This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft File: h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json) Hash identifier: PzpFt4URgqbt1hWyRMEOyqDCsR2CjUVttg3u/SDSkfY= Subject key identifier: 6F:7C:CD:51:4E:26:90:54:D2:4A:69:FA:06:96:0E:EB:D6:ED:F0:02 Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 Certificate issuer: /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Certificate serial: 019C4321F312C1E1A48DDA827435B00811DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft Manifest number: 10D1 Signing time: Mon 09 Feb 2026 16:00:24 +0000 Manifest this update: Mon 09 Feb 2026 16:00:24 +0000 Manifest next update: Tue 10 Feb 2026 16:00:24 +0000 Files and hashes: 1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: 0cyMC/K9cfkD4pCXj60e7c1PVkJkTyAfNcQo/NAM4Cw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:f3:12:c1:e1:a4:8d:da:82:74:35:b0:08:11:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Validity Not Before: Feb 9 16:00:24 2026 GMT Not After : Feb 10 16:00:24 2026 GMT Subject: CN=6f7ccd514e269054d24a69fa06960eebd6edf002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:87:37:b8:14:0b:18:31:65:af:1b:fe:d3:da: d3:51:f4:db:53:d8:fd:bf:2b:fc:bd:af:fa:92:53: d0:5b:61:50:bc:5c:fe:82:da:35:95:d5:c1:a9:1d: 8c:60:55:42:5a:38:9d:d3:6e:a2:01:ba:ad:4c:14: d4:d2:3c:b2:1d:08:55:c7:4c:48:47:93:ae:a6:99: 48:40:13:36:89:e5:50:df:50:16:84:12:00:bf:53: 42:e0:dc:ec:df:cb:fd:24:6a:ea:2b:04:fd:ad:0d: 05:3a:06:d3:a8:21:63:d5:94:08:4c:f4:f3:94:d7: 34:ee:da:1e:64:43:1e:6a:80:cd:00:d6:db:22:07: 92:d7:ec:35:03:93:b7:b0:77:82:26:8f:1b:26:a8: 8c:4c:6a:7a:40:de:ca:7c:c1:49:e4:b8:ad:3c:88: 25:4c:cd:21:c5:a1:63:ef:c1:9a:a3:dc:53:5e:54: a0:0d:58:d5:72:cd:2a:cb:89:14:25:bf:e6:a6:98: ec:b0:41:b8:df:b4:7a:65:96:ab:4a:5a:d1:85:17: 32:ad:bc:dc:80:18:da:ac:07:30:cb:10:1d:5a:2e: 56:ba:14:4a:db:cb:ec:a3:27:35:50:73:08:66:c6: 63:15:00:8a:cc:4d:ab:c8:f9:22:b6:2e:c2:de:2e: a8:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:7C:CD:51:4E:26:90:54:D2:4A:69:FA:06:96:0E:EB:D6:ED:F0:02 X509v3 Authority Key Identifier: keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:e3:7b:4a:57:fa:7f:dd:50:db:64:ed:7c:91:ac:45:01:4e: f9:49:a8:14:36:8d:b1:ec:ca:56:11:c2:59:ef:08:b4:70:14: 81:b6:80:10:22:b5:a9:5c:4f:9b:f9:49:c1:35:6f:8c:b2:c7: 13:9f:79:dd:76:ab:61:5e:45:f6:cb:91:e6:05:52:41:dd:7b: ee:41:9e:b0:10:de:40:f4:0e:46:bb:24:cd:88:b6:52:9f:64: 6a:9a:3e:9d:44:5f:0d:3a:61:0d:a9:2c:19:ac:69:d4:49:80: bb:c7:2d:27:8f:05:9b:3b:06:4a:16:fa:d1:6a:80:bd:23:13: 71:8d:39:ce:a5:e9:12:8d:5e:93:6b:60:f7:75:09:7f:66:2b: 32:ff:54:f1:d0:df:00:a4:78:d6:6d:eb:e9:7d:e2:83:40:60: 0e:7e:5f:cb:c0:ce:d1:7d:0c:1d:b0:cf:6f:a7:f6:b6:ea:12: 31:3b:c5:32:2a:f4:80:c6:c9:58:50:2c:3a:83:a4:7c:89:b4: 92:47:6a:77:0f:61:8a:85:80:48:fc:23:6d:12:54:48:8a:f1: f6:62:83:d6:a6:29:d5:ab:42:51:58:20:4b:1c:e3:de:ca:90: 6d:7b:3d:86:d2:15:3f:1a:39:72:d7:2e:a2:58:f6:55:e2:21: 64:20:fe:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIfMSweGkjdqCdDWwCBHcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2 YzM3ZjMwHhcNMjYwMjA5MTYwMDI0WhcNMjYwMjEwMTYwMDI0WjAzMTEwLwYDVQQD Eyg2ZjdjY2Q1MTRlMjY5MDU0ZDI0YTY5ZmEwNjk2MGVlYmQ2ZWRmMDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4c3uBQLGDFlrxv+09rTUfTbU9j9 vyv8va/6klPQW2FQvFz+gto1ldXBqR2MYFVCWjid026iAbqtTBTU0jyyHQhVx0xI R5OupplIQBM2ieVQ31AWhBIAv1NC4Nzs38v9JGrqKwT9rQ0FOgbTqCFj1ZQITPTz lNc07toeZEMeaoDNANbbIgeS1+w1A5O3sHeCJo8bJqiMTGp6QN7KfMFJ5LitPIgl TM0hxaFj78Gao9xTXlSgDVjVcs0qy4kUJb/mppjssEG437R6ZZarSlrRhRcyrbzc gBjarAcwyxAdWi5WuhRK28vsoyc1UHMIZsZjFQCKzE2ryPkiti7C3i6oPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG98zVFOJpBU0kpp+gaWDuvW7fACMB8GA1UdIwQY MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuN7Slf6 f91Q22TtfJGsRQFO+UmoFDaNsezKVhHCWe8ItHAUgbaAECK1qVxPm/lJwTVvjLLH E5953XarYV5F9suR5gVSQd177kGesBDeQPQORrskzYi2Up9kapo+nURfDTphDaks Gaxp1EmAu8ctJ48FmzsGShb60WqAvSMTcY05zqXpEo1ek2tg93UJf2YrMv9U8dDf AKR41m3r6X3ig0BgDn5fy8DO0X0MHbDPb6f2tuoSMTvFMir0gMbJWFAsOoOkfIm0 kkdqdw9hioWASPwjbRJUSIrx9mKD1qYp1atCUVggSxzj3sqQbXs9htIVPxo5ctcu olj2VeIhZCD+dA== -----END CERTIFICATE-----Generated at Mon Feb 9 21:05:51 2026 by rpki-client