This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json) Hash identifier: 8VfuYA8cRs+grI/Qaf6tbijnvgEs9m4iOHoCKsRA3NQ= Subject key identifier: 96:60:F3:97:1A:9F:20:CA:1B:FF:44:A6:B4:EA:F9:D1:C7:3A:FB:C6 Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Certificate serial: 019C4321E6E9805A7361DC63693715081F04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft Manifest number: 0834 Signing time: Mon 09 Feb 2026 16:00:21 +0000 Manifest this update: Mon 09 Feb 2026 16:00:21 +0000 Manifest next update: Tue 10 Feb 2026 16:00:21 +0000 Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: fJUCp6F4ygHktL0VRVCO0nabLlzep0naPorcUkfxkvo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:e6:e9:80:5a:73:61:dc:63:69:37:15:08:1f:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Validity Not Before: Feb 9 16:00:21 2026 GMT Not After : Feb 10 16:00:21 2026 GMT Subject: CN=9660f3971a9f20ca1bff44a6b4eaf9d1c73afbc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c9:68:6c:cb:70:eb:f0:1f:62:48:fc:41:76: b6:97:d8:41:bf:36:c6:c3:90:56:9a:9b:b6:88:34: 76:23:51:10:2d:45:e9:5d:e4:f0:0a:10:e7:98:a6: 78:01:16:5c:1a:42:65:cb:5b:1e:91:99:7d:0e:d5: 15:88:68:f9:7f:81:16:b2:8b:84:8b:4f:6e:51:cd: 2b:23:89:e4:6d:c8:f6:27:ee:a6:94:d3:1e:78:75: 48:8c:b6:3f:29:64:96:d8:21:32:75:57:fd:01:f9: c1:6e:e2:8c:44:37:25:34:6e:c3:12:c9:58:00:81: cf:3b:17:15:fc:9e:39:3f:e9:de:4f:a7:ee:d7:e0: 9a:d7:2e:34:da:36:c4:a2:0b:a0:87:23:6b:9d:21: b8:fa:fc:34:ca:c7:ff:14:27:85:19:08:8a:ae:a5: 6c:5b:16:d6:d9:15:ae:47:f1:41:84:15:65:a4:57: c4:ee:24:47:cb:67:43:52:d4:3b:3d:70:88:1f:69: fc:54:67:90:8c:4c:a6:d4:79:95:5a:a8:f3:bf:b4: 6e:10:17:70:b4:69:c6:65:84:50:bf:b0:4e:08:e9: c7:d9:d4:fd:ce:f3:a1:e0:ee:f1:7e:a4:5c:33:49: 03:4b:a1:96:29:ec:10:b4:7e:2e:46:76:9e:e4:21: bd:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:60:F3:97:1A:9F:20:CA:1B:FF:44:A6:B4:EA:F9:D1:C7:3A:FB:C6 X509v3 Authority Key Identifier: keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:bd:21:f6:a6:01:3e:1b:9d:1f:0f:ba:ff:65:d2:3e:c6:a1: 1b:d3:58:53:80:8b:17:cc:72:64:90:f9:74:32:fe:99:f5:24: 48:32:ed:bf:ea:ed:cb:c9:4c:a2:f8:47:7b:75:6b:33:27:91: e8:d2:ce:b6:2b:fa:87:7a:d9:00:18:14:1a:b7:93:e7:71:98: 7b:c0:ac:24:5e:9b:5d:66:d8:12:37:07:95:16:8d:f7:ff:90: 52:95:c1:b4:5f:ab:28:ba:ab:a3:ef:cd:1f:67:41:a4:22:1a: 80:86:26:d6:5a:a0:e1:bd:1f:42:f4:ae:a2:cc:98:6f:39:0a: c5:9c:3e:87:c8:57:da:19:2c:fb:4a:af:1a:22:28:ba:1d:2c: 6d:8d:bb:49:20:e5:01:91:49:41:61:2d:c4:73:e8:0d:24:6a: 39:25:43:0b:60:9a:79:05:4e:6b:07:12:c0:30:f1:85:33:40: 40:a0:d1:a1:bf:0f:f6:74:5a:a8:6b:7d:09:5e:0f:a8:4b:d8: bc:0e:d7:d5:68:c6:20:38:23:65:26:a5:5d:47:c6:e9:18:58: 72:57:6b:f6:e0:5e:83:8c:bb:d5:32:0b:5f:85:00:0b:d9:79: 52:12:24:67:b0:88:3a:ab:e6:0d:3f:15:2e:41:71:5e:5f:06: 90:b4:b5:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIebpgFpzYdxjaTcVCB8EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk OTZhNGEwHhcNMjYwMjA5MTYwMDIxWhcNMjYwMjEwMTYwMDIxWjAzMTEwLwYDVQQD Eyg5NjYwZjM5NzFhOWYyMGNhMWJmZjQ0YTZiNGVhZjlkMWM3M2FmYmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3slobMtw6/AfYkj8QXa2l9hBvzbG w5BWmpu2iDR2I1EQLUXpXeTwChDnmKZ4ARZcGkJly1sekZl9DtUViGj5f4EWsouE i09uUc0rI4nkbcj2J+6mlNMeeHVIjLY/KWSW2CEydVf9AfnBbuKMRDclNG7DEslY AIHPOxcV/J45P+neT6fu1+Ca1y402jbEogughyNrnSG4+vw0ysf/FCeFGQiKrqVs WxbW2RWuR/FBhBVlpFfE7iRHy2dDUtQ7PXCIH2n8VGeQjEym1HmVWqjzv7RuEBdw tGnGZYRQv7BOCOnH2dT9zvOh4O7xfqRcM0kDS6GWKewQtH4uRnae5CG9FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJZg85canyDKG/9EprTq+dHHOvvGMB8GA1UdIwQY MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0 LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZb0h9qYB PhudHw+6/2XSPsahG9NYU4CLF8xyZJD5dDL+mfUkSDLtv+rty8lMovhHe3VrMyeR 6NLOtiv6h3rZABgUGreT53GYe8CsJF6bXWbYEjcHlRaN9/+QUpXBtF+rKLqro+/N H2dBpCIagIYm1lqg4b0fQvSuosyYbzkKxZw+h8hX2hks+0qvGiIouh0sbY27SSDl AZFJQWEtxHPoDSRqOSVDC2CaeQVOawcSwDDxhTNAQKDRob8P9nRaqGt9CV4PqEvY vA7X1WjGIDgjZSalXUfG6RhYcldr9uBeg4y71TILX4UAC9l5UhIkZ7CIOqvmDT8V LkFxXl8GkLS1Iw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:33:54 2026 by rpki-client