This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json) Hash identifier: t8EXCe39qMLDgoEzb1WZyq4v+GpCZEo1qGMUW+vwDNk= Subject key identifier: 99:5D:8E:70:62:16:B1:28:CF:58:D2:DF:5C:C4:92:24:49:B9:5D:DC Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81 Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81 Certificate serial: 019C43223B73DDE3C9791CA49E6CFED7BE75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft Manifest number: 1810 Signing time: Mon 09 Feb 2026 16:00:42 +0000 Manifest this update: Mon 09 Feb 2026 16:00:42 +0000 Manifest next update: Tue 10 Feb 2026 16:00:42 +0000 Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: FHinfMAmUtPg2paR26th7mL89wO83US7wugneR45giY=) 2: R1HqNhBgcIe-3oW62MxdKjDKqQw.roa (hash: qEknwbkXeioT3cO8P3jelWto+d9dLLFAHoISR08x8Pc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:3b:73:dd:e3:c9:79:1c:a4:9e:6c:fe:d7:be:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81 Validity Not Before: Feb 9 16:00:42 2026 GMT Not After : Feb 10 16:00:42 2026 GMT Subject: CN=995d8e706216b128cf58d2df5cc4922449b95ddc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:65:50:1f:f5:9b:17:d4:2c:22:f8:47:93:ae: 79:9d:4f:7f:a4:3b:b8:0b:61:45:42:02:a9:03:1f: bb:e9:d8:97:cb:92:1a:62:16:14:12:e1:a0:32:5e: b1:6c:4a:f2:36:da:cb:45:5f:c3:b4:c5:8e:8a:bc: 07:fa:ca:67:79:33:d5:c5:2c:a8:2d:50:66:af:ca: 59:50:35:04:55:c2:22:9b:be:c9:a4:d8:44:3a:97: 3e:c9:de:32:79:f1:63:fc:e8:df:e8:e5:eb:ea:76: 5a:ca:e5:f3:9b:b1:1b:02:f1:db:85:d6:68:70:1f: ca:05:a3:fe:6c:49:60:05:a5:c3:48:31:c7:ed:33: 52:be:2a:4f:ea:72:85:37:ec:b3:06:cc:94:da:a2: 28:9c:16:fa:48:9f:61:2a:df:30:ef:c6:66:c2:39: 88:7e:46:04:d3:79:8d:11:da:64:83:e1:7a:ff:18: 34:3d:16:b8:cd:1c:60:f6:17:57:84:ee:8c:a0:7b: cc:4c:e8:8d:df:92:9e:df:53:07:e4:21:8c:52:9e: 17:ca:0d:03:d3:20:0f:5f:10:78:e0:16:36:c4:be: a5:27:76:ad:db:93:cf:91:af:e0:92:f8:e8:72:65: 7f:41:f6:71:e6:be:8f:80:93:6e:0f:f0:4d:1d:28: a8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:5D:8E:70:62:16:B1:28:CF:58:D2:DF:5C:C4:92:24:49:B9:5D:DC X509v3 Authority Key Identifier: keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:bb:82:9f:d6:22:a9:4e:cc:59:9c:78:eb:8a:72:44:02:d8: 84:1a:4b:b4:78:7e:e4:3e:6e:1f:c4:44:ff:9c:b0:4b:b1:6e: dc:08:29:14:71:7e:22:bb:78:2f:49:ab:fe:ae:ae:8a:e6:a3: d1:c2:b6:43:67:44:94:7e:fa:7f:75:2b:34:7c:66:f4:34:8a: 5e:36:12:03:97:c8:36:7f:08:51:e8:eb:80:f8:87:98:22:a8: d8:65:bb:64:e6:35:4f:62:b3:ef:d7:4e:4a:cd:a5:d8:a9:f7: 94:f9:44:bb:ed:b8:11:95:ea:82:31:21:b7:1a:7c:2a:6c:c9: 06:58:70:25:44:9b:1a:9b:fc:14:17:ad:9c:4b:e7:1d:f3:75: fd:2e:ae:04:ca:a3:9b:3d:7f:58:1c:27:1a:47:10:91:2e:9a: 37:2a:3e:0a:8c:47:93:aa:a9:77:59:1a:cb:1e:5a:96:10:83: 98:1b:29:e3:8c:2a:cf:54:82:c8:9e:ee:20:08:a8:80:25:fc: 73:45:bc:02:e2:f7:6c:f9:d0:91:8c:1f:36:7d:75:b3:57:43: e5:12:c0:a9:eb:2d:0e:4e:a1:fc:47:d4:e1:72:6b:02:09:f3: 67:8e:ad:90:26:f7:af:eb:ba:cd:7c:f3:df:fe:a9:7b:02:84: 72:16:52:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIjtz3ePJeRyknmz+1751MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm Y2JlODEwHhcNMjYwMjA5MTYwMDQyWhcNMjYwMjEwMTYwMDQyWjAzMTEwLwYDVQQD Eyg5OTVkOGU3MDYyMTZiMTI4Y2Y1OGQyZGY1Y2M0OTIyNDQ5Yjk1ZGRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGVQH/WbF9QsIvhHk655nU9/pDu4 C2FFQgKpAx+76diXy5IaYhYUEuGgMl6xbEryNtrLRV/DtMWOirwH+spneTPVxSyo LVBmr8pZUDUEVcIim77JpNhEOpc+yd4yefFj/Ojf6OXr6nZayuXzm7EbAvHbhdZo cB/KBaP+bElgBaXDSDHH7TNSvipP6nKFN+yzBsyU2qIonBb6SJ9hKt8w78ZmwjmI fkYE03mNEdpkg+F6/xg0PRa4zRxg9hdXhO6MoHvMTOiN35Ke31MH5CGMUp4Xyg0D 0yAPXxB44BY2xL6lJ3at25PPka/gkvjocmV/QfZx5r6PgJNuD/BNHSioXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJldjnBiFrEoz1jS31zEkiRJuV3cMB8GA1UdIwQY MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbuCn9Yi qU7MWZx464pyRALYhBpLtHh+5D5uH8RE/5ywS7Fu3AgpFHF+Irt4L0mr/q6uiuaj 0cK2Q2dElH76f3UrNHxm9DSKXjYSA5fINn8IUejrgPiHmCKo2GW7ZOY1T2Kz79dO Ss2l2Kn3lPlEu+24EZXqgjEhtxp8KmzJBlhwJUSbGpv8FBetnEvnHfN1/S6uBMqj mz1/WBwnGkcQkS6aNyo+CoxHk6qpd1kayx5alhCDmBsp44wqz1SCyJ7uIAiogCX8 c0W8AuL3bPnQkYwfNn11s1dD5RLAqestDk6h/EfU4XJrAgnzZ46tkCb3r+u6zXzz 3/6pewKEchZSkQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:38 2026 by rpki-client