This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft File: tkDbwv_PXWNFicBEAV1xdcuv8-0.mft (raw, json) Hash identifier: LMqxu9adQbDwER5huUE6kZoBpUHSfZpYx158hezLrbk= Subject key identifier: 1F:0D:1E:0C:76:6D:F4:15:9D:AA:48:78:C6:CD:CA:8B:DE:69:3C:2E Authority key identifier: B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED Certificate issuer: /CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed Certificate serial: 019C41D84D5C871B73C31922E8B7BA8031B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft Manifest number: 12AE Signing time: Mon 09 Feb 2026 10:00:20 +0000 Manifest this update: Mon 09 Feb 2026 10:00:20 +0000 Manifest next update: Tue 10 Feb 2026 10:00:20 +0000 Files and hashes: 1: tkDbwv_PXWNFicBEAV1xdcuv8-0.crl (hash: 57gg68wXxoItUZYLoDV7yYAkDSeI+8wFvJ2b3fb1u+o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:d8:4d:5c:87:1b:73:c3:19:22:e8:b7:ba:80:31:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b640dbc2ffcf5d634589c044015d7175cbaff3ed Validity Not Before: Feb 9 10:00:20 2026 GMT Not After : Feb 10 10:00:20 2026 GMT Subject: CN=1f0d1e0c766df4159daa4878c6cdca8bde693c2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6c:90:16:85:de:2f:6a:fa:99:49:b8:9b:9b: 6a:7b:28:f3:d3:e7:e6:74:3e:f8:31:3e:f2:5b:db: 8d:fe:4c:e9:a3:aa:40:a8:18:01:c0:34:25:78:c0: c5:76:d2:e8:bd:c1:d3:20:86:b6:1e:16:6f:4f:1c: 7b:3c:4d:55:2f:81:c8:1f:54:a3:cb:1f:8f:44:35: 21:9a:cc:07:73:f7:5c:c0:bb:ad:96:dd:8b:d9:cd: 99:41:c3:45:06:86:c9:33:98:66:9a:c2:d5:22:98: 0a:77:84:e5:6e:85:66:3d:38:8d:6a:a4:7c:32:e1: d8:38:d3:c9:1c:97:9b:0e:ab:59:12:b1:6e:ae:67: 5c:bf:5b:3b:9e:6e:52:34:17:80:f3:1f:53:f1:0e: 1a:26:32:9e:c4:cb:85:74:78:ed:9d:0e:76:43:44: 59:97:fb:7e:28:c3:79:18:71:05:d7:c8:80:c7:67: f2:33:be:11:f6:bc:98:b1:64:3e:cd:2e:2c:7a:2f: c5:4e:5b:20:25:45:9b:61:81:6e:f2:55:3e:36:cf: 36:38:4c:58:d1:44:3a:b6:eb:b8:da:84:70:1f:0d: 8a:94:f8:2c:47:85:24:53:35:ad:d2:dc:13:48:15: 84:66:16:11:bf:f1:be:70:64:75:6d:be:8a:0e:9b: 66:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:0D:1E:0C:76:6D:F4:15:9D:AA:48:78:C6:CD:CA:8B:DE:69:3C:2E X509v3 Authority Key Identifier: keyid:B6:40:DB:C2:FF:CF:5D:63:45:89:C0:44:01:5D:71:75:CB:AF:F3:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkDbwv_PXWNFicBEAV1xdcuv8-0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/76768c-cd75-46a9-8d65-6cbb77baa02d/1/tkDbwv_PXWNFicBEAV1xdcuv8-0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:f4:41:56:34:da:e3:34:30:e8:78:90:e4:bb:55:18:67:f6: