This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json) Hash identifier: 7EOUX8A/kHuOSa/7z5LeFAzFFo4xt75SXHE+CBMNsig= Subject key identifier: 39:62:58:A4:F9:39:1E:5D:8B:08:5A:3E:16:F7:60:00:DF:38:25:0A Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0 Certificate serial: 019C40FD11DF6B0B2767B6F00FE4EBFC94EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft Manifest number: 1811 Signing time: Mon 09 Feb 2026 06:00:52 +0000 Manifest this update: Mon 09 Feb 2026 06:00:52 +0000 Manifest next update: Tue 10 Feb 2026 06:00:52 +0000 Files and hashes: 1: FKPDUKEH3RWf-_A6oyRKO4_LVBY.roa (hash: hV9SiFdAv7sVh4TN2I3na70oOpO2IrQF3ksLQ7b5hl8=) 2: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: V0Eq5DL1EpOmAI9o5EdJby6/iGGYaGYSl2UXZh5kuwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:40:fd:11:df:6b:0b:27:67:b6:f0:0f:e4:eb:fc:94:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0 Validity Not Before: Feb 9 06:00:52 2026 GMT Not After : Feb 10 06:00:52 2026 GMT Subject: CN=396258a4f9391e5d8b085a3e16f76000df38250a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a7:50:15:c6:ab:7f:6d:38:e7:f8:53:69:1d: d0:a0:78:1c:92:ee:e5:5f:c0:b9:ae:41:b3:4d:3b: 84:21:bd:99:7c:a5:2b:6d:dc:df:f7:81:ce:11:91: c6:c3:67:4f:e4:4a:9f:b7:d8:ac:f3:4b:6f:ed:95: 6b:3e:24:e7:37:9f:0a:39:ed:32:25:f0:a0:17:d8: 14:4e:af:52:1c:52:ec:0c:7d:d1:52:1b:cc:f0:05: 1a:e5:8e:8b:36:b4:20:05:13:b0:b4:86:ab:f8:2f: e2:a5:56:19:d2:66:29:6e:74:15:fd:4e:6b:e9:63: 40:2b:4b:95:94:c5:0e:1a:df:15:22:81:6f:5c:68: 86:40:12:c8:cd:e1:1e:fb:75:86:9b:f1:b7:d2:d4: eb:35:08:67:39:20:25:9a:b2:64:b5:c9:da:81:c0: 4f:60:5e:50:5c:23:5a:a9:b9:84:4b:31:a2:59:bf: 94:25:50:a2:1a:7c:ac:d7:c2:1e:80:30:42:da:b6: 98:e7:c4:a5:8d:a1:7e:35:64:98:a5:b9:8b:f6:cb: e7:99:2c:d0:4d:0c:d3:9e:aa:3f:59:1f:01:ff:d2: 23:a2:61:73:c5:08:a0:ab:d0:0b:bd:78:04:c0:e5: 73:18:fb:7d:9a:f6:60:46:db:cb:e0:e0:81:47:d8: 76:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:62:58:A4:F9:39:1E:5D:8B:08:5A:3E:16:F7:60:00:DF:38:25:0A X509v3 Authority Key Identifier: keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:4a:96:fc:32:25:51:08:9b:95:1d:f5:6d:cc:0d:c5:34:87: 69:b4:bc:d5:28:37:89:3c:67:00:d0:b3:b1:6d:bc:56:2d:0f: 45:69:64:7b:df:a2:11:ad:57:c7:df:c0:fd:e8:df:c4:11:44: 37:9f:59:87:43:45:ab:7f:eb:98:2b:a5:d4:92:e9:83:9b:de: 30:8e:f4:ce:fb:73:fc:e4:cb:b1:31:d6:08:15:c7:f4:f5:dd: 1d:da:4a:8e:0e:24:26:d2:58:62:83:f5:3f:85:56:3e:a7:62: 41:34:b8:d6:81:16:4a:34:82:18:61:8b:c4:5c:f2:d6:44:9d: 7d:e1:b7:7d:50:47:4d:2a:95:cb:92:6b:d9:e3:b2:aa:62:17: bb:04:24:7a:c8:09:02:93:20:9b:c2:6b:1d:2a:a6:6c:f3:1f: 23:45:dd:49:7f:ca:56:74:ad:00:a9:bd:ed:c7:79:f9:03:87: 7e:cb:f7:86:bc:db:bf:5c:17:6a:77:fc:e0:02:f2:e2:6c:14: 4d:b5:e0:bf:41:55:1f:2d:4e:6d:d0:b2:28:20:5f:50:95:17: ee:96:f1:bd:6d:53:04:ef:6b:f0:05:03:22:4a:93:31:f9:63: f1:ec:ee:e3:6b:89:e7:af:c9:d3:b4:f3:36:42:63:96:d8:03: 94:fd:94:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxA/RHfawsnZ7bwD+Tr/JTqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1 NWRlZTAwHhcNMjYwMjA5MDYwMDUyWhcNMjYwMjEwMDYwMDUyWjAzMTEwLwYDVQQD EygzOTYyNThhNGY5MzkxZTVkOGIwODVhM2UxNmY3NjAwMGRmMzgyNTBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqdQFcarf2045/hTaR3QoHgcku7l X8C5rkGzTTuEIb2ZfKUrbdzf94HOEZHGw2dP5Eqft9is80tv7ZVrPiTnN58KOe0y JfCgF9gUTq9SHFLsDH3RUhvM8AUa5Y6LNrQgBROwtIar+C/ipVYZ0mYpbnQV/U5r 6WNAK0uVlMUOGt8VIoFvXGiGQBLIzeEe+3WGm/G30tTrNQhnOSAlmrJktcnagcBP YF5QXCNaqbmESzGiWb+UJVCiGnys18IegDBC2raY58SljaF+NWSYpbmL9svnmSzQ TQzTnqo/WR8B/9IjomFzxQigq9ALvXgEwOVzGPt9mvZgRtvL4OCBR9h2MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDliWKT5OR5diwhaPhb3YADfOCUKMB8GA1UdIwQY MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckqW/DIl UQiblR31bcwNxTSHabS81Sg3iTxnANCzsW28Vi0PRWlke9+iEa1Xx9/A/ejfxBFE N59Zh0NFq3/rmCul1JLpg5veMI70zvtz/OTLsTHWCBXH9PXdHdpKjg4kJtJYYoP1 P4VWPqdiQTS41oEWSjSCGGGLxFzy1kSdfeG3fVBHTSqVy5Jr2eOyqmIXuwQkesgJ ApMgm8JrHSqmbPMfI0XdSX/KVnStAKm97cd5+QOHfsv3hrzbv1wXanf84ALy4mwU TbXgv0FVHy1ObdCyKCBfUJUX7pbxvW1TBO9r8AUDIkqTMflj8ezu42uJ56/J07Tz NkJjltgDlP2UhA== -----END CERTIFICATE-----Generated at Mon Feb 9 17:00:58 2026 by rpki-client