This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft File: PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json) Hash identifier: lOIOAEKZOyFVZq3nWIk0TxCyGzXOmf57F1Z20FELooQ= Subject key identifier: 83:6E:46:EF:4D:83:AB:F6:3F:DE:F8:D3:0C:00:3C:C7:9D:0A:E0:82 Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 Certificate issuer: /CN=3c41ea44178a702c507000023d14a9f9c47260e6 Certificate serial: 019C4134721850990365C5AD901FF250B5CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft Manifest number: 1213 Signing time: Mon 09 Feb 2026 07:01:21 +0000 Manifest this update: Mon 09 Feb 2026 07:01:21 +0000 Manifest next update: Tue 10 Feb 2026 07:01:21 +0000 Files and hashes: 1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: JvOpVJfrBOFEqodNpQqIr9Kxj+n4sajP8G/IxOlT1K0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:34:72:18:50:99:03:65:c5:ad:90:1f:f2:50:b5:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6 Validity Not Before: Feb 9 07:01:21 2026 GMT Not After : Feb 10 07:01:21 2026 GMT Subject: CN=836e46ef4d83abf63fdef8d30c003cc79d0ae082 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:ae:87:88:bb:ce:be:80:f0:d9:45:4d:9d:57: 5e:44:fd:3a:a2:bc:12:e9:c7:d2:1f:fd:e8:0b:db: 50:ef:36:16:b7:f7:69:14:25:19:0f:a4:71:ba:c9: 84:60:9f:55:fc:5c:e6:a6:d2:47:79:7d:89:f1:bc: e0:35:8e:de:fe:bd:98:78:ad:26:c7:13:33:18:62: 35:32:1b:2f:06:26:ea:f3:36:de:36:ce:c7:30:6a: d2:0e:a3:09:f1:56:6d:3c:a5:05:dc:3f:07:cf:f6: 85:57:a7:89:d8:1e:d3:c5:34:0b:55:f0:e5:6b:e4: 6e:42:c9:e2:aa:bc:92:2c:e5:96:1f:9d:d1:38:38: 41:6f:f5:26:02:72:e9:c9:a3:4b:f9:d3:44:17:f1: 07:5f:15:a3:61:68:f3:a8:8f:bd:ca:0a:a7:4a:75: ce:b3:18:e6:e5:11:2c:53:a0:1c:75:35:26:00:31: 56:21:7a:7f:da:01:a0:ac:ed:31:04:a6:e3:4c:9c: df:0e:d6:49:a6:b2:c7:29:33:d4:a0:9a:05:fa:95: e9:f5:cc:18:cb:18:9f:0b:6c:e6:48:f1:17:c0:2f: 59:b9:bf:77:24:3c:3f:8f:1e:b8:36:30:34:ff:1b: 37:27:a7:1a:b9:19:f4:cb:7d:84:22:c8:b2:f0:5d: eb:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:6E:46:EF:4D:83:AB:F6:3F:DE:F8:D3:0C:00:3C:C7:9D:0A:E0:82 X509v3 Authority Key Identifier: keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:db:21:8d:01:f2:20:db:5c:7d:69:b1:2f:6d:f9:f0:76:ef: 66:50:a5:18:b9:28:85:ca:3e:7b:ce:9a:8c:c6:6e:42:6d:72: 70:f5:80:b0:c1:00:f8:b0:f3:b4:26:db:8b:b5:ad:6f:06:f2: e0:17:2a:1d:93:62:51:b9:29:9d:c8:bd:b3:2f:f8:1c:0b:18: 3b:83:60:b6:94:9d:22:d0:6c:5e:b7:94:7f:e4:b9:14:fa:2f: 40:a2:2f:4a:8b:88:e6:8b:51:85:c7:c5:c8:c3:b6:4f:9c:59: 69:6e:bd:cf:b8:fa:1c:bf:2b:48:37:6c:58:3f:c1:e2:40:24: c3:40:a0:17:33:5c:48:36:d1:c4:23:b5:00:c1:3d:c8:db:f0: 54:6c:18:8c:ab:94:b3:64:27:c7:c3:7c:25:50:13:b5:f9:51: bf:39:be:2d:ef:ef:8d:2f:0d:84:17:62:8c:6b:60:fd:96:0e: 74:2f:cc:49:74:ba:0f:ba:2b:51:3b:4a:a4:7d:2c:55:2d:d4: 09:55:6d:be:76:b1:9b:d7:7d:21:93:72:fe:c2:f0:4a:64:e3: e1:15:82:8d:fb:ca:8d:4e:8b:d3:c7:ad:2c:7d:63:77:1a:22: db:26:8b:fd:69:15:53:db:76:b9:38:96:22:4f:34:f7:78:30: b0:d3:b3:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBNHIYUJkDZcWtkB/yULXOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3 MjYwZTYwHhcNMjYwMjA5MDcwMTIxWhcNMjYwMjEwMDcwMTIxWjAzMTEwLwYDVQQD Eyg4MzZlNDZlZjRkODNhYmY2M2ZkZWY4ZDMwYzAwM2NjNzlkMGFlMDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg66HiLvOvoDw2UVNnVdeRP06orwS 6cfSH/3oC9tQ7zYWt/dpFCUZD6RxusmEYJ9V/FzmptJHeX2J8bzgNY7e/r2YeK0m xxMzGGI1MhsvBibq8zbeNs7HMGrSDqMJ8VZtPKUF3D8Hz/aFV6eJ2B7TxTQLVfDl a+RuQsniqrySLOWWH53RODhBb/UmAnLpyaNL+dNEF/EHXxWjYWjzqI+9ygqnSnXO sxjm5REsU6AcdTUmADFWIXp/2gGgrO0xBKbjTJzfDtZJprLHKTPUoJoF+pXp9cwY yxifC2zmSPEXwC9Zub93JDw/jx64NjA0/xs3J6cauRn0y32EIsiy8F3r7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFINuRu9Ng6v2P9740wwAPMedCuCCMB8GA1UdIwQY MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVNshjQHy INtcfWmxL2358HbvZlClGLkohco+e86ajMZuQm1ycPWAsMEA+LDztCbbi7Wtbwby 4BcqHZNiUbkpnci9sy/4HAsYO4NgtpSdItBsXreUf+S5FPovQKIvSouI5otRhcfF yMO2T5xZaW69z7j6HL8rSDdsWD/B4kAkw0CgFzNcSDbRxCO1AME9yNvwVGwYjKuU s2Qnx8N8JVATtflRvzm+Le/vjS8NhBdijGtg/ZYOdC/MSXS6D7orUTtKpH0sVS3U CVVtvnaxm9d9IZNy/sLwSmTj4RWCjfvKjU6L08etLH1jdxoi2yaL/WkVU9t2uTiW Ik8093gwsNOzLg== -----END CERTIFICATE-----Generated at Mon Feb 9 16:56:31 2026 by rpki-client