This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft File: NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json) Hash identifier: 1uGbekcGG3uZzCV8b3FU0zY27f3WvmXKW4obMvYt8YU= Subject key identifier: B7:26:11:82:9E:7D:C7:63:9F:EB:59:D7:06:79:B4:6F:D4:71:E5:67 Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 Certificate issuer: /CN=3432f3546de43ce35c7871c554b8b30ef635c251 Certificate serial: 019C438FC2D935A321F35BC13F6F09BCF40A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft Manifest number: 03B7 Signing time: Mon 09 Feb 2026 18:00:20 +0000 Manifest this update: Mon 09 Feb 2026 18:00:20 +0000 Manifest next update: Tue 10 Feb 2026 18:00:20 +0000 Files and hashes: 1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: QAdFpyKCXZGabS+DDneVPIYbY6qlThnYNdY3oN6Ae30=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:8f:c2:d9:35:a3:21:f3:5b:c1:3f:6f:09:bc:f4:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251 Validity Not Before: Feb 9 18:00:20 2026 GMT Not After : Feb 10 18:00:20 2026 GMT Subject: CN=b72611829e7dc7639feb59d70679b46fd471e567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:08:cd:02:8e:65:09:ff:a7:ad:b0:ec:47:19: 24:e2:d1:72:3b:65:4e:5f:ec:e9:5f:c7:1c:3e:b5: f7:7d:77:36:b6:79:08:67:7f:59:01:37:96:dd:29: 36:3a:e7:b0:c9:eb:23:91:63:37:96:52:c7:de:8b: dc:cd:59:96:c9:38:fe:9a:53:37:a4:1d:6f:97:56: cf:08:91:66:82:ef:bf:e7:13:c4:f7:9f:79:58:4b: 58:4e:cc:e8:d4:a8:1a:a7:9a:10:63:b9:44:1b:4e: 8a:a6:8a:f9:c6:d0:c6:e4:1a:79:a6:d9:67:d9:d5: 99:b0:b2:c5:82:0e:1c:61:53:9b:36:5c:39:24:fa: a3:85:41:5a:08:d2:07:aa:e1:c1:af:ec:cf:f4:8a: 5f:d8:71:36:c4:36:43:3b:95:33:97:5e:9a:e6:49: 71:85:db:db:9d:0e:7c:ea:52:43:7c:25:c9:a6:18: 2d:b4:8f:9a:34:7c:f3:f0:4b:e1:e2:dc:b4:93:91: 14:e3:f7:3e:64:57:b6:41:cf:44:79:63:9a:14:b2: 93:9c:0b:1a:ce:d3:ef:73:45:45:1a:04:d3:9c:9f: 36:dd:82:1e:c4:1d:76:aa:50:01:2a:08:98:9e:dd: 68:d8:96:63:d7:a0:82:28:f7:6b:c4:c5:a9:06:e7: 96:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:26:11:82:9E:7D:C7:63:9F:EB:59:D7:06:79:B4:6F:D4:71:E5:67 X509v3 Authority Key Identifier: keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:20:32:6f:6b:11:54:bb:d0:8a:4b:be:c3:b6:10:26:62:70: cc:88:be:d2:0a:c8:d6:f7:f7:c7:7f:6e:94:cb:96:9a:04:1f: 86:56:aa:44:b7:52:93:de:98:97:4e:0e:1a:0a:90:c2:a4:31: 37:29:2e:8f:8d:80:43:2a:a0:d6:eb:87:a5:76:bc:9a:86:e9: ea:dd:53:a5:b8:8b:56:28:f9:90:05:8a:59:32:c7:fc:8a:0a: 80:aa:a2:9d:8a:06:81:2f:d5:4d:00:8a:96:df:11:89:59:64: ff:20:34:b3:32:5a:22:39:61:c4:2e:45:7e:24:c4:46:49:36: 4c:5c:89:88:37:ae:31:44:19:87:7b:c3:fd:9b:5b:23:d2:42: c8:84:d2:80:b2:b5:86:cb:d5:fe:36:49:d4:35:6b:30:59:71: 53:01:44:47:7a:4e:6e:1a:60:1e:d6:64:25:6b:fd:57:c3:75: ff:35:af:71:76:ab:e1:c2:5c:00:98:88:8f:20:61:6b:d7:4e: c8:d6:14:c0:dc:68:f9:f8:7b:53:12:93:93:7f:e4:e5:34:7f: 70:97:32:6c:33:fb:a9:9e:7d:45:d1:a7:87:4e:35:60:31:e8: 17:95:7c:23:d6:f8:19:5a:42:bf:91:ce:77:32:4b:3e:aa:12: 1e:03:2c:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDj8LZNaMh81vBP28JvPQKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz NWMyNTEwHhcNMjYwMjA5MTgwMDIwWhcNMjYwMjEwMTgwMDIwWjAzMTEwLwYDVQQD EyhiNzI2MTE4MjllN2RjNzYzOWZlYjU5ZDcwNjc5YjQ2ZmQ0NzFlNTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gjNAo5lCf+nrbDsRxkk4tFyO2VO X+zpX8ccPrX3fXc2tnkIZ39ZATeW3Sk2OuewyesjkWM3llLH3ovczVmWyTj+mlM3 pB1vl1bPCJFmgu+/5xPE9595WEtYTszo1Kgap5oQY7lEG06Kpor5xtDG5Bp5ptln 2dWZsLLFgg4cYVObNlw5JPqjhUFaCNIHquHBr+zP9Ipf2HE2xDZDO5Uzl16a5klx hdvbnQ586lJDfCXJphgttI+aNHzz8Evh4ty0k5EU4/c+ZFe2Qc9EeWOaFLKTnAsa ztPvc0VFGgTTnJ823YIexB12qlABKgiYnt1o2JZj16CCKPdrxMWpBueWYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLcmEYKefcdjn+tZ1wZ5tG/UceVnMB8GA1UdIwQY MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3 LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECAyb2sR VLvQiku+w7YQJmJwzIi+0grI1vf3x39ulMuWmgQfhlaqRLdSk96Yl04OGgqQwqQx Nykuj42AQyqg1uuHpXa8mobp6t1TpbiLVij5kAWKWTLH/IoKgKqinYoGgS/VTQCK lt8RiVlk/yA0szJaIjlhxC5FfiTERkk2TFyJiDeuMUQZh3vD/ZtbI9JCyITSgLK1 hsvV/jZJ1DVrMFlxUwFER3pObhpgHtZkJWv9V8N1/zWvcXar4cJcAJiIjyBha9dO yNYUwNxo+fh7UxKTk3/k5TR/cJcybDP7qZ59RdGnh041YDHoF5V8I9b4GVpCv5HO dzJLPqoSHgMsCg== -----END CERTIFICATE-----Generated at Mon Feb 9 19:49:13 2026 by rpki-client