This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft File: xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json) Hash identifier: ElKFQk9edHEwryVr0iMxlxBniCfSOu4NUfd0k2jc0jQ= Subject key identifier: E3:15:BE:5A:08:05:CE:8C:F9:D1:E8:29:DE:A0:5D:64:FC:A8:AF:90 Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C Certificate issuer: /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Certificate serial: 019C43FE5268E596936DC32EFD2AC4C8FF57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft Manifest number: 154A Signing time: Mon 09 Feb 2026 20:01:06 +0000 Manifest this update: Mon 09 Feb 2026 20:01:06 +0000 Manifest next update: Tue 10 Feb 2026 20:01:06 +0000 Files and hashes: 1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: YC5cFymr3TbfHWqojmeStMMBfzi6qhoLoSBzL5+bdKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:fe:52:68:e5:96:93:6d:c3:2e:fd:2a:c4:c8:ff:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Validity Not Before: Feb 9 20:01:06 2026 GMT Not After : Feb 10 20:01:06 2026 GMT Subject: CN=e315be5a0805ce8cf9d1e829dea05d64fca8af90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:c3:5f:f1:ff:98:11:65:c7:f3:2a:4b:5a:83: 71:42:9c:ff:c5:2a:00:84:55:f4:96:75:89:96:6a: 36:e4:0e:5f:11:1e:13:a9:5d:93:18:d5:cb:6f:90: 11:da:9d:69:3f:51:7e:e4:da:1c:72:32:23:56:d3: 54:7f:fb:4a:c5:aa:4a:fd:e7:5e:14:73:cb:4b:8b: 4c:1e:39:2c:91:72:3b:3e:b8:39:8a:53:d6:6d:a7: db:8b:b6:ed:39:76:e0:7b:25:e4:c8:ff:c6:01:65: 72:52:39:d4:b7:18:69:b9:9d:2b:f1:05:e7:68:0d: 89:d2:9f:46:37:3d:b7:2a:34:d3:03:1b:42:51:c5: 57:75:85:0c:40:4c:0c:75:06:64:ab:63:98:70:55: fa:62:20:ed:7e:71:71:7b:1d:46:22:e0:6b:76:be: 0e:d5:b1:8e:65:b3:20:79:37:bb:6c:ad:f8:3a:7f: 8c:93:a2:34:32:4a:55:30:0c:9b:d2:ac:16:96:a2: 43:d7:1e:73:45:60:52:f6:16:45:e9:12:41:c6:97: 22:4a:b9:58:ed:10:4f:af:77:81:a3:c4:ce:05:5f: ed:bc:f1:3c:be:a9:7a:27:f7:98:f6:37:9b:66:42: b8:ab:2f:f7:dc:3b:fa:f4:b6:ba:91:0d:bb:c9:ad: eb:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:15:BE:5A:08:05:CE:8C:F9:D1:E8:29:DE:A0:5D:64:FC:A8:AF:90 X509v3 Authority Key Identifier: keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:6b:6e:fd:ff:c7:ed:2b:4f:d7:96:c8:9d:ff:8e:58:94:bb: f4:6f:3e:b3:5a:8c:3d:58:0c:48:78:ba:d6:8a:3e:cc:b7:3b: 4d:72:88:ca:e7:2d:44:20:ab:aa:d9:74:e6:07:6b:33:13:30: 86:2d:c3:07:06:10:d2:1f:8f:f1:22:4e:1c:aa:4d:e6:77:c1: 6b:c9:ed:a0:b3:83:fd:61:42:c3:34:09:2e:cf:fe:64:f9:d0: f1:4f:9f:0d:bd:d8:af:cd:e5:bb:00:a1:59:65:8f:0b:e8:65: 2b:9b:ff:23:24:16:e0:79:9d:68:8c:de:5d:c8:cc:16:0b:f1: 81:93:92:cb:e6:cb:e2:27:27:27:cc:1d:bd:ef:88:b0:03:c0: 71:82:ac:fc:46:d4:eb:26:5b:b5:60:06:0d:af:29:05:6c:f2: c8:00:0a:14:6b:3b:32:32:a7:05:e1:59:03:dd:fa:87:bb:72: aa:b3:66:70:33:63:a5:bd:08:9b:5d:75:e1:18:0d:f3:ea:85: 38:38:b8:a7:92:97:34:81:89:7c:a3:82:ad:5c:5a:1a:3b:53: 74:7d:03:6f:b3:1b:12:9c:4d:b9:61:0e:db:c1:0c:96:03:64: 0f:16:14:7f:a0:11:0d:2a:67:8b:a9:34:fe:e0:49:51:06:e3: 11:8b:7e:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxD/lJo5ZaTbcMu/SrEyP9XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx YTFiN2MwHhcNMjYwMjA5MjAwMTA2WhcNMjYwMjEwMjAwMTA2WjAzMTEwLwYDVQQD EyhlMzE1YmU1YTA4MDVjZThjZjlkMWU4MjlkZWEwNWQ2NGZjYThhZjkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcNf8f+YEWXH8ypLWoNxQpz/xSoA hFX0lnWJlmo25A5fER4TqV2TGNXLb5AR2p1pP1F+5NoccjIjVtNUf/tKxapK/ede FHPLS4tMHjkskXI7Prg5ilPWbafbi7btOXbgeyXkyP/GAWVyUjnUtxhpuZ0r8QXn aA2J0p9GNz23KjTTAxtCUcVXdYUMQEwMdQZkq2OYcFX6YiDtfnFxex1GIuBrdr4O 1bGOZbMgeTe7bK34On+Mk6I0MkpVMAyb0qwWlqJD1x5zRWBS9hZF6RJBxpciSrlY 7RBPr3eBo8TOBV/tvPE8vql6J/eY9jebZkK4qy/33Dv69La6kQ27ya3rpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOMVvloIBc6M+dHoKd6gXWT8qK+QMB8GA1UdIwQY MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2 LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWtu/f/H 7StP15bInf+OWJS79G8+s1qMPVgMSHi61oo+zLc7TXKIyuctRCCrqtl05gdrMxMw hi3DBwYQ0h+P8SJOHKpN5nfBa8ntoLOD/WFCwzQJLs/+ZPnQ8U+fDb3Yr83luwCh WWWPC+hlK5v/IyQW4HmdaIzeXcjMFgvxgZOSy+bL4icnJ8wdve+IsAPAcYKs/EbU 6yZbtWAGDa8pBWzyyAAKFGs7MjKnBeFZA936h7tyqrNmcDNjpb0Im1114RgN8+qF ODi4p5KXNIGJfKOCrVxaGjtTdH0Db7MbEpxNuWEO28EMlgNkDxYUf6ARDSpni6k0 /uBJUQbjEYt+iQ== -----END CERTIFICATE-----Generated at Tue Feb 10 01:45:21 2026 by rpki-client