This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft File: 2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json) Hash identifier: BGxptd71XvrtxnTStRg3J3YJB1gg5zTVFujj0yQgMHg= Subject key identifier: 1E:56:8D:8B:E8:7B:A4:12:5D:5A:F2:45:89:B9:AE:19:EE:79:4C:0F Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB Certificate issuer: /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb Certificate serial: 019C43226B1FCD4C3357358E6E2D321ACE0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft Manifest number: 1115 Signing time: Mon 09 Feb 2026 16:00:54 +0000 Manifest this update: Mon 09 Feb 2026 16:00:54 +0000 Manifest next update: Tue 10 Feb 2026 16:00:54 +0000 Files and hashes: 1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: QXgsDaZSDof8gHliTiXag353FyPqpAFffex15w54Euw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:6b:1f:cd:4c:33:57:35:8e:6e:2d:32:1a:ce:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb Validity Not Before: Feb 9 16:00:54 2026 GMT Not After : Feb 10 16:00:54 2026 GMT Subject: CN=1e568d8be87ba4125d5af24589b9ae19ee794c0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c5:09:b6:dc:92:97:46:45:02:ef:fd:7a:22: fb:55:37:d9:22:85:ee:0f:cd:84:3e:48:9e:50:b4: 46:ae:dd:77:fa:6a:2c:be:2a:14:7f:9a:ce:0f:ea: 91:bb:11:d4:af:74:63:96:10:78:39:ea:ae:48:17: 0a:6d:2b:65:e1:ed:81:6e:8a:33:5a:a0:7a:09:02: a4:dc:5c:e3:aa:0d:05:03:2f:84:3f:09:55:ab:11: e1:b6:31:97:08:19:d1:d7:99:84:0b:94:bf:24:44: af:86:c2:5c:88:a8:b3:91:fe:51:e3:c3:9f:b2:9a: 2d:e3:6d:85:78:a5:ad:71:ad:e8:53:44:23:d6:33: a6:99:82:f2:d8:d6:88:13:90:b1:48:b5:8a:66:f9: 2f:36:69:fe:da:bd:22:a4:8a:19:75:94:de:f4:df: 61:90:07:a1:c4:58:f8:ff:00:00:a7:a8:e8:d3:dc: f2:d0:39:0b:fa:95:25:23:44:37:99:bc:48:a0:f4: 2e:13:14:dd:66:7e:5a:65:8a:54:4b:bd:a2:44:f3: 18:7c:bd:b5:ed:d8:c5:3f:35:b8:87:67:e5:cf:40: ea:ee:c7:23:ae:7c:93:2b:58:a1:33:7a:03:3c:3e: 68:7e:d8:e7:ec:eb:f2:ff:83:a7:75:1e:33:b5:2b: 93:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:56:8D:8B:E8:7B:A4:12:5D:5A:F2:45:89:B9:AE:19:EE:79:4C:0F X509v3 Authority Key Identifier: keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:bf:6f:d8:a7:cf:9f:e1:ea:fc:27:b1:ca:71:08:52:15:c0: f1:1a:b4:30:5d:dc:c8:c9:b5:71:42:07:5f:7a:d7:5a:2d:5d: a6:9f:44:c1:fa:f0:e8:09:a4:93:85:76:f1:dd:cf:f8:7d:9c: 5b:f0:f0:c1:cb:c6:e6:9f:ca:ae:ac:97:e2:dd:92:a7:3e:19: cb:e2:a6:9b:d8:a8:c9:00:3d:fc:4e:1c:5f:dc:d2:11:a5:e4: 78:9d:73:22:76:48:27:7a:02:65:65:6b:fc:4e:db:7e:e3:f8: ca:08:64:3c:bd:7a:17:b8:67:85:4d:68:db:a8:05:88:ab:c6: f8:7d:19:ec:be:5d:08:92:f3:50:61:0b:45:9d:5e:62:87:5b: c0:f3:26:6b:8b:b0:53:85:77:1d:c0:5d:d1:3a:69:22:9b:b0: f2:7c:46:05:bf:02:6d:7f:9c:93:77:84:38:2b:7b:93:3d:32: cd:fa:86:1d:b5:1c:d5:bb:5e:00:67:c3:6d:92:84:13:cf:ed: a6:6c:7e:40:a2:d7:72:e7:80:d1:58:32:a8:f0:9a:5f:42:40: da:d2:34:66:81:b3:f3:43:d0:58:60:ea:b8:18:6b:75:44:13: 2d:34:f9:f8:f9:08:49:dd:db:b2:f2:01:e4:5d:07:74:61:eb: 7e:08:ca:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDImsfzUwzVzWObi0yGs4NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz M2RjY2IwHhcNMjYwMjA5MTYwMDU0WhcNMjYwMjEwMTYwMDU0WjAzMTEwLwYDVQQD EygxZTU2OGQ4YmU4N2JhNDEyNWQ1YWYyNDU4OWI5YWUxOWVlNzk0YzBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sUJttySl0ZFAu/9eiL7VTfZIoXu D82EPkieULRGrt13+mosvioUf5rOD+qRuxHUr3RjlhB4OequSBcKbStl4e2Bbooz WqB6CQKk3Fzjqg0FAy+EPwlVqxHhtjGXCBnR15mEC5S/JESvhsJciKizkf5R48Of spot422FeKWtca3oU0Qj1jOmmYLy2NaIE5CxSLWKZvkvNmn+2r0ipIoZdZTe9N9h kAehxFj4/wAAp6jo09zy0DkL+pUlI0Q3mbxIoPQuExTdZn5aZYpUS72iRPMYfL21 7djFPzW4h2flz0Dq7scjrnyTK1ihM3oDPD5oftjn7Ovy/4OndR4ztSuTlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB5WjYvoe6QSXVryRYm5rhnueUwPMB8GA1UdIwQY MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3 LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl79v2KfP n+Hq/CexynEIUhXA8Rq0MF3cyMm1cUIHX3rXWi1dpp9Ewfrw6Amkk4V28d3P+H2c W/DwwcvG5p/KrqyX4t2Spz4Zy+Kmm9ioyQA9/E4cX9zSEaXkeJ1zInZIJ3oCZWVr /E7bfuP4yghkPL16F7hnhU1o26gFiKvG+H0Z7L5dCJLzUGELRZ1eYodbwPMma4uw U4V3HcBd0TppIpuw8nxGBb8CbX+ck3eEOCt7kz0yzfqGHbUc1bteAGfDbZKEE8/t pmx+QKLXcueA0VgyqPCaX0JA2tI0ZoGz80PQWGDquBhrdUQTLTT5+PkISd3bsvIB 5F0HdGHrfgjKPA== -----END CERTIFICATE-----Generated at Mon Feb 9 21:05:02 2026 by rpki-client