This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft File: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json) Hash identifier: c5khDUH9+fX6Edgt1l/lYWZkyJMB6aaKP01a09xa6b0= Subject key identifier: B3:21:5F:B2:BA:7C:7E:EC:EF:4F:16:55:0A:9F:6E:B5:E1:BF:B8:F0 Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 Certificate issuer: /CN=3541e9d600daab653543725cf1f9cf988b50d879 Certificate serial: 019C41A1594F8BDA9EE01B093DF5F9AAA4A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft Manifest number: 0C71 Signing time: Mon 09 Feb 2026 09:00:19 +0000 Manifest this update: Mon 09 Feb 2026 09:00:19 +0000 Manifest next update: Tue 10 Feb 2026 09:00:19 +0000 Files and hashes: 1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: n0aTnJDVXyc7RdTu25Q9Ou/avVaDOrQv7d2GkX/uztA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a1:59:4f:8b:da:9e:e0:1b:09:3d:f5:f9:aa:a4:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879 Validity Not Before: Feb 9 09:00:19 2026 GMT Not After : Feb 10 09:00:19 2026 GMT Subject: CN=b3215fb2ba7c7eecef4f16550a9f6eb5e1bfb8f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:41:19:62:93:e9:cd:f1:c8:2b:05:7f:8f:49: 92:d3:b6:fc:18:c2:13:35:ec:94:6c:50:78:7d:11: a6:a7:fb:03:3f:22:18:0c:f5:8e:23:d6:fe:cd:ff: 41:cb:c2:b1:8f:16:cb:af:c8:92:70:86:54:2d:6a: 66:b8:c4:c5:c1:a1:af:6d:04:56:61:69:37:05:84: 02:61:93:bc:bd:95:39:68:4b:de:ab:73:d5:01:85: 43:64:8e:95:b8:2a:fd:3b:b8:e2:76:9d:7a:2d:df: cb:43:2e:68:eb:45:c7:48:d8:2e:67:fe:9b:6d:9b: e1:07:9b:9a:26:d0:a2:2d:cf:52:28:bd:5d:26:0d: 7d:dc:e1:0a:35:db:ad:96:81:84:7e:05:7f:fb:0d: 21:94:e9:0f:72:82:b9:e1:46:47:c8:62:8c:58:28: c2:f8:53:4a:e7:d8:c3:1a:97:d5:a7:65:d6:29:89: 20:54:94:79:8a:b6:7d:39:74:2f:ad:43:69:07:46: 64:38:35:9f:94:34:50:f6:ba:50:ba:7c:63:95:3e: fa:28:e0:b1:b8:76:7a:de:35:26:27:ff:8d:ac:b0: c0:a6:44:40:24:62:19:82:24:ff:14:cc:de:9d:0e: 9e:ee:c5:39:8f:33:1b:5d:52:08:0e:86:d0:a3:e3: 85:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:21:5F:B2:BA:7C:7E:EC:EF:4F:16:55:0A:9F:6E:B5:E1:BF:B8:F0 X509v3 Authority Key Identifier: keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:1b:c1:0a:b5:4e:53:bc:58:d3:34:cf:41:d2:09:11:ac:0e: a1:0c:4d:82:7a:cf:71:1e:f3:bb:3c:8f:d7:61:92:f1:42:f8: 0b:b6:3c:f8:a6:3e:5e:ff:2e:dd:2e:41:4f:34:4e:b9:ef:8b: a1:ee:86:a3:b9:e6:a3:5b:a4:4b:37:2b:a8:50:be:2c:6d:c2: 92:d9:29:9c:98:cb:34:50:f8:fc:07:46:44:58:43:92:8f:be: 30:bc:4f:0e:1f:b2:88:1f:3f:4c:6a:44:ce:56:a1:62:f1:f6: 67:a8:06:23:25:c3:f3:e3:12:87:ac:27:e2:a2:fe:83:86:73: 7e:c1:1d:f9:e3:5e:9e:1a:5a:1d:9f:7a:4f:5e:6c:a4:9e:3a: b3:8a:75:e8:36:33:b7:e5:c8:42:41:cf:9a:d3:ef:ae:13:80: fd:6b:d0:80:d8:92:3e:f7:62:c5:63:1a:75:a5:05:3e:73:a1: 4a:2f:90:eb:dc:83:ca:b8:f6:47:e3:5e:d4:a3:61:60:ac:0d: 0a:1e:0f:7f:04:7b:b3:4c:0e:e7:ce:a8:95:e7:9a:39:bf:b1: f4:fa:e2:36:f6:17:fe:3a:7a:a3:b1:35:b2:ec:45:02:44:29: 4e:9c:67:68:29:c2:e8:f5:e2:c6:1b:ca:77:9a:dd:09:f9:a1: 3f:4a:bd:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBoVlPi9qe4BsJPfX5qqSiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1 MGQ4NzkwHhcNMjYwMjA5MDkwMDE5WhcNMjYwMjEwMDkwMDE5WjAzMTEwLwYDVQQD EyhiMzIxNWZiMmJhN2M3ZWVjZWY0ZjE2NTUwYTlmNmViNWUxYmZiOGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kEZYpPpzfHIKwV/j0mS07b8GMIT NeyUbFB4fRGmp/sDPyIYDPWOI9b+zf9By8KxjxbLr8iScIZULWpmuMTFwaGvbQRW YWk3BYQCYZO8vZU5aEveq3PVAYVDZI6VuCr9O7jidp16Ld/LQy5o60XHSNguZ/6b bZvhB5uaJtCiLc9SKL1dJg193OEKNdutloGEfgV/+w0hlOkPcoK54UZHyGKMWCjC +FNK59jDGpfVp2XWKYkgVJR5irZ9OXQvrUNpB0ZkODWflDRQ9rpQunxjlT76KOCx uHZ63jUmJ/+NrLDApkRAJGIZgiT/FMzenQ6e7sU5jzMbXVIIDobQo+OFYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLMhX7K6fH7s708WVQqfbrXhv7jwMB8GA1UdIwQY MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBvBCrVO U7xY0zTPQdIJEawOoQxNgnrPcR7zuzyP12GS8UL4C7Y8+KY+Xv8u3S5BTzROue+L oe6Go7nmo1ukSzcrqFC+LG3CktkpnJjLNFD4/AdGRFhDko++MLxPDh+yiB8/TGpE zlahYvH2Z6gGIyXD8+MSh6wn4qL+g4ZzfsEd+eNenhpaHZ96T15spJ46s4p16DYz t+XIQkHPmtPvrhOA/WvQgNiSPvdixWMadaUFPnOhSi+Q69yDyrj2R+Ne1KNhYKwN Ch4PfwR7s0wO586oleeaOb+x9PriNvYX/jp6o7E1suxFAkQpTpxnaCnC6PXixhvK d5rdCfmhP0q9jA== -----END CERTIFICATE-----Generated at Mon Feb 9 16:54:53 2026 by rpki-client