHfa2ZE8SrJoF8ALiop00xqGX64nRE2Etu/o1O5Deg 9BmRevkastJpYYLIWJqyuMloVjWFuqAtPqIHxTgRVMXLDwj5cSYfk0IBuoQ6ZRsR sPz0xTOAT4IoBcEEUcsBx4VmVZi8j0HdzF9AtLGAqyxnb9mLX/lGxxzAcXzNR37z xwyB8brNaarx7w== -----END CERTIFICATE-----Generated at Tue Feb 10 01:38:33 2026 by rpki-client