This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft File: yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json) Hash identifier: vLv56AcLxOrxYqiFY4jF0jUM1vGEtzkeUxryqd6f33s= Subject key identifier: 89:9C:3B:69:5B:6A:C5:88:F1:C8:97:B4:C1:1E:18:83:7D:9A:99:55 Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 Certificate issuer: /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Certificate serial: 019C42EAD91225E9B0ED95AA70A5C129F61C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft Manifest number: 137D Signing time: Mon 09 Feb 2026 15:00:13 +0000 Manifest this update: Mon 09 Feb 2026 15:00:13 +0000 Manifest next update: Tue 10 Feb 2026 15:00:13 +0000 Files and hashes: 1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: 3SmhIR+HCUbH98QItFY01ESBPVd4tfHGrjL95wI2zM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:ea:d9:12:25:e9:b0:ed:95:aa:70:a5:c1:29:f6:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Validity Not Before: Feb 9 15:00:13 2026 GMT Not After : Feb 10 15:00:13 2026 GMT Subject: CN=899c3b695b6ac588f1c897b4c11e18837d9a9955 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:bb:16:d5:14:f5:0b:ea:76:5b:41:3f:af:78: fb:f1:e9:dc:8d:c9:e9:82:d1:8c:80:2c:8d:a6:30: 95:ad:55:a6:4c:33:21:89:39:af:a5:46:23:43:e9: a2:f1:e5:d2:06:23:7e:b2:01:09:ec:0f:ba:24:92: 9b:f1:09:1f:08:41:7d:a0:0c:94:e9:bd:7b:38:d1: 9b:5b:41:6d:aa:26:db:66:c2:1c:22:df:b1:3d:ed: ee:f0:88:c0:03:57:8c:98:ae:8e:3f:84:4d:8b:09: 1a:b0:76:16:83:d6:c1:d1:4c:29:a1:d1:e6:51:69: 80:aa:8d:f4:62:73:51:5b:64:b3:6c:77:a0:5e:1a: f2:1b:9f:bc:5f:e2:31:bc:66:0a:43:5c:6c:80:0c: a9:b4:13:5b:71:ce:69:13:69:41:f3:df:99:5c:76: 8b:07:09:19:66:ca:de:e6:2b:0c:7c:fe:d7:13:25: 8a:9c:9d:be:ce:4b:6f:66:40:a2:e3:ce:12:81:29: 22:fe:fb:d1:f9:72:ea:49:dd:3c:20:e2:9c:b4:41: be:3e:40:58:6f:be:09:96:12:98:af:02:3a:f3:24: aa:9c:2a:fb:20:cd:4b:8d:63:f4:96:ec:6d:1d:34: 17:76:5e:a6:a7:4a:67:61:f0:80:72:6e:71:7c:bd: 2b:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9C:3B:69:5B:6A:C5:88:F1:C8:97:B4:C1:1E:18:83:7D:9A:99:55 X509v3 Authority Key Identifier: keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:99:61:b6:27:a