This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft File: 3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json) Hash identifier: RbpnnMbhVvs8R4awU5qgGT476PPs+NeFwvpcgr8Fkg4= Subject key identifier: 5D:EF:FD:B2:01:3D:6A:40:87:F4:AF:66:6F:72:07:42:6C:44:5C:42 Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84 Certificate issuer: /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984 Certificate serial: 019C427DC10076B50EB0E9984F7E8DCBA013 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft Manifest number: 0411 Signing time: Mon 09 Feb 2026 13:01:03 +0000 Manifest this update: Mon 09 Feb 2026 13:01:03 +0000 Manifest next update: Tue 10 Feb 2026 13:01:03 +0000 Files and hashes: 1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: KRrFHn0tm14navlcH3anOCepuywWEIa/0mZjLhTnrVA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:c1:00:76:b5:0e:b0:e9:98:4f:7e:8d:cb:a0:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984 Validity Not Before: Feb 9 13:01:03 2026 GMT Not After : Feb 10 13:01:03 2026 GMT Subject: CN=5deffdb2013d6a4087f4af666f7207426c445c42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:93:f9:4f:db:40:0b:e3:d7:86:24:7b:0a:b5: ec:a7:9f:dd:82:2a:d9:a3:3d:df:90:b7:fe:eb:0e: 44:9b:27:9a:32:ff:76:66:3c:e9:9f:3d:62:02:ae: b7:fd:7d:13:84:26:8a:81:dd:0c:f4:e2:cf:a7:6c: e2:22:a1:cf:8d:7c:6c:93:32:ab:ac:a6:a2:67:84: 53:18:01:01:c4:16:d2:10:37:b4:ec:5b:1c:32:4e: 7a:42:87:c2:99:8c:9d:a8:57:8f:9e:64:3d:90:fe: 9b:e2:b8:c9:73:01:5b:6b:88:ff:e1:66:ff:4a:ee: ac:16:12:81:0a:34:04:1f:79:12:54:dd:a3:6d:f1: 49:7b:b3:b5:f2:64:58:02:79:c1:2f:dd:46:27:96: 56:98:c1:38:33:89:bd:75:12:4c:01:ee:8b:6c:07: 05:f0:05:cd:b8:85:64:9d:fa:51:40:20:4e:63:64: d5:fe:58:5b:43:b6:4c:58:80:14:b8:60:97:ca:dd: 1a:b0:f2:7a:26:de:67:14:ff:49:23:1b:cf:8d:32: c0:98:41:e6:74:35:53:15:f1:fb:f2:e4:2c:a6:ca: fa:df:81:15:42:16:52:71:00:ff:87:18:7b:c8:95: b4:17:0d:fb:21:1d:98:1a:27:1e:de:6e:50:36:17: 66:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:EF:FD:B2:01:3D:6A:40:87:F4:AF:66:6F:72:07:42:6C:44:5C:42 X509v3 Authority Key Identifier: keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:d5:e0:ea:0e:aa:26:6d:2f:e4:be:85:42:d8:43:64:cc:23: 21:ac:07:22:4d:a7:70:ec:e1:b1:aa:43:0f:fc:4e:51:a4:37: e3:73:f3:e7:3a:3c:dd:32:a8:85:a4:26:38:f9:88:3d:74:f7: fd:34:6d:a4:b8:8c:58:e9:fd:2a:63:8a:4c:5a:7b:7e:a7:6b: 39:b6:78:b6:03:ce:80:fe:e4:fd:53:8f:ad:6f:0d:27:a4:04: 4f:dd:01:2b:08:e6:ee:6a:40:e6:a3:72:a0:0e:1f:e6:98:b1: 40:71:2c:89:3e:a2:54:c6:d9:83:ca:61:2f:9e:8a:5d:41:63: 39:b3:2c:d8:b5:58:d6:2b:ef:e0:24:a7:49:50:59:fa:0c:06: fa:97:8a:e0:7a:3d:a7:f3:3a:6f:18:27:81:99:bf:0b:b2:af: 2a:86:ba:33:56:45:c8:8c:e7:fd:ce:21:11:6c:53:2a:d3:93: 79:b5:db:04:25:ec:72:ec:5d:4a:41:26:1e:33:8c:32:2e:da: 90:fe:25:d3:08:8a:50:01:74:93:35:92:c0:67:d4:83:31:34: e9:5e:00:f7:f4:e6:12:5b:05:c8:c4:4c:46:41:73:88:cf:38: 9c:0b:c4:c4:ca:2a:d1:c9:c5:e9:d0:3c:ca:81:ac:ee:14:7a: 2c:c4:8e:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfcEAdrUOsOmYT36Ny6ATMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm M2M5ODQwHhcNMjYwMjA5MTMwMTAzWhcNMjYwMjEwMTMwMTAzWjAzMTEwLwYDVQQD Eyg1ZGVmZmRiMjAxM2Q2YTQwODdmNGFmNjY2ZjcyMDc0MjZjNDQ1YzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZP5T9tAC+PXhiR7CrXsp5/dgirZ oz3fkLf+6w5EmyeaMv92Zjzpnz1iAq63/X0ThCaKgd0M9OLPp2ziIqHPjXxskzKr rKaiZ4RTGAEBxBbSEDe07FscMk56QofCmYydqFePnmQ9kP6b4rjJcwFba4j/4Wb/ Su6sFhKBCjQEH3kSVN2jbfFJe7O18mRYAnnBL91GJ5ZWmME4M4m9dRJMAe6LbAcF 8AXNuIVknfpRQCBOY2TV/lhbQ7ZMWIAUuGCXyt0asPJ6Jt5nFP9JIxvPjTLAmEHm dDVTFfH78uQspsr634EVQhZScQD/hxh7yJW0Fw37IR2YGice3m5QNhdmkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF3v/bIBPWpAh/SvZm9yB0JsRFxCMB8GA1UdIwQY MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0 LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtXg6g6q Jm0v5L6FQthDZMwjIawHIk2ncOzhsapDD/xOUaQ343Pz5zo83TKohaQmOPmIPXT3 /TRtpLiMWOn9KmOKTFp7fqdrObZ4tgPOgP7k/VOPrW8NJ6QET90BKwjm7mpA5qNy oA4f5pixQHEsiT6iVMbZg8phL56KXUFjObMs2LVY1ivv4CSnSVBZ+gwG+peK4Ho9 p/M6bxgngZm/C7KvKoa6M1ZFyIzn/c4hEWxTKtOTebXbBCXscuxdSkEmHjOMMi7a kP4l0wiKUAF0kzWSwGfUgzE06V4A9/TmElsFyMRMRkFziM84nAvExMoq0cnF6dA8 yoGs7hR6LMSOtA== -----END CERTIFICATE-----Generated at Mon Feb 9 23:57:42 2026 by rpki-client