This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft File: Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json) Hash identifier: I9eWENuFJf6swbhXqOJNRXvrF6kQbJjeP1otDGju3Rk= Subject key identifier: 2D:C6:68:08:9E:79:69:82:5A:5C:1B:AE:D7:BF:5A:39:B6:B2:ED:70 Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF Certificate issuer: /CN=43938a3de803bd6c91f14ad967bd4141b8a028af Certificate serial: 019C420FD1A53021EE15AEA38323098CAE6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft Manifest number: 1530 Signing time: Mon 09 Feb 2026 11:00:58 +0000 Manifest this update: Mon 09 Feb 2026 11:00:58 +0000 Manifest next update: Tue 10 Feb 2026 11:00:58 +0000 Files and hashes: 1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: 7wROyT+ltVzy8mG5H2WL6NGc8xAICmPx13kPi1ViMGw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:d1:a5:30:21:ee:15:ae:a3:83:23:09:8c:ae:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af Validity Not Before: Feb 9 11:00:58 2026 GMT Not After : Feb 10 11:00:58 2026 GMT Subject: CN=2dc668089e7969825a5c1baed7bf5a39b6b2ed70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:8f:a2:8c:1f:cb:28:c4:fd:bc:39:34:d0:bc: 71:bd:15:8d:2f:4a:0e:77:74:58:36:64:68:1e:61: 23:d2:50:a7:54:e8:86:dd:95:ea:8d:65:31:27:7e: 61:e8:b6:9d:c5:fb:d9:0c:5b:29:9e:60:bd:71:3b: 9a:6c:70:cd:16:cd:6c:a9:93:ea:3a:4d:c8:bb:51: ec:08:c6:d3:b5:be:2d:d4:a6:e1:8c:6d:4c:7f:1d: ca:cb:c8:84:d5:56:ac:08:20:6d:0e:e7:c5:b0:55: a0:2f:7f:32:48:86:64:41:30:17:e7:04:cc:b9:db: 9c:1e:de:fe:c2:51:6e:c2:13:8f:e0:1c:0a:d8:d3: b1:41:bc:4a:fa:c5:72:73:0c:a2:ad:fb:81:c5:9b: a3:79:ac:52:3c:17:cb:b2:d6:c8:64:78:36:08:9b: 35:62:6c:99:d1:8a:cc:9a:3a:da:5b:e6:70:d7:80: eb:e6:a4:0c:af:ab:1d:d0:be:cc:6e:d9:dc:00:3a: ac:4d:da:6a:06:64:8e:f9:f0:ab:54:fd:01:53:cb: 66:b9:18:54:5c:77:47:6a:4d:1c:85:23:4f:d1:47: a5:9d:00:03:10:33:c7:13:ed:a4:49:9d:55:cf:5e: 23:8b:97:84:39:bf:52:50:e6:a9:3d:a5:df:f9:c5: 71:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C6:68:08:9E:79:69:82:5A:5C:1B:AE:D7:BF:5A:39:B6:B2:ED:70 X509v3 Authority Key Identifier: keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:cb:43:e2:fc:2f:d2:fb:c3:c4:63:d9:76:c8:20:4a:00:df: 5a:25:0b:eb:01:ec:2f:e5:39:80:09:03:ba:b2:03:05:3a:15: e4:fc:f7:3e:01:2e:74:76:0a:b8:bd:52:83:38:29:f7:ff:d5: 53:81:a4:c4:7b:5b:57:97:36:77:7d:c8:06:b5:fb:75:67:e4: 29:7f:93:9b:3a:e9:ad:87:ce:f6:db:51:5d:2e:ea:ea:95:94: 56:04:8e:72:7e:a3:47:c0:d8:ed:9d:f2:b8:ae:df:b4:57:ab: a6:c1:92:7a:de:1e:3e:e5:96:fa:5c:7a:b8:13:31:f9:a7:65: 13:82:de:93:e9:ee:4e:11:34:27:a5:c4:f5:25:f8:35:10:db: 80:45:85:32:e6:ab:57:7c:d8:70:51:16:3e:f9:16:a6:8c:a5: ad:77:c8:ea:6e:8b:2b:cf:ed:6c:42:3a:67:87:f6:81:c8:58: 04:7a:0e:14:8b:ed:ee:f7:c5:30:d3:50:26:10:b2:82:6d:45: b7:ca:d6:26:24:5e:e0:21:05:b3:38:41:6f:83:5f:06:81:13: c7:ae:d0:f2:14:63:42:2a:71:69:0d:a9:a1:15:e1:67:90:32: 5a:fd:c2:20:bd:13:0c:85:17:86:8a:b7:fc:86:b7:c3:2a:b1: 3b:22:90:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD9GlMCHuFa6jgyMJjK5uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh MDI4YWYwHhcNMjYwMjA5MTEwMDU4WhcNMjYwMjEwMTEwMDU4WjAzMTEwLwYDVQQD EygyZGM2NjgwODllNzk2OTgyNWE1YzFiYWVkN2JmNWEzOWI2YjJlZDcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY+ijB/LKMT9vDk00LxxvRWNL0oO d3RYNmRoHmEj0lCnVOiG3ZXqjWUxJ35h6LadxfvZDFspnmC9cTuabHDNFs1sqZPq Ok3Iu1HsCMbTtb4t1KbhjG1Mfx3Ky8iE1VasCCBtDufFsFWgL38ySIZkQTAX5wTM uducHt7+wlFuwhOP4BwK2NOxQbxK+sVycwyirfuBxZujeaxSPBfLstbIZHg2CJs1 YmyZ0YrMmjraW+Zw14Dr5qQMr6sd0L7MbtncADqsTdpqBmSO+fCrVP0BU8tmuRhU XHdHak0chSNP0UelnQADEDPHE+2kSZ1Vz14ji5eEOb9SUOapPaXf+cVxQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC3GaAieeWmCWlwbrte/Wjm2su1wMB8GA1UdIwQY MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5 LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhstD4vwv 0vvDxGPZdsggSgDfWiUL6wHsL+U5gAkDurIDBToV5Pz3PgEudHYKuL1Sgzgp9//V U4GkxHtbV5c2d33IBrX7dWfkKX+TmzrprYfO9ttRXS7q6pWUVgSOcn6jR8DY7Z3y uK7ftFerpsGSet4ePuWW+lx6uBMx+adlE4Lek+nuThE0J6XE9SX4NRDbgEWFMuar V3zYcFEWPvkWpoylrXfI6m6LK8/tbEI6Z4f2gchYBHoOFIvt7vfFMNNQJhCygm1F t8rWJiRe4CEFszhBb4NfBoETx67Q8hRjQipxaQ2poRXhZ5AyWv3CIL0TDIUXhoq3 /Ia3wyqxOyKQ7w== -----END CERTIFICATE-----Generated at Mon Feb 9 16:56:31 2026 by rpki-client