This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft File: Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft (raw, json) Hash identifier: 9n7TGhkuVCWVfQDkZ2acbj0aVnRz1qVFDawI9KAG71M= Subject key identifier: AA:D2:D3:6D:EB:8C:45:64:D3:7B:E0:AE:8D:76:8E:8B:BF:7E:EE:5E Authority key identifier: 2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED Certificate issuer: /CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Certificate serial: 019C427D9B618F122D851D62E7A5B573C248 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft Manifest number: 0403 Signing time: Mon 09 Feb 2026 13:00:53 +0000 Manifest this update: Mon 09 Feb 2026 13:00:53 +0000 Manifest next update: Tue 10 Feb 2026 13:00:53 +0000 Files and hashes: 1: Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl (hash: a1WiUPLzXaXJAsVMcWVtqVbfxqjvBGaWugUCDk2/p6U=) 2: bHxNQUrJC8Eh62QodMXQrjbnmgg.roa (hash: 1d3ZqMZQAbRLtC6TZNo/vpwZQcPk90gTwtcmQgBCgII=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:9b:61:8f:12:2d:85:1d:62:e7:a5:b5:73:c2:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Validity Not Before: Feb 9 13:00:53 2026 GMT Not After : Feb 10 13:00:53 2026 GMT Subject: CN=aad2d36deb8c4564d37be0ae8d768e8bbf7eee5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:de:ec:8a:14:0f:86:a0:33:c1:14:03:87:e5: ca:b5:94:97:41:5b:55:7b:d5:10:5e:f0:21:db:1b: c0:ab:f3:18:06:71:16:32:30:ad:8b:79:ec:bc:eb: 90:a6:93:3a:4a:f5:75:3d:e1:46:5c:0f:b7:cd:10: 28:6c:8c:e2:8e:57:c0:39:8c:07:8d:13:c5:0a:39: 1d:28:4c:fe:87:49:bd:a6:b7:e6:7a:8a:04:60:ed: 76:33:36:63:8d:a8:c8:33:1d:4a:a3:fc:03:53:68: 70:26:a5:de:52:38:2f:59:29:ed:b6:b0:1e:75:b6: 4e:1b:08:ae:ba:52:27:3d:54:81:df:3d:1e:48:fc: a9:06:b0:b6:f5:1e:1c:d9:1b:87:e5:d2:bc:c2:c6: 86:e9:57:2f:ad:2f:f6:be:6b:8c:c4:c5:ca:e5:27: fd:4c:52:8d:61:5a:81:58:36:23:3a:2e:e6:65:cd: 16:7e:17:cc:0d:9f:5b:8f:4e:b4:b4:1a:a0:13:18: 6a:72:1e:53:40:a3:1c:58:4f:3b:c2:ae:5c:23:5d: b2:5f:d7:5e:1f:a9:0f:c0:8a:0e:e2:c7:8a:5b:67: 50:03:24:ea:bc:06:99:95:9b:dc:04:7c:a0:0b:98: f5:99:8d:6a:65:f1:2c:de:76:ad:5f:09:a7:d2:b1: 6f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:D2:D3:6D:EB:8C:45:64:D3:7B:E0:AE:8D:76:8E:8B:BF:7E:EE:5E X509v3 Authority Key Identifier: keyid:2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:e7:26:69:16:6f:69:1b:40:b5:80:68:bd:d2:00:37:04:9c: 5b:26:a6:e1:1c:c9:2e:42:99:32:d2:62:f3:29:5a:e3:bf:f1: 33:27:36:70:e8:5f:37:2d:e3:5e:3a:a9:8f:74:91:73:40:0f: 9d:66:0e:ca:de:5c:a1:1a:ca:13:1c:94:4b:2f:fb:bc:f2:f2: b9:8a:6c:09:28:00:8a:f0:51:61:40:17:9d:e3:12:15:fa:6b: ae:8a:e5:c5:12:c8:e7:1e:cb:a3:3b:28:c0:6c:f2:90:83:8e: b2:46:64:a8:28:93:b4:46:d6:8b:ad:74:3c:fb:95:bb:c7:f1: ee:af:91:99:ed:95:80:3a:13:ba:f9:ea:9f:ef:ab:e4:13:2a: 32:6f:63:0f:73:8b:69:41:0e:07:52:82:ce:c7:0b:08:72:0a: 7d:68:53:e2:16:59:90:42:d8:fc:f3:95:1c:f7:c1:fe:19:37: 74:94:65:02:06:36:cb:64:eb:8a:1f:28:b0:9d:e2:e3:b8:9b: 73:f6:91:bc:1f:45:f5:5e:39:35:12:23:92:2d:a3:b2:ac:b8: a1:4f:20:2b:f6:50:d4:14:1d:a6:b2:fd:9d:d4:89:9a:1d:3f: 9e:3d:05:10:37:9c:3a:a9:6d:9e:b6:df:0d:71:e4:f0:d5:02: 64:b6:0c:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfZthjxIthR1i56W1c8JIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiM2Y2ZmE5ZjAzNzc2NWU3NGJkZjJhYzgyY2NiYWJjN2U0 ZmM4ZWQwHhcNMjYwMjA5MTMwMDUzWhcNMjYwMjEwMTMwMDUzWjAzMTEwLwYDVQQD EyhhYWQyZDM2ZGViOGM0NTY0ZDM3YmUwYWU4ZDc2OGU4YmJmN2VlZTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq97sihQPhqAzwRQDh+XKtZSXQVtV e9UQXvAh2xvAq/MYBnEWMjCti3nsvOuQppM6SvV1PeFGXA+3zRAobIzijlfAOYwH jRPFCjkdKEz+h0m9prfmeooEYO12MzZjjajIMx1Ko/wDU2hwJqXeUjgvWSnttrAe dbZOGwiuulInPVSB3z0eSPypBrC29R4c2RuH5dK8wsaG6VcvrS/2vmuMxMXK5Sf9 TFKNYVqBWDYjOi7mZc0WfhfMDZ9bj060tBqgExhqch5TQKMcWE87wq5cI12yX9de H6kPwIoO4seKW2dQAyTqvAaZlZvcBHygC5j1mY1qZfEs3natXwmn0rFvBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKrS023rjEVk03vgro12jou/fu5eMB8GA1UdIwQY MBaAFCs/b6nwN3ZedL3yrILMurx+T8jtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAt NWMwMGZjZDczNjE5LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAtNWMwMGZjZDczNjE5 LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKucmaRZv aRtAtYBovdIANwScWyam4RzJLkKZMtJi8yla47/xMyc2cOhfNy3jXjqpj3SRc0AP nWYOyt5coRrKExyUSy/7vPLyuYpsCSgAivBRYUAXneMSFfprrorlxRLI5x7Lozso wGzykIOOskZkqCiTtEbWi610PPuVu8fx7q+Rme2VgDoTuvnqn++r5BMqMm9jD3OL aUEOB1KCzscLCHIKfWhT4hZZkELY/POVHPfB/hk3dJRlAgY2y2Trih8osJ3i47ib c/aRvB9F9V45NRIjki2jsqy4oU8gK/ZQ1BQdprL9ndSJmh0/nj0FEDecOqltnrbf DXHk8NUCZLYMgg== -----END CERTIFICATE-----Generated at Mon Feb 9 22:19:32 2026 by rpki-client