This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json) Hash identifier: WF9WF0rWYg+fiyyI6P8+qIhkhOUTyySzaMP1Q95ORfA= Subject key identifier: 1C:1A:E3:4A:8C:EB:EE:58:57:97:98:7E:BA:EA:80:73:0C:C2:FF:32 Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Certificate serial: 019C43C6E5645C8914B7301D3D120EEEEB92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft Manifest number: 1828 Signing time: Mon 09 Feb 2026 19:00:34 +0000 Manifest this update: Mon 09 Feb 2026 19:00:34 +0000 Manifest next update: Tue 10 Feb 2026 19:00:34 +0000 Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: Qen0y4qqWvigWULq0UKCj9OjikQdHVnNcknwc+AmFrM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c6:e5:64:5c:89:14:b7:30:1d:3d:12:0e:ee:eb:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Validity Not Before: Feb 9 19:00:34 2026 GMT Not After : Feb 10 19:00:34 2026 GMT Subject: CN=1c1ae34a8cebee585797987ebaea80730cc2ff32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:a8:c1:23:6d:be:8c:f1:db:1a:f3:a8:73:4f: 6a:13:45:74:b4:49:6c:41:13:08:f8:99:5d:35:8c: fb:31:65:07:40:f4:78:58:7a:f1:d8:3a:a9:23:5c: 01:64:f3:64:fa:d9:70:5c:31:a6:54:7d:c5:be:61: 53:3a:e3:88:ab:11:af:e5:c5:ff:96:ba:14:fd:ff: 76:f9:5c:81:44:b7:43:87:1e:14:b9:eb:d0:fa:db: a5:93:ef:20:ef:b4:ce:a1:46:6c:f9:00:69:aa:23: ea:c7:ff:9c:3b:53:63:b3:fc:19:58:8a:7a:80:7f: 1a:e2:eb:11:e7:ac:d2:e2:28:00:08:52:60:de:54: 59:3f:f4:25:50:1b:d7:91:97:9f:73:b0:01:64:dc: de:26:57:52:b6:c9:59:52:df:36:c5:25:f3:a1:03: 61:c6:94:10:27:c4:1e:4f:2a:3c:84:b5:90:3d:b4: f5:29:eb:f2:77:a3:48:56:2d:2a:6e:9f:62:42:63: 30:29:86:19:30:6e:df:54:9f:14:07:b0:78:8f:db: 1a:06:77:cd:9e:73:22:e2:66:b4:84:cf:51:70:3d: 68:8a:d4:10:f0:ed:83:27:e1:d8:e2:2a:69:0d:83: 55:f2:50:a6:68:2b:e2:97:61:ed:28:1b:24:a1:11: 3f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:1A:E3:4A:8C:EB:EE:58:57:97:98:7E:BA:EA:80:73:0C:C2:FF:32 X509v3 Authority Key Identifier: keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:cd:19:75:b9:35:52:47:ea:18:63:88:75:94:9a:b1:ab:c0: f5:4b:fd:2d:9b:b7:d0:b2:5e:6a:77:fc:5b:15:5e:4f:4b:0d: 6c:a6:1f:0c:15:37:11:13:09:8a:bb:b0:29:e1:62:4f:41:b3: 82:be:9d:9b:9a:b5:f8:19:13:49:ae:5a:b6:ca:60:06:27:24: 86:71:a7:67:87:99:a1:1b:d6:d5:05:ca:4f:ed:29:97:bb:56: 2b:9b:f3:f0:b8:7d:2f:20:72:36:ba:ea:ad:66:4d:8f:71:55: 00:70:53:75:18:52:bb:44:21:0f:80:9d:1b:d9:16:88:3e:52: cc:e1:e3:4a:6e:f1:12:aa:b9:2e:cb:1f:01:09:11:3a:dc:7e: 18:e9:7a:62:d9:22:f0:59:17:ad:ab:cd:ff:63:d8:8f:09:b8: c8:ea:46:47:50:28:f4:bc:35:50:e2:fc:13:fb:a2:be:b9:63: f7:3b:bc:59:db:3b:36:ea:96:d1:6f:54:e4:15:8a:04:32:c0: 17:5e:0b:ef:fc:47:a8:70:13:19:90:8d:82:b9:2e:dc:13:2e: 85:8f:8c:14:dd:6e:39:01:2b:2e:94:7b:dc:3a:96:5f:b0:88: c7:b6:03:f2:8e:a7:cb:c6:9d:0c:17:f9:00:bd:5f:a5:74:92: 4d:b2:fd:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxuVkXIkUtzAdPRIO7uuSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl YmFhNDMwHhcNMjYwMjA5MTkwMDM0WhcNMjYwMjEwMTkwMDM0WjAzMTEwLwYDVQQD EygxYzFhZTM0YThjZWJlZTU4NTc5Nzk4N2ViYWVhODA3MzBjYzJmZjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnajBI22+jPHbGvOoc09qE0V0tEls QRMI+JldNYz7MWUHQPR4WHrx2DqpI1wBZPNk+tlwXDGmVH3FvmFTOuOIqxGv5cX/ lroU/f92+VyBRLdDhx4UuevQ+tulk+8g77TOoUZs+QBpqiPqx/+cO1Njs/wZWIp6 gH8a4usR56zS4igACFJg3lRZP/QlUBvXkZefc7ABZNzeJldStslZUt82xSXzoQNh xpQQJ8QeTyo8hLWQPbT1Kevyd6NIVi0qbp9iQmMwKYYZMG7fVJ8UB7B4j9saBnfN nnMi4ma0hM9RcD1oitQQ8O2DJ+HY4ippDYNV8lCmaCvil2HtKBskoRE/KQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBwa40qM6+5YV5eYfrrqgHMMwv8yMB8GA1UdIwQY MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjM0Zdbk1 UkfqGGOIdZSasavA9Uv9LZu30LJeanf8WxVeT0sNbKYfDBU3ERMJiruwKeFiT0Gz gr6dm5q1+BkTSa5atspgBickhnGnZ4eZoRvW1QXKT+0pl7tWK5vz8Lh9LyByNrrq rWZNj3FVAHBTdRhSu0QhD4CdG9kWiD5SzOHjSm7xEqq5LssfAQkROtx+GOl6Ytki 8FkXravN/2PYjwm4yOpGR1Ao9Lw1UOL8E/uivrlj9zu8Wds7NuqW0W9U5BWKBDLA F14L7/xHqHATGZCNgrku3BMuhY+MFN1uOQErLpR73DqWX7CIx7YD8o6ny8adDBf5 AL1fpXSSTbL9nQ== -----END CERTIFICATE-----Generated at Mon Feb 9 22:42:38 2026 by rpki-client