This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft File: KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json) Hash identifier: pHyhxQHi9CwnGoTJHnqR/thRU5bH1CyCEU2RsGAHL2A= Subject key identifier: C9:EC:1D:CD:12:3B:36:E2:C3:85:C3:C5:AD:23:8B:0B:3B:34:88:E7 Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61 Certificate issuer: /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061 Certificate serial: 019C420F55EFA40072D30C054B68AB8AA726 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft Manifest number: 02E4 Signing time: Mon 09 Feb 2026 11:00:27 +0000 Manifest this update: Mon 09 Feb 2026 11:00:27 +0000 Manifest next update: Tue 10 Feb 2026 11:00:27 +0000 Files and hashes: 1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: /KuVzW3bQzQmSteZzgACT7ApqIYidsWck3h3EoM5uz0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:0f:55:ef:a4:00:72:d3:0c:05:4b:68:ab:8a:a7:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061 Validity Not Before: Feb 9 11:00:27 2026 GMT Not After : Feb 10 11:00:27 2026 GMT Subject: CN=c9ec1dcd123b36e2c385c3c5ad238b0b3b3488e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:25:c1:aa:3b:33:10:f6:8d:fe:3f:e0:92:24: a2:9b:cc:c7:79:0a:9e:c3:a0:5a:2b:6f:8e:69:70: 4f:46:a4:28:c9:b6:39:f3:8b:d4:8c:fb:95:b4:4f: 91:f7:af:54:1d:96:21:2a:34:8f:86:3c:a3:75:1a: 2e:ba:f3:35:b8:01:d5:9f:2f:82:98:69:df:b7:93: da:e2:38:bd:b9:ff:fe:34:f4:f5:03:f6:40:94:10: 10:b3:41:ba:68:6d:36:88:00:b0:1f:0a:8e:a9:ba: 82:89:48:cf:10:9e:b0:25:db:4b:09:1a:36:45:85: c3:02:b5:a0:cc:a0:98:b7:cf:64:a3:94:1d:23:d2: bd:ba:f2:76:4a:b3:d8:9f:29:49:b2:c8:9a:d7:a2: 9a:5c:32:e0:5f:f5:4d:76:fc:a6:b5:d0:38:d7:db: b4:e3:c9:5f:69:93:73:49:4b:09:d4:45:09:d6:2d: 8b:27:da:91:08:6d:b8:54:27:68:0e:82:29:fb:da: 6f:3b:1f:8b:8a:37:ad:96:2a:97:d8:14:7f:3f:0a: 56:71:24:09:66:34:81:4f:2a:55:67:fc:56:29:8d: 4a:d3:ce:67:7d:ae:c3:07:83:99:b9:7a:46:95:e3: 6d:f9:82:a7:ea:9f:df:d6:c7:c2:1d:80:6d:a6:ce: e5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:EC:1D:CD:12:3B:36:E2:C3:85:C3:C5:AD:23:8B:0B:3B:34:88:E7 X509v3 Authority Key Identifier: keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:a8:02:74:9c:f1:02:35:4c:95:1a:a1:c3:da:37:0d:cc:39: 1e:50:e5:69:7d:1d:d9:c5:a6:9e:fe:82:6a:1c:c9:35:51:9e: 6e:c0:0f:7f:2e:d3:a0:dc:a9:ec:66:d3:70:d0:9a:d7:e1:29: b8:07:45:54:78:ba:c7:ab:48:30:fa:33:e5:e6:24:51:15:a5: 6b:63:db:fd:43:1b:13:41:ba:dc:5d:01:2a:d0:63:3e:b6:3d: d1:dc:4c:1b:e9:5a:c2:4c:62:1c:f0:db:0e:e1:0f:e0:a4:6e: ef:8c:81:50:87:da:91:13:a2:c7:0c:bd:4f:e1:a4:ad:21:5f: ea:39:b0:ba:94:95:9e:e7:3b:87:21:41:9c:c8:ca:c5:94:65: bd:04:25:28:0e:f7:53:9c:bf:b2:61:a5:98:33:d6:4d:20:fd: 7b:c2:31:ac:c4:a1:78:21:b0:17:5c:ee:e9:fb:a5:7f:35:63: ee:73:68:67:42:c8:88:54:6a:c6:66:aa:9e:48:d9:10:3d:9f: 02:bd:74:d1:ce:51:2c:8a:37:99:e7:22:52:50:32:2e:c9:ce: b8:3d:f8:f5:05:fb:61:4e:90:01:ed:0c:a5:93:71:e3:e1:e9: 1e:b9:13:32:fa:d9:66:66:d7:b4:18:28:e3:95:61:0a:b6:b5: 8c:ef:1d:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCD1XvpABy0wwFS2iriqcmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl NGMwNjEwHhcNMjYwMjA5MTEwMDI3WhcNMjYwMjEwMTEwMDI3WjAzMTEwLwYDVQQD EyhjOWVjMWRjZDEyM2IzNmUyYzM4NWMzYzVhZDIzOGIwYjNiMzQ4OGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyXBqjszEPaN/j/gkiSim8zHeQqe w6BaK2+OaXBPRqQoybY584vUjPuVtE+R969UHZYhKjSPhjyjdRouuvM1uAHVny+C mGnft5Pa4ji9uf/+NPT1A/ZAlBAQs0G6aG02iACwHwqOqbqCiUjPEJ6wJdtLCRo2 RYXDArWgzKCYt89ko5QdI9K9uvJ2SrPYnylJssia16KaXDLgX/VNdvymtdA419u0 48lfaZNzSUsJ1EUJ1i2LJ9qRCG24VCdoDoIp+9pvOx+LijetliqX2BR/PwpWcSQJ ZjSBTypVZ/xWKY1K085nfa7DB4OZuXpGleNt+YKn6p/f1sfCHYBtps7lnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMnsHc0SOzbiw4XDxa0jiws7NIjnMB8GA1UdIwQY MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2 LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqgCdJzx AjVMlRqhw9o3Dcw5HlDlaX0d2cWmnv6CahzJNVGebsAPfy7ToNyp7GbTcNCa1+Ep uAdFVHi6x6tIMPoz5eYkURWla2Pb/UMbE0G63F0BKtBjPrY90dxMG+lawkxiHPDb DuEP4KRu74yBUIfakROixwy9T+GkrSFf6jmwupSVnuc7hyFBnMjKxZRlvQQlKA73 U5y/smGlmDPWTSD9e8IxrMSheCGwF1zu6fulfzVj7nNoZ0LIiFRqxmaqnkjZED2f Ar100c5RLIo3meciUlAyLsnOuD349QX7YU6QAe0MpZNx4+HpHrkTMvrZZmbXtBgo 45VhCra1jO8d6A== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:36 2026 by rpki-client