This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft File: PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json) Hash identifier: 3CnePgUhkHpDDl7+QWZwmnuxzsJKgING2m8D7eQyAGQ= Subject key identifier: 52:8F:74:4D:BA:7B:BC:4A:BB:05:BC:3F:AE:A4:F1:11:92:13:D1:22 Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91 Certificate issuer: /CN=3c0fed6e0d142a2f09c040c99af1c93560209291 Certificate serial: 019C41D83B0F12C7812EF8731C4CA2827637 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft Manifest number: 1292 Signing time: Mon 09 Feb 2026 10:00:15 +0000 Manifest this update: Mon 09 Feb 2026 10:00:15 +0000 Manifest next update: Tue 10 Feb 2026 10:00:15 +0000 Files and hashes: 1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: +p91EupDkON6xe7/7H3KA66Ev4Y+WW4sR26QMio/k/M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:d8:3b:0f:12:c7:81:2e:f8:73:1c:4c:a2:82:76:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291 Validity Not Before: Feb 9 10:00:15 2026 GMT Not After : Feb 10 10:00:15 2026 GMT Subject: CN=528f744dba7bbc4abb05bc3faea4f1119213d122 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f1:7d:0c:5f:6b:93:88:88:e3:28:1c:54:3a: 74:d4:4c:b5:2f:75:9d:0f:be:66:fb:13:7b:8e:0a: e8:00:e0:fe:54:53:75:cc:76:d9:03:93:0e:8e:9a: d1:10:1a:be:72:b7:64:3e:9e:0a:a8:76:64:a8:7d: ac:a9:10:cf:5b:90:13:4d:07:11:b3:5a:dc:52:bc: d3:84:7b:5b:e4:7b:63:b1:cc:44:07:6c:b0:0a:7b: 7a:8f:57:68:41:26:3b:e5:3d:2c:06:0c:74:c0:90: f6:49:40:bb:a6:d8:81:fd:55:0e:b0:3a:b5:1d:be: 25:c7:4f:c1:e9:26:bb:85:8f:00:0c:03:4b:25:47: 48:e3:d9:9b:39:06:fc:cd:7e:4f:2e:f3:7a:bc:d5: d7:fa:a4:82:d3:d3:0f:d8:79:e0:ff:e4:2d:72:21: 1c:5a:0b:3c:ca:49:f1:6e:2b:8c:98:25:a5:42:82: b6:1e:ff:e2:cf:50:3d:74:e2:03:57:ee:e6:75:42: 28:11:bf:ec:0d:51:cf:73:f9:2b:c7:83:ad:07:d5: eb:19:dd:18:d5:c5:b7:6c:ee:1f:1f:7b:81:0e:de: 48:58:27:c7:21:d2:e4:cc:29:5e:a8:8f:af:87:ea: 7d:35:c9:1a:c1:c5:04:44:00:dc:0d:d9:38:a1:9e: e9:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:8F:74:4D:BA:7B:BC:4A:BB:05:BC:3F:AE:A4:F1:11:92:13:D1:22 X509v3 Authority Key Identifier: keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:73:96:f7:5b:bd:1c:f7:f3:23:aa:46:e2:54:a1:1f:4c:2f: e6:4c:ad:dc:1d:a5:88:f5:aa:9c:3b:f6:a4:5b:7a:3d:a0:34: f9:6a:89:3d:70:03:84:9d:a9:4d:54:fa:d8:05:d8:08:e0:e9: f7:86:f2:f2:56:ca:cd:0d:e3:d8:42:d7:2d:bc:13:45:f7:ba: c1:52:97:dc:50:52:a0:11:96:79:7d:1b:7d:3d:4a:e6:0c:c1: 92:26:f2:c3:35:e6:51:ab:5e:ca:30:39:fe:ed:f2:fe:2d:a0: 95:b5:c7:c2:0a:73:52:88:67:d3:2d:8f:e0:c4:34:ae:ca:83: d7:a5:2e:3a:c5:d5:09:50:9c:5a:3c:f0:a0:49:28:f6:da:4d: 78:e2:79:82:e7:f1:0f:f3:56:7d:b8:78:a5:3f:4c:b6:73:46: b5:20:d8:0c:cd:6a:ba:8f:b7:28:57:00:ae:5d:76:4b:15:22: 0d:ce:82:3c:41:c9:2a:76:8f:4a:1e:be:82:6a:63:d5:8e:2b: 36:2a:b6:70:8e:6a:00:b9:7e:1b:c0:82:63:48:ca:54:47:1a: f4:00:81:5a:16:0b:78:32:f2:4c:c5:c1:be:1b:63:b0:14:c8: 23:3d:0d:8b:cf:c6:7e:c9:15:02:e8:82:33:28:8e:b8:f2:3c: 7a:68:df:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxB2DsPEseBLvhzHEyignY3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy MDkyOTEwHhcNMjYwMjA5MTAwMDE1WhcNMjYwMjEwMTAwMDE1WjAzMTEwLwYDVQQD Eyg1MjhmNzQ0ZGJhN2JiYzRhYmIwNWJjM2ZhZWE0ZjExMTkyMTNkMTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfF9DF9rk4iI4ygcVDp01Ey1L3Wd D75m+xN7jgroAOD+VFN1zHbZA5MOjprREBq+crdkPp4KqHZkqH2sqRDPW5ATTQcR s1rcUrzThHtb5HtjscxEB2ywCnt6j1doQSY75T0sBgx0wJD2SUC7ptiB/VUOsDq1 Hb4lx0/B6Sa7hY8ADANLJUdI49mbOQb8zX5PLvN6vNXX+qSC09MP2Hng/+QtciEc Wgs8yknxbiuMmCWlQoK2Hv/iz1A9dOIDV+7mdUIoEb/sDVHPc/krx4OtB9XrGd0Y 1cW3bO4fH3uBDt5IWCfHIdLkzCleqI+vh+p9NckawcUERADcDdk4oZ7pQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFKPdE26e7xKuwW8P66k8RGSE9EiMB8GA1UdIwQY MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvXOW91u9 HPfzI6pG4lShH0wv5kyt3B2liPWqnDv2pFt6PaA0+WqJPXADhJ2pTVT62AXYCODp 94by8lbKzQ3j2ELXLbwTRfe6wVKX3FBSoBGWeX0bfT1K5gzBkibywzXmUateyjA5 /u3y/i2glbXHwgpzUohn0y2P4MQ0rsqD16UuOsXVCVCcWjzwoEko9tpNeOJ5gufx D/NWfbh4pT9MtnNGtSDYDM1quo+3KFcArl12SxUiDc6CPEHJKnaPSh6+gmpj1Y4r Niq2cI5qALl+G8CCY0jKVEca9ACBWhYLeDLyTMXBvhtjsBTIIz0Ni8/GfskVAuiC MyiOuPI8emjfVQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:46:34 2026 by rpki-client