This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft File: pxrCOk0-z8vKRROJaxeuToloKng.mft (raw, json) Hash identifier: 7isnHY5StCFAR8Lguans3+fLHBhYB8aF+wFHSprAH8Y= Subject key identifier: FF:21:F9:D3:E8:58:1B:7D:84:10:FC:9F:A9:18:F2:46:E3:F2:3A:49 Authority key identifier: A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78 Certificate issuer: /CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78 Certificate serial: 019C42469AA384D351777D2BA80ACBBD72B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft Manifest number: 01E1 Signing time: Mon 09 Feb 2026 12:00:49 +0000 Manifest this update: Mon 09 Feb 2026 12:00:49 +0000 Manifest next update: Tue 10 Feb 2026 12:00:49 +0000 Files and hashes: 1: lqZ_FZi5OZNxjRgi3lzjeMY1GAk.roa (hash: sEkCH/URmL0mijxwIa1jp+WkOSTIx15bnsPupZsfVfw=) 2: pxrCOk0-z8vKRROJaxeuToloKng.crl (hash: d6hzkUBemTP09RCGR9mnmdbr0/9gfepcPVYK2Ww+cXM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:9a:a3:84:d3:51:77:7d:2b:a8:0a:cb:bd:72:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78 Validity Not Before: Feb 9 12:00:49 2026 GMT Not After : Feb 10 12:00:49 2026 GMT Subject: CN=ff21f9d3e8581b7d8410fc9fa918f246e3f23a49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:07:73:21:9e:a4:f5:ae:72:c1:5f:83:c6:37: ae:f4:7b:2a:bd:4d:d0:75:9f:a8:62:59:48:f5:92: a3:32:3f:f6:7e:76:d4:4a:51:34:90:5c:0f:d7:c0: 84:d3:35:08:47:24:bc:90:aa:8b:36:d9:76:93:eb: 53:c7:70:1d:fe:ef:88:1e:9e:1b:33:33:5b:4b:f6: 1f:67:aa:af:5d:27:a9:d0:95:4b:94:ba:2b:ec:c4: ea:34:c5:57:48:0a:97:e8:7e:57:10:7d:b3:88:1c: 6b:2d:54:be:d9:a9:2c:91:9d:bf:ae:e2:c7:5d:21: 1c:45:b1:e9:66:dd:96:33:2a:44:9f:09:28:d2:3e: c7:b1:49:b5:34:8c:64:d8:01:ca:8b:0a:df:1e:9d: de:3a:84:d9:eb:87:50:b1:7a:a0:04:3d:ca:fa:b0: f8:d1:58:bd:56:37:93:dc:f0:98:72:fc:7f:df:f2: 8c:39:ef:3f:3a:4f:85:5e:dd:a6:46:9e:62:ce:9e: 07:7c:e6:04:06:41:b4:e6:76:de:19:8f:0f:d8:3c: 5f:cb:17:69:72:83:19:e2:74:6a:8d:b7:d4:03:06: 6f:0d:0c:ed:e4:84:3c:00:b5:31:1d:e4:9a:82:28: 9a:66:be:ff:f8:73:8e:dc:9e:d8:6e:f0:c6:c9:45: 79:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:21:F9:D3:E8:58:1B:7D:84:10:FC:9F:A9:18:F2:46:E3:F2:3A:49 X509v3 Authority Key Identifier: keyid:A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ca:de:4f:e9:19:58:26:93:8f:16:8d:d7:bf:03:97:35:4c:2b: c1:20:ba:8a:f6:a9:06:10:2b:2f:c9:d8:62:23:68:46:9a:b1: ab:a6:dd:5d:e6:81:27:f1:7a:00:c0:b7:fd:b5:a8:7b:91:d6: 2c:7c:fc:e9:97:04:42:54:08:40:d7:61:31:ec:fd:6c:34:5f: 45:da:26:ce:aa:e6:dd:3d:27:63:aa:85:6c:84:51:08:1e:d4: f4:9b:e7:99:61:b0:a0:cf:4c:d4:97:6a:77:40:52:b1:5a:43: 2b:07:e2:af:65:e3:5e:c5:f8:f9:30:06:da:80:84:b2:39:72: e8:54:b9:e4:b1:e8:85:06:3b:b4:c5:f0:63:08:8b:66:82:ab: 98:18:0f:d6:21:76:71:46:2a:f8:9c:40:4e:ee:fa:1a:92:80: bf:3f:c2:c8:c6:85:e3:e4:9a:56:fb:f8:cc:07:ff:8b:fa:38: 9f:53:44:be:3a:fa:d1:64:2e:dc:35:31:5e:80:85:ad:f3:14: ec:59:8b:58:d5:58:0c:50:3b:48:78:67:02:25:60:14:9b:c4: aa:0b:fe:c3:1c:4f:bd:cf:5f:bb:ac:04:c1:c6:39:96:fa:bb: 54:93:75:31:1b:4c:77:e2:fc:7d:8f:f9:67:cc:64:32:f7:7e: cb:69:ff:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRpqjhNNRd30rqArLvXKzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MWFjMjNhNGQzZWNmY2JjYTQ1MTM4OTZiMTdhZTRlODk2 ODJhNzgwHhcNMjYwMjA5MTIwMDQ5WhcNMjYwMjEwMTIwMDQ5WjAzMTEwLwYDVQQD EyhmZjIxZjlkM2U4NTgxYjdkODQxMGZjOWZhOTE4ZjI0NmUzZjIzYTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygdzIZ6k9a5ywV+Dxjeu9HsqvU3Q dZ+oYllI9ZKjMj/2fnbUSlE0kFwP18CE0zUIRyS8kKqLNtl2k+tTx3Ad/u+IHp4b MzNbS/YfZ6qvXSep0JVLlLor7MTqNMVXSAqX6H5XEH2ziBxrLVS+2akskZ2/ruLH XSEcRbHpZt2WMypEnwko0j7HsUm1NIxk2AHKiwrfHp3eOoTZ64dQsXqgBD3K+rD4 0Vi9VjeT3PCYcvx/3/KMOe8/Ok+FXt2mRp5izp4HfOYEBkG05nbeGY8P2Dxfyxdp coMZ4nRqjbfUAwZvDQzt5IQ8ALUxHeSagiiaZr7/+HOO3J7YbvDGyUV5JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP8h+dPoWBt9hBD8n6kY8kbj8jpJMB8GA1UdIwQY MBaAFKcawjpNPs/LykUTiWsXrk6JaCp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTkt ZmRiYzVjNmFlNWFhLzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTktZmRiYzVjNmFlNWFh LzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyt5P6RlY JpOPFo3XvwOXNUwrwSC6ivapBhArL8nYYiNoRpqxq6bdXeaBJ/F6AMC3/bWoe5HW LHz86ZcEQlQIQNdhMez9bDRfRdomzqrm3T0nY6qFbIRRCB7U9JvnmWGwoM9M1Jdq d0BSsVpDKwfir2XjXsX4+TAG2oCEsjly6FS55LHohQY7tMXwYwiLZoKrmBgP1iF2 cUYq+JxATu76GpKAvz/CyMaF4+SaVvv4zAf/i/o4n1NEvjr60WQu3DUxXoCFrfMU 7FmLWNVYDFA7SHhnAiVgFJvEqgv+wxxPvc9fu6wEwcY5lvq7VJN1MRtMd+L8fY/5 Z8xkMvd+y2n/ag== -----END CERTIFICATE-----Generated at Mon Feb 9 18:46:10 2026 by rpki-client