This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft File: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft (raw, json) Hash identifier: mtU1xwzgSA2LSoLcLsIf5gDCE7imnRZeYZCG3QkiBRw= Subject key identifier: 05:96:89:86:43:47:81:2A:83:A3:AF:CF:67:A1:DD:71:4F:28:10:EE Authority key identifier: 31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B Certificate issuer: /CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b Certificate serial: 019C43907FD92D487A7CD8D8F2FE3BCC2D1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft Manifest number: 0B01 Signing time: Mon 09 Feb 2026 18:01:09 +0000 Manifest this update: Mon 09 Feb 2026 18:01:09 +0000 Manifest next update: Tue 10 Feb 2026 18:01:09 +0000 Files and hashes: 1: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl (hash: Ap1bthF/k7LFz/0KUMNAp66LR7qsBrsb0yR8Pvw6N4k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:7f:d9:2d:48:7a:7c:d8:d8:f2:fe:3b:cc:2d:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b Validity Not Before: Feb 9 18:01:09 2026 GMT Not After : Feb 10 18:01:09 2026 GMT Subject: CN=059689864347812a83a3afcf67a1dd714f2810ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:15:2e:be:b5:4a:da:c9:27:cf:44:aa:f7:6d: 58:5a:f4:1e:7f:99:17:37:1a:be:71:78:30:80:b4: 50:50:01:6c:bc:0a:98:6f:d6:34:8a:30:25:4a:35: 73:b6:65:08:37:1c:78:ac:67:11:91:60:57:87:40: 54:12:60:f6:26:4a:9f:0f:bd:31:dd:59:cb:3a:e8: 50:2f:a1:81:2c:f4:36:84:b9:c3:10:a4:c7:6c:2a: 6f:0f:eb:d2:d2:ad:44:03:dd:47:60:43:36:77:e3: e4:ff:05:3b:33:90:52:67:bc:7b:f2:72:0d:00:bf: 18:cc:b7:46:e1:4b:ff:48:45:0d:74:01:f5:36:67: 21:32:eb:3a:39:e6:e7:6b:be:4b:41:92:7e:bf:30: 81:6f:fd:15:c7:65:be:c3:9c:d6:28:2f:3f:d1:b7: a7:32:f4:b1:b2:b0:da:95:ab:2a:78:57:d0:00:59: 8b:03:0e:c5:31:72:9e:5a:e7:3c:d3:10:69:a1:6c: 8f:1d:e0:ec:51:ba:3f:88:29:a2:a0:4f:46:ed:94: 63:cb:b4:24:e9:60:c5:2f:02:5c:4c:a6:3e:a4:aa: 35:17:ba:2f:b2:46:98:24:53:3e:6b:fa:d4:32:73: e1:7c:ed:0d:d9:33:bd:49:75:bd:e8:a0:a3:30:69: b0:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:96:89:86:43:47:81:2A:83:A3:AF:CF:67:A1:DD:71:4F:28:10:EE X509v3 Authority Key Identifier: keyid:31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:c1:e9:de:0e:3b:ce:79:51:92:96:3e:aa:af:e4:78:42:ff: f3:08:12:7f:90:4b:f0:ce:3d:2a:fb:37:f1:da:5b:af:4b:af: b3:7e:69:1d:4a:96:2e:ee:de:72:e9:52:ee:92:96:7a:02:90: 21:6d:5e:44:76:d2:8e:40:71:c3:3e:34:23:06:d3:ab:4c:56: 4f:a9:f3:69:3f:4a:cb:67:e7:e0:18:90:78:14:4b:4d:06:ea: a3:e8:06:52:9a:03:43:f9:39:f4:2c:04:e0:c4:05:b4:97:57: 13:0d:ee:eb:8a:26:51:8b:c4:0a:76:51:7c:ca:46:4e:c0:fd: 7f:f3:a4:35:27:e6:fd:15:84:4b:53:de:02:1e:d4:5c:f8:8b: 15:77:6f:ee:7f:ed:bc:db:fe:e6:d3:34:0e:a7:90:20:1a:67: 7f:84:29:0a:89:2a:05:7b:1d:3b:c6:20:6c:13:bd:22:ad:f0: e7:b3:fc:4d:d3:50:99:49:b8:32:ef:88:68:4a:8f:d5:65:ea: c8:37:15:dc:8b:04:93:d6:40:78:71:89:29:8a:65:7b:03:a7: fc:de:07:77:7b:b5:f8:27:34:05:5f:af:b0:42:68:8f:ad:25: 7a:e7:f9:26:1e:8a:be:29:61:f7:d0:2a:5d:32:a3:6c:81:fe: 9e:c7:30:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkH/ZLUh6fNjY8v47zC0aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYjE2MjFjZTI4Y2JiZmVmMDM4YWJkNzU0OWZjNmNiNTBl NzExNmIwHhcNMjYwMjA5MTgwMTA5WhcNMjYwMjEwMTgwMTA5WjAzMTEwLwYDVQQD EygwNTk2ODk4NjQzNDc4MTJhODNhM2FmY2Y2N2ExZGQ3MTRmMjgxMGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhUuvrVK2sknz0Sq921YWvQef5kX Nxq+cXgwgLRQUAFsvAqYb9Y0ijAlSjVztmUINxx4rGcRkWBXh0BUEmD2JkqfD70x 3VnLOuhQL6GBLPQ2hLnDEKTHbCpvD+vS0q1EA91HYEM2d+Pk/wU7M5BSZ7x78nIN AL8YzLdG4Uv/SEUNdAH1NmchMus6Oebna75LQZJ+vzCBb/0Vx2W+w5zWKC8/0ben MvSxsrDalasqeFfQAFmLAw7FMXKeWuc80xBpoWyPHeDsUbo/iCmioE9G7ZRjy7Qk 6WDFLwJcTKY+pKo1F7ovskaYJFM+a/rUMnPhfO0N2TO9SXW96KCjMGmwMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAWWiYZDR4Eqg6Ovz2eh3XFPKBDuMB8GA1UdIwQY MBaAFDGxYhzijLv+8Dir11SfxstQ5xFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQt NjYxNDYzMjcyM2I5LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQtNjYxNDYzMjcyM2I5 LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcHp3g47 znlRkpY+qq/keEL/8wgSf5BL8M49Kvs38dpbr0uvs35pHUqWLu7eculS7pKWegKQ IW1eRHbSjkBxwz40IwbTq0xWT6nzaT9Ky2fn4BiQeBRLTQbqo+gGUpoDQ/k59CwE 4MQFtJdXEw3u64omUYvECnZRfMpGTsD9f/OkNSfm/RWES1PeAh7UXPiLFXdv7n/t vNv+5tM0DqeQIBpnf4QpCokqBXsdO8YgbBO9Iq3w57P8TdNQmUm4Mu+IaEqP1WXq yDcV3IsEk9ZAeHGJKYplewOn/N4Hd3u1+Cc0BV+vsEJoj60leuf5Jh6Kvilh99Aq XTKjbIH+nscwbg== -----END CERTIFICATE-----Generated at Mon Feb 9 22:41:34 2026 by rpki-client