This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft File: qOeaWm0FfybaCYxi-R31ExEa7a0.mft (raw, json) Hash identifier: sD5+XmJrClZgWiIa4vErgmennoLMeKrkV8VZs+i6EIQ= Subject key identifier: 89:3B:C6:09:6D:E5:2F:63:F7:D7:C7:72:36:95:F1:CA:00:65:15:4A Authority key identifier: A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD Certificate issuer: /CN=a8e79a5a6d057f26da098c62f91df513111aedad Certificate serial: 019C43227E83A5160D1A854A5641055B8ADA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft Manifest number: 02C4 Signing time: Mon 09 Feb 2026 16:00:59 +0000 Manifest this update: Mon 09 Feb 2026 16:00:59 +0000 Manifest next update: Tue 10 Feb 2026 16:00:59 +0000 Files and hashes: 1: qOeaWm0FfybaCYxi-R31ExEa7a0.crl (hash: JAOS0p59/qID4FxR7KNuRwVKQ0OJxWIeOaWRA22ENgM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:7e:83:a5:16:0d:1a:85:4a:56:41:05:5b:8a:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8e79a5a6d057f26da098c62f91df513111aedad Validity Not Before: Feb 9 16:00:59 2026 GMT Not After : Feb 10 16:00:59 2026 GMT Subject: CN=893bc6096de52f63f7d7c7723695f1ca0065154a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:3d:66:d8:da:c6:b0:39:09:49:1c:3a:6a:07: 67:7c:dc:3c:48:48:70:9e:8b:74:6b:e5:aa:f6:e4: 65:5e:28:9d:23:22:0f:52:08:13:83:94:bf:1a:82: 3e:c9:b2:ae:d6:71:15:02:31:c2:b0:d9:43:99:6d: 8f:89:9b:a2:43:4d:0f:c0:c9:b7:8d:c5:8a:5a:dc: 93:01:7b:8c:e0:31:e9:41:f4:9b:1b:96:ad:11:5c: 1a:78:a1:cd:71:37:3d:13:fc:bb:90:17:2b:6d:5e: 06:2b:93:ec:4a:4f:1d:ce:83:77:6a:62:6a:8a:01: 6f:b2:66:3d:a6:c7:67:a0:51:90:e7:8c:19:4a:e9: fe:37:bf:1e:47:90:68:d6:e4:a8:a6:c8:fb:af:d4: 25:14:c7:ce:29:25:c8:27:6b:38:e4:97:38:41:48: ec:1a:a0:e0:bf:9b:19:e2:65:98:55:2f:ff:ce:30: 3c:ec:82:ab:c4:22:62:48:9a:64:a2:b2:37:88:bb: 70:8e:a9:ed:c7:7b:bc:47:a2:41:4a:10:a2:b4:77: 87:6d:07:2d:e9:fd:9b:e7:ff:71:44:0b:4b:58:97: 91:f5:63:da:1c:be:b7:e4:85:14:70:ad:cc:30:37: 1e:37:f8:d0:0c:34:db:3f:ae:24:81:f8:9d:4f:24: b8:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3B:C6:09:6D:E5:2F:63:F7:D7:C7:72:36:95:F1:CA:00:65:15:4A X509v3 Authority Key Identifier: keyid:A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:64:f9:be:29:70:09:11:51:35:33:46:be:90:ef:e5:05:16: 99:98:24:20:77:ca:0d:b8:3b:17:9d:04:07:a8:85:16:37:0d: 76:49:f0:bf:91:31:a5:d0:cb:15:d6:73:3e:48:e3:16:69:62: 19:80:a5:82:7e:5d:74:7b:b4:44:86:9e:dd:c1:70:4d:2f:f1: db:83:8f:c4:ec:a4:57:b0:c3:e4:21:6b:f0:65:06:93:81:3f: e9:f1:9e:66:29:53:3e:99:f1:3e:e4:ab:7e:15:70:96:f9:84: c4:1e:d3:77:6d:ab:30:38:89:3d:1e:89:25:9a:5f:ec:74:da: bd:c4:b6:de:44:6a:96:5c:00:80:29:a6:4a:25:fd:55:b2:53: 28:85:b6:5b:7d:64:97:b4:6b:6f:41:0e:3f:f9:5a:d7:bc:56: 82:fc:d3:bf:4a:f1:d2:5a:21:2a:66:84:f3:82:8e:3c:06:1b: 94:fc:7f:3f:08:a5:cd:c4:a5:c0:b2:75:db:0a:f1:55:9d:01: 56:ba:4c:81:e0:09:33:ed:1d:57:98:8a:d0:90:16:d7:c4:da: a0:9e:39:e9:88:ea:8f:3d:51:f7:02:c4:43:3a:b4:2e:90:ba: 34:05:22:fb:40:9c:95:5a:70:58:e0:93:77:7f:0f:e0:e1:27: 1b:38:eb:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIn6DpRYNGoVKVkEFW4raMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4ZTc5YTVhNmQwNTdmMjZkYTA5OGM2MmY5MWRmNTEzMTEx YWVkYWQwHhcNMjYwMjA5MTYwMDU5WhcNMjYwMjEwMTYwMDU5WjAzMTEwLwYDVQQD Eyg4OTNiYzYwOTZkZTUyZjYzZjdkN2M3NzIzNjk1ZjFjYTAwNjUxNTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD1m2NrGsDkJSRw6agdnfNw8SEhw not0a+Wq9uRlXiidIyIPUggTg5S/GoI+ybKu1nEVAjHCsNlDmW2PiZuiQ00PwMm3 jcWKWtyTAXuM4DHpQfSbG5atEVwaeKHNcTc9E/y7kBcrbV4GK5PsSk8dzoN3amJq igFvsmY9psdnoFGQ54wZSun+N78eR5Bo1uSopsj7r9QlFMfOKSXIJ2s45Jc4QUjs GqDgv5sZ4mWYVS//zjA87IKrxCJiSJpkorI3iLtwjqntx3u8R6JBShCitHeHbQct 6f2b5/9xRAtLWJeR9WPaHL635IUUcK3MMDceN/jQDDTbP64kgfidTyS4PQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIk7xglt5S9j99fHcjaV8coAZRVKMB8GA1UdIwQY MBaAFKjnmlptBX8m2gmMYvkd9RMRGu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAt ZWNjZGFjOGI2YTk4LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAtZWNjZGFjOGI2YTk4 LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWT5vilw CRFRNTNGvpDv5QUWmZgkIHfKDbg7F50EB6iFFjcNdknwv5ExpdDLFdZzPkjjFmli GYClgn5ddHu0RIae3cFwTS/x24OPxOykV7DD5CFr8GUGk4E/6fGeZilTPpnxPuSr fhVwlvmExB7Td22rMDiJPR6JJZpf7HTavcS23kRqllwAgCmmSiX9VbJTKIW2W31k l7Rrb0EOP/la17xWgvzTv0rx0lohKmaE84KOPAYblPx/PwilzcSlwLJ12wrxVZ0B VrpMgeAJM+0dV5iK0JAW18TaoJ456Yjqjz1R9wLEQzq0LpC6NAUi+0CclVpwWOCT d38P4OEnGzjrFw== -----END CERTIFICATE-----Generated at Mon Feb 9 22:33:32 2026 by rpki-client