This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft File: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft (raw, json) Hash identifier: GehthWM0d/cF081JmgyMa6W5eSmVdWQHLdFKTlj3pVg= Subject key identifier: 86:CF:A9:9C:95:8D:75:C5:9D:34:74:2B:A5:5E:5A:D4:29:8A:68:ED Authority key identifier: 06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4 Certificate issuer: /CN=066ba209c50c02a858b54308c82ae5bf302efaa4 Certificate serial: 019C4321EED4E9CE089F1AA43F6D887FA862 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft Manifest number: 14E1 Signing time: Mon 09 Feb 2026 16:00:23 +0000 Manifest this update: Mon 09 Feb 2026 16:00:23 +0000 Manifest next update: Tue 10 Feb 2026 16:00:23 +0000 Files and hashes: 1: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl (hash: afSGAr9+Pbkz8rQRGuyUzIX4QQMrSrl8w4yR84EH1no=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:ee:d4:e9:ce:08:9f:1a:a4:3f:6d:88:7f:a8:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=066ba209c50c02a858b54308c82ae5bf302efaa4 Validity Not Before: Feb 9 16:00:23 2026 GMT Not After : Feb 10 16:00:23 2026 GMT Subject: CN=86cfa99c958d75c59d34742ba55e5ad4298a68ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c4:d6:1e:72:88:bf:05:d3:49:65:ae:23:ee: 92:ae:f7:4e:33:26:df:04:0d:24:e0:fe:db:8c:35: 67:2c:8e:0e:bc:12:b5:15:45:e2:33:c2:37:92:5c: d3:57:43:00:04:be:26:fc:6d:db:4f:42:da:3e:b5: 84:a7:6c:71:5c:e0:f6:cc:f2:b4:07:a2:b0:de:9e: b4:3d:0b:b4:dd:6e:3f:cd:b1:2b:18:ea:a5:47:b6: c3:75:c3:1f:38:f6:f0:6d:20:d4:d7:6d:e3:70:91: cd:20:44:54:ed:9e:5a:8f:69:db:4b:ff:d9:ed:47: fd:c8:da:01:f5:6c:d6:df:0d:73:39:f0:3a:07:20: 0c:bf:c3:f0:5c:64:2d:bc:c3:32:99:31:ee:2e:99: 63:e8:ab:23:93:b7:66:bb:13:97:6e:1d:ba:1e:bb: 79:b5:3d:a3:62:18:3e:a9:5d:50:34:3d:f0:bb:3d: 86:a4:63:c9:62:25:35:55:e6:45:2b:bc:b6:b0:ed: df:87:4c:57:d5:3a:37:3d:e9:69:4d:17:43:41:0d: 47:3b:3a:0a:1f:29:a4:f7:26:6a:e0:f2:e0:54:a7: d2:66:41:9b:a4:b7:eb:fb:7d:60:70:81:fd:fa:c6: 44:b3:b3:61:94:7b:02:60:71:91:93:a8:31:3d:e1: e0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:CF:A9:9C:95:8D:75:C5:9D:34:74:2B:A5:5E:5A:D4:29:8A:68:ED X509v3 Authority Key Identifier: keyid:06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:b7:74:6f:36:5c:d3:5f:fb:3b:b5:74:6a:45:c6:60:24:cc: 5b:4c:25:d7:ba:a1:b7:e5:7c:db:b5:7f:45:96:cf:bd:4a:c7: 2f:1d:fc:c9:68:ee:3f:57:2b:40:2c:7d:14:74:45:1d:05:88: 23:59:10:b9:af:b6:c3:7d:ce:22:9f:20:52:e7:51:83:6d:1f: 78:de:a3:42:06:e9:3e:8b:7e:9a:a8:aa:df:01:ea:6d:a1:61: 2c:1e:c8:a0:4b:ae:fd:52:c9:f1:81:b1:f9:83:83:b7:f0:ab: 25:9c:e9:99:41:91:d8:e5:50:1a:c9:c0:b1:ee:b8:78:3f:83: 32:b8:51:9f:cb:63:ca:54:45:c6:17:9b:21:de:59:42:64:98: 14:49:4b:d6:0f:2b:3f:d6:95:d6:db:9e:72:02:cc:aa:7d:0a: e7:81:a2:8e:9a:f6:45:96:8f:f0:7a:5f:b5:b7:ef:aa:4b:a6: 53:fa:df:cd:7f:7e:99:f4:37:2b:a0:22:49:c6:04:94:e0:3d: ad:6a:92:ca:4a:57:65:0f:21:2b:68:37:6d:37:0a:d2:34:88: 20:11:2f:6a:e0:9e:42:5c:57:64:0e:3b:47:05:b3:df:cc:df: a3:ca:22:b4:dd:da:ce:8a:93:91:56:c4:4f:a6:d0:8c:db:73: a1:b7:5c:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIe7U6c4InxqkP22If6hiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NmJhMjA5YzUwYzAyYTg1OGI1NDMwOGM4MmFlNWJmMzAy ZWZhYTQwHhcNMjYwMjA5MTYwMDIzWhcNMjYwMjEwMTYwMDIzWjAzMTEwLwYDVQQD Eyg4NmNmYTk5Yzk1OGQ3NWM1OWQzNDc0MmJhNTVlNWFkNDI5OGE2OGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsTWHnKIvwXTSWWuI+6SrvdOMybf BA0k4P7bjDVnLI4OvBK1FUXiM8I3klzTV0MABL4m/G3bT0LaPrWEp2xxXOD2zPK0 B6Kw3p60PQu03W4/zbErGOqlR7bDdcMfOPbwbSDU123jcJHNIERU7Z5aj2nbS//Z 7Uf9yNoB9WzW3w1zOfA6ByAMv8PwXGQtvMMymTHuLplj6Ksjk7dmuxOXbh26Hrt5 tT2jYhg+qV1QND3wuz2GpGPJYiU1VeZFK7y2sO3fh0xX1To3PelpTRdDQQ1HOzoK Hymk9yZq4PLgVKfSZkGbpLfr+31gcIH9+sZEs7NhlHsCYHGRk6gxPeHgqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbPqZyVjXXFnTR0K6VeWtQpimjtMB8GA1UdIwQY MBaAFAZrognFDAKoWLVDCMgq5b8wLvqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYt OTNmZmVjNWMzYzgxLzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYtOTNmZmVjNWMzYzgx LzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw7d0bzZc 01/7O7V0akXGYCTMW0wl17qht+V827V/RZbPvUrHLx38yWjuP1crQCx9FHRFHQWI I1kQua+2w33OIp8gUudRg20feN6jQgbpPot+mqiq3wHqbaFhLB7IoEuu/VLJ8YGx +YODt/CrJZzpmUGR2OVQGsnAse64eD+DMrhRn8tjylRFxhebId5ZQmSYFElL1g8r P9aV1tuecgLMqn0K54Gijpr2RZaP8HpftbfvqkumU/rfzX9+mfQ3K6AiScYElOA9 rWqSykpXZQ8hK2g3bTcK0jSIIBEvauCeQlxXZA47RwWz38zfo8oitN3azoqTkVbE T6bQjNtzobdc7A== -----END CERTIFICATE-----Generated at Mon Feb 9 18:47:53 2026 by rpki-client