b3:12:d4:b8:41:fd:89:d9:f0:5b:10:e6:cc:c4:fa:d9:21:57: 33:42:43:27:9c:e7:14:4e:de:6d:f6:49:fc:55:60:9b:07:4b: 0a:bb:9a:d4:dc:43:2e:ea:ff:fc:fc:3c:b8:5d:fd:5e:fc:2c: a7:60:f9:82:59:f1:f2:16:9f:65:3f:78:5a:b1:fd:cb:02:0a: 7c:3f:64:ef:cf:70:d0:06:7b:5d:7a:66:56:e2:70:44:e9:d5: de:2b:58:29:6c:ee:b4:c0:0c:3f:d2:0e:1e:e2:e1:f2:d8:07: 42:3c:74:a6:54:9f:c8:5a:82:3e:04:06:c9:85:ab:af:ff:bf: 38:b7:fc:f3:ca:85:90:5a:78:06:c4:9a:de:47:85:35:7e:d8: fb:a4:8e:33:1f:42:a9:89:73:f9:ce:03:12:01:56:bd:7a:e4: c4:12:d6:2b:20:0e:65:5e:08:37:ca:b1:c5:ba:17:5f:0d:a5: a6:c8:e7:0a:a0:72:3e:ae:bc:25:fb:8f:72:46:42:fc:38:b4: 32:23:f4:14:1f:5b:03:f7:78:49:70:ec:9e:79:37:23:78:8b: 57:a2:1e:b6:63:78:0c:f3:47:4d:44:29:01:b0:64:39:2b:80: 4b:b1:94:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxB2E1chxtzwxki6Le6gDG1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2NDBkYmMyZmZjZjVkNjM0NTg5YzA0NDAxNWQ3MTc1Y2Jh ZmYzZWQwHhcNMjYwMjA5MTAwMDIwWhcNMjYwMjEwMTAwMDIwWjAzMTEwLwYDVQQD EygxZjBkMWUwYzc2NmRmNDE1OWRhYTQ4NzhjNmNkY2E4YmRlNjkzYzJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGyQFoXeL2r6mUm4m5tqeyjz0+fm dD74MT7yW9uN/kzpo6pAqBgBwDQleMDFdtLovcHTIIa2HhZvTxx7PE1VL4HIH1Sj yx+PRDUhmswHc/dcwLutlt2L2c2ZQcNFBobJM5hmmsLVIpgKd4TlboVmPTiNaqR8 MuHYONPJHJebDqtZErFurmdcv1s7nm5SNBeA8x9T8Q4aJjKexMuFdHjtnQ52Q0RZ l/t+KMN5GHEF18iAx2fyM74R9ryYsWQ+zS4sei/FTlsgJUWbYYFu8lU+Ns82OExY 0UQ6tuu42oRwHw2KlPgsR4UkUzWt0twTSBWEZhYRv/G+cGR1bb6KDptmbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB8NHgx2bfQVnapIeMbNyoveaTwuMB8GA1UdIwQY MBaAFLZA28L/z11jRYnARAFdcXXLr/PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUt NmNiYjc3YmFhMDJkLzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi83Njc2OGMtY2Q3NS00NmE5LThkNjUtNmNiYjc3YmFhMDJk LzEvdGtEYnd2X1BYV05GaWNCRUFWMXhkY3V2OC0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvRBVjTa 4zQw6HiQ5LtVGGf2sxLUuEH9idnwWxDmzMT62SFXM0JDJ5znFE7ebfZJ/FVgmwdL Crua1NxDLur//Pw8uF39Xvwsp2D5glnx8hafZT94WrH9ywIKfD9k789w0AZ7XXpm VuJwROnV3itYKWzutMAMP9IOHuLh8tgHQjx0plSfyFqCPgQGyYWrr/+/OLf888qF kFp4BsSa3keFNX7Y+6SOMx9CqYlz+c4DEgFWvXrkxBLWKyAOZV4IN8qxxboXXw2l psjnCqByPq68JfuPckZC/Di0MiP0FB9bA/d4SXDsnnk3I3iLV6IetmN4DPNHTUQp AbBkOSuAS7GUJA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:53:04 2026 by rpki-client