This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft File: h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json) Hash identifier: dEuk8d73UTWJLELx0roIO9YRdrWkj0gsoYSoBAmn7gE= Subject key identifier: A8:8D:7A:4A:1D:57:A5:94:CA:AC:7A:7A:63:BA:96:41:7A:6C:9B:E1 Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Certificate serial: 019C42B41D73242499D66E4AC6C4B3D57597 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft Manifest number: 12F2 Signing time: Mon 09 Feb 2026 14:00:26 +0000 Manifest this update: Mon 09 Feb 2026 14:00:26 +0000 Manifest next update: Tue 10 Feb 2026 14:00:26 +0000 Files and hashes: 1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: GRVZkG0pIfs6viczvR+KtBx1LYAhL0jZ4v28ygjFw1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:1d:73:24:24:99:d6:6e:4a:c6:c4:b3:d5:75:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Validity Not Before: Feb 9 14:00:26 2026 GMT Not After : Feb 10 14:00:26 2026 GMT Subject: CN=a88d7a4a1d57a594caac7a7a63ba96417a6c9be1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c3:cd:70:73:07:97:92:61:1e:6f:23:9f:18: 73:e3:94:e2:bc:40:3e:ed:a4:df:da:61:d4:2c:c6: 1d:49:25:76:be:6f:c0:47:ce:2d:6f:94:04:03:90: 6e:8e:e1:99:0c:55:da:17:fb:dd:1b:58:33:10:08: 61:41:6a:f9:3d:91:9c:67:f7:37:27:c3:7a:85:de: d9:d2:8b:e8:71:95:13:e7:a6:45:43:c2:07:0e:db: ab:4a:5a:40:f3:6b:5d:44:a9:e8:2a:94:e1:0b:29: aa:59:7a:0a:11:96:3f:d6:cd:46:7f:0c:5d:74:b0: c1:e5:8a:b2:7b:e9:ae:43:a1:74:22:9e:41:8c:27: 1c:f8:3d:ee:5c:51:3c:8e:3f:9f:46:7f:3d:06:32: 34:81:f3:e1:2b:c6:2d:77:0d:56:b7:b0:c8:41:7e: 46:76:b2:18:2f:0d:d9:19:bb:5b:1b:94:98:a2:8d: 46:45:55:fb:2a:f9:1e:9e:b9:54:70:a9:15:22:e4: 8f:5c:12:bf:a6:54:e7:07:a4:64:62:83:06:7d:a2: 3a:bb:48:c7:3c:c4:a7:5a:2d:a7:fd:5f:67:99:66: 76:be:66:1f:91:f7:01:60:35:ff:06:ed:28:5f:12: e4:53:68:c1:a5:49:11:17:08:9a:23:aa:10:7d:3d: e8:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:8D:7A:4A:1D:57:A5:94:CA:AC:7A:7A:63:BA:96:41:7A:6C:9B:E1 X509v3 Authority Key Identifier: keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:48:72:71:e0:a6:dd:9d:47:92:13:a1:32:89:54:70:54:81: 83:e0:d9:1a:4f:a1:d1:ea:fd:02:2c:c6:37:f1:10:92:44:65: 68:c7:bb:04:cf:14:05:59:b9:59:34:21:52:ac:fb:82:f9:c1: 49:13:58:c0:ca:22:45:37:ee:c4:ec:c1:fa:1d:b3:db:1b:9f: c8:8e:05:9a:2e:d3:c1:61:26:32:c6:af:a6:61:16:3a:39:e9: c3:66:31:6e:c0:58:9c:9d:d2:35:05:0d:ea:1c:29:06:39:9d: 5f:02:9c:0f:82:c2:f6:fc:1e:20:76:2f:12:77:b0:2b:66:ac: 21:f9:f0:9d:9b:3b:71:74:07:cc:7a:15:02:67:f5:03:04:b6: d7:dc:b8:fd:4d:8b:b9:3e:2e:de:57:bb:e1:41:15:ca:e7:a8: c9:c6:ba:a5:c4:01:37:50:8f:32:e9:a9:09:fc:da:45:6d:45: 67:b7:0b:7c:86:d5:cc:f5:fd:21:89:16:26:24:5e:c0:49:45: 56:67:e7:e1:c4:8c:c3:f6:ac:e5:71:60:40:bc:b6:45:55:e3: 22:ff:d9:73:bf:3e:6d:c2:5c:22:8a:2a:77:29:e3:4c:29:c9: b3:75:47:28:08:03:04:e7:6e:f6:17:cd:93:d7:40:70:76:27: e1:53:66:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtB1zJCSZ1m5KxsSz1XWXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1 YTAwZjQwHhcNMjYwMjA5MTQwMDI2WhcNMjYwMjEwMTQwMDI2WjAzMTEwLwYDVQQD EyhhODhkN2E0YTFkNTdhNTk0Y2FhYzdhN2E2M2JhOTY0MTdhNmM5YmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsPNcHMHl5JhHm8jnxhz45TivEA+ 7aTf2mHULMYdSSV2vm/AR84tb5QEA5BujuGZDFXaF/vdG1gzEAhhQWr5PZGcZ/c3 J8N6hd7Z0ovocZUT56ZFQ8IHDturSlpA82tdRKnoKpThCymqWXoKEZY/1s1Gfwxd dLDB5Yqye+muQ6F0Ip5BjCcc+D3uXFE8jj+fRn89BjI0gfPhK8Ytdw1Wt7DIQX5G drIYLw3ZGbtbG5SYoo1GRVX7KvkenrlUcKkVIuSPXBK/plTnB6RkYoMGfaI6u0jH PMSnWi2n/V9nmWZ2vmYfkfcBYDX/Bu0oXxLkU2jBpUkRFwiaI6oQfT3oOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKiNekodV6WUyqx6emO6lkF6bJvhMB8GA1UdIwQY MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3 LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkhyceCm 3Z1HkhOhMolUcFSBg+DZGk+h0er9AizGN/EQkkRlaMe7BM8UBVm5WTQhUqz7gvnB SRNYwMoiRTfuxOzB+h2z2xufyI4Fmi7TwWEmMsavpmEWOjnpw2YxbsBYnJ3SNQUN 6hwpBjmdXwKcD4LC9vweIHYvEnewK2asIfnwnZs7cXQHzHoVAmf1AwS219y4/U2L uT4u3le74UEVyueoyca6pcQBN1CPMumpCfzaRW1FZ7cLfIbVzPX9IYkWJiRewElF Vmfn4cSMw/as5XFgQLy2RVXjIv/Zc78+bcJcIooqdynjTCnJs3VHKAgDBOdu9hfN k9dAcHYn4VNm3w== -----END CERTIFICATE-----Generated at Mon Feb 9 20:54:25 2026 by rpki-client