This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft File: EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json) Hash identifier: 70L+x2dDDS9n3SKTpcUelGlaApXdlSa1tL+M7mMwjEY= Subject key identifier: 5F:F3:1B:A3:E0:26:D1:13:03:4C:8D:EA:48:ED:FA:6F:71:94:C7:83 Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 Certificate issuer: /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Certificate serial: 019C4246A1AE97276B2C18C9C4275DCDEFEE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft Manifest number: 04CE Signing time: Mon 09 Feb 2026 12:00:50 +0000 Manifest this update: Mon 09 Feb 2026 12:00:50 +0000 Manifest next update: Tue 10 Feb 2026 12:00:50 +0000 Files and hashes: 1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: dJBTNWI+fvO6aFTSmaD75RrSd8K9UGO0peGWw7NMVE8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:a1:ae:97:27:6b:2c:18:c9:c4:27:5d:cd:ef:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Validity Not Before: Feb 9 12:00:50 2026 GMT Not After : Feb 10 12:00:50 2026 GMT Subject: CN=5ff31ba3e026d113034c8dea48edfa6f7194c783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:66:e9:6c:e9:b1:43:06:20:00:23:84:a6:b7: 47:0b:a6:ae:6a:95:8b:d7:ad:31:47:04:e7:23:1b: f0:43:fe:c9:0f:78:b8:7b:c9:ee:3d:5d:19:a1:37: f5:b5:b3:e1:a9:6b:b5:77:5e:97:d4:f6:f9:fd:ba: a9:75:3e:23:93:be:77:61:a8:df:40:df:97:a6:d4: e1:e7:32:8d:7a:b3:65:54:ef:19:8b:ed:48:28:4c: 87:42:24:f2:e5:e1:bf:ff:50:68:6b:a9:6b:a9:13: 71:c3:ff:2c:52:9f:94:8d:65:bc:58:67:0d:cf:2e: 86:cd:44:50:77:d2:e5:db:b2:eb:7d:a1:e5:64:ff: 52:30:ac:f8:3c:5c:57:24:04:7a:23:18:3d:f4:0b: 47:9d:be:0b:67:e4:af:16:9d:6c:51:cf:6d:4a:54: 9d:01:a3:61:64:92:59:75:44:f6:26:23:96:69:17: 08:e3:50:4e:28:1e:a5:f6:fe:9f:49:ba:98:d6:2c: 9c:29:fc:78:2b:9d:9e:c2:af:3d:fd:3e:a2:27:bd: 83:fe:b4:5c:8c:81:af:c7:81:2a:a0:14:40:cf:44: e1:83:90:63:51:f4:8b:3e:f4:47:df:49:eb:70:83: ae:03:0d:bd:f1:fc:15:dd:24:09:55:82:87:97:a0: 25:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:F3:1B:A3:E0:26:D1:13:03:4C:8D:EA:48:ED:FA:6F:71:94:C7:83 X509v3 Authority Key Identifier: keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:27:5d:c7:a9:ec:96:8a:0a:e5:5d:e4:cb:fd:37:26:5d:a5: 73:bf:45:2c:df:be:38:d5:a8:22:c5:a2:30:1c:6d:d0:b4:e9: a6:d4:f3:10:2a:f6:e7:0d:82:62:18:95:e3:3b:b4:13:b7:cc: 38:38:10:0e:0f:e9:5c:d4:c4:6a:c8:e0:27:7f:43:70:ff:b3: ac:e5:22:a0:4f:fa:0f:d1:e9:fe:b5:45:c2:09:6a:2b:72:9a: 66:4e:3b:dd:e7:87:ae:10:e4:9c:35:53:b3:b6:15:f7:45:2d: 43:8b:5b:0f:55:70:23:82:13:6d:a0:b2:8a:98:fd:db:03:55: 57:df:62:8a:f7:db:28:7f:5c:59:d5:39:8f:b7:de:9d:09:36: d1:51:79:38:4a:8b:65:4a:af:29:7a:e1:01:ba:ba:2c:26:4a: b2:25:95:77:38:76:99:a4:c7:62:f8:6a:a2:8f:ae:0c:ac:5f: b1:4d:01:e7:2d:9d:b2:06:7c:85:1a:14:7e:8b:e5:47:75:50: f9:e9:e6:e4:9f:bf:f9:9b:2f:bc:d2:de:bb:60:aa:96:04:02: 32:76:a8:3b:83:38:6d:9d:55:62:9d:20:c6:d2:ae:8d:23:00: e8:ea:31:9e:20:d9:7e:4e:fe:68:42:1c:39:af:ad:fb:bb:55: 62:14:7c:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRqGulydrLBjJxCddze/uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1 NzdhZDAwHhcNMjYwMjA5MTIwMDUwWhcNMjYwMjEwMTIwMDUwWjAzMTEwLwYDVQQD Eyg1ZmYzMWJhM2UwMjZkMTEzMDM0YzhkZWE0OGVkZmE2ZjcxOTRjNzgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGbpbOmxQwYgACOEprdHC6auapWL 160xRwTnIxvwQ/7JD3i4e8nuPV0ZoTf1tbPhqWu1d16X1Pb5/bqpdT4jk753Yajf QN+XptTh5zKNerNlVO8Zi+1IKEyHQiTy5eG//1Boa6lrqRNxw/8sUp+UjWW8WGcN zy6GzURQd9Ll27LrfaHlZP9SMKz4PFxXJAR6Ixg99AtHnb4LZ+SvFp1sUc9tSlSd AaNhZJJZdUT2JiOWaRcI41BOKB6l9v6fSbqY1iycKfx4K52ewq89/T6iJ72D/rRc jIGvx4EqoBRAz0Thg5BjUfSLPvRH30nrcIOuAw298fwV3SQJVYKHl6AlpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF/zG6PgJtETA0yN6kjt+m9xlMeDMB8GA1UdIwQY MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKiddx6ns looK5V3ky/03Jl2lc79FLN++ONWoIsWiMBxt0LTpptTzECr25w2CYhiV4zu0E7fM ODgQDg/pXNTEasjgJ39DcP+zrOUioE/6D9Hp/rVFwglqK3KaZk473eeHrhDknDVT s7YV90UtQ4tbD1VwI4ITbaCyipj92wNVV99iivfbKH9cWdU5j7fenQk20VF5OEqL ZUqvKXrhAbq6LCZKsiWVdzh2maTHYvhqoo+uDKxfsU0B5y2dsgZ8hRoUfovlR3VQ +enm5J+/+ZsvvNLeu2CqlgQCMnaoO4M4bZ1VYp0gxtKujSMA6OoxniDZfk7+aEIc Oa+t+7tVYhR8ZQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:49:23 2026 by rpki-client