This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft File: AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json) Hash identifier: S544Ld1QG9h9HZImjGy6/fLTaLi0x/TmS5f4ktOcGYc= Subject key identifier: 67:D9:CE:F0:51:A1:74:36:C3:81:73:6A:3E:40:0E:34:DA:E3:09:9F Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 Certificate issuer: /CN=0289eecea279413257d8908c25568abeb8af8677 Certificate serial: 019C41A1F406C591652346DCDFF057F2609B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft Manifest number: 0D86 Signing time: Mon 09 Feb 2026 09:00:58 +0000 Manifest this update: Mon 09 Feb 2026 09:00:58 +0000 Manifest next update: Tue 10 Feb 2026 09:00:58 +0000 Files and hashes: 1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: r+vZIsy79z5Myd5W+zXBPBKageiubNu3LUnA4eEdnwc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a1:f4:06:c5:91:65:23:46:dc:df:f0:57:f2:60:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0289eecea279413257d8908c25568abeb8af8677 Validity Not Before: Feb 9 09:00:58 2026 GMT Not After : Feb 10 09:00:58 2026 GMT Subject: CN=67d9cef051a17436c381736a3e400e34dae3099f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:5a:bd:09:98:ab:eb:c6:1d:1e:68:61:ee:25: c9:9b:e1:f9:b7:51:24:99:85:d1:1f:5b:00:8a:bd: 58:4e:c0:4a:17:2b:f7:4d:4e:2d:ae:ea:76:06:e3: cb:18:25:67:99:85:95:14:69:d1:76:70:42:47:1e: ab:38:9e:77:ae:64:af:3b:80:1d:2f:59:b9:4a:95: dd:f9:20:82:05:54:0e:7f:ba:97:77:ea:70:8c:45: d5:50:35:63:eb:60:23:96:50:6a:c9:bd:bc:c9:59: 04:af:61:19:cd:6d:b4:df:f3:3e:48:ef:78:a5:b1: b4:3c:8b:41:eb:a3:4a:24:69:70:06:f8:d0:97:64: 4b:b0:7d:27:77:c9:b8:5f:8d:9f:fc:c2:3a:f8:63: 66:cc:b4:ed:df:6a:3f:af:6f:21:8e:62:10:ad:7a: 35:40:e1:64:b4:1e:38:c1:35:c5:a2:74:53:25:a0: 4d:c3:9e:4d:4a:52:30:24:54:b8:d9:ba:8e:9d:9a: 49:37:e4:52:76:44:0d:9e:e1:34:0a:45:e0:1b:24: 58:94:60:63:4c:16:d8:5f:4b:1d:48:10:8e:14:76: b3:16:4e:a8:a6:c1:0a:9d:ab:86:28:7e:ee:55:6c: 29:ea:2c:0d:a1:6c:d1:ad:07:68:6c:58:5b:ce:4e: 9d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:D9:CE:F0:51:A1:74:36:C3:81:73:6A:3E:40:0E:34:DA:E3:09:9F X509v3 Authority Key Identifier: keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:72:ef:8a:34:ec:d5:4a:f9:1f:d3:64:e9:8c:b8:10:fc:ce: 0f:21:23:9d:b0:9d:b6:ca:fc:51:40:57:03:be:29:ef:1b:9a: bf:72:86:eb:5f:7c:c9:81:08:7e:3f:60:d9:a2:d7:c6:7a:24: ea:46:89:e6:41:34:ee:fc:22:ae:36:13:ff:af:b1:77:cd:b6: 51:92:4c:56:08:a4:77:8a:40:e6:d5:20:20:db:ef:40:b4:4b: fc:27:b7:77:82:6a:2b:8a:b5:fe:f9:af:45:5c:68:d9:84:ee: dd:4e:d5:43:ad:f4:5e:3d:82:18:53:6a:b6:b7:ec:ce:08:b2: b8:73:98:19:9f:4c:e9:d2:3f:b5:9a:82:0a:08:89:95:9c:1e: c2:53:7f:de:94:a5:47:cf:c3:9d:e1:a5:b6:9f:52:fd:b3:03: 60:75:2a:0c:45:fb:cf:c0:95:79:ac:9a:bf:3f:87:04:de:6e: 4f:09:56:0f:0a:9b:96:6b:97:89:dc:d8:e4:af:09:bf:fd:95: 68:57:92:f8:3a:0e:74:54:d8:20:7e:4f:3e:e9:e1:32:fc:52: bf:d0:dd:7a:32:a2:8f:ab:24:5a:6d:fd:89:e3:d0:04:40:d0: 78:99:89:53:97:aa:f0:5c:1c:de:51:06:ca:62:e0:39:8a:d5: 4a:20:f7:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBofQGxZFlI0bc3/BX8mCbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh Zjg2NzcwHhcNMjYwMjA5MDkwMDU4WhcNMjYwMjEwMDkwMDU4WjAzMTEwLwYDVQQD Eyg2N2Q5Y2VmMDUxYTE3NDM2YzM4MTczNmEzZTQwMGUzNGRhZTMwOTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVq9CZir68YdHmhh7iXJm+H5t1Ek mYXRH1sAir1YTsBKFyv3TU4trup2BuPLGCVnmYWVFGnRdnBCRx6rOJ53rmSvO4Ad L1m5SpXd+SCCBVQOf7qXd+pwjEXVUDVj62AjllBqyb28yVkEr2EZzW203/M+SO94 pbG0PItB66NKJGlwBvjQl2RLsH0nd8m4X42f/MI6+GNmzLTt32o/r28hjmIQrXo1 QOFktB44wTXFonRTJaBNw55NSlIwJFS42bqOnZpJN+RSdkQNnuE0CkXgGyRYlGBj TBbYX0sdSBCOFHazFk6opsEKnauGKH7uVWwp6iwNoWzRrQdobFhbzk6dKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGfZzvBRoXQ2w4Fzaj5ADjTa4wmfMB8GA1UdIwQY MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXLvijTs 1Ur5H9Nk6Yy4EPzODyEjnbCdtsr8UUBXA74p7xuav3KG6198yYEIfj9g2aLXxnok 6kaJ5kE07vwirjYT/6+xd822UZJMVgikd4pA5tUgINvvQLRL/Ce3d4JqK4q1/vmv RVxo2YTu3U7VQ630Xj2CGFNqtrfszgiyuHOYGZ9M6dI/tZqCCgiJlZwewlN/3pSl R8/DneGltp9S/bMDYHUqDEX7z8CVeayavz+HBN5uTwlWDwqblmuXidzY5K8Jv/2V aFeS+DoOdFTYIH5PPunhMvxSv9DdejKij6skWm39iePQBEDQeJmJU5eq8Fwc3lEG ymLgOYrVSiD3Fw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:34:02 2026 by rpki-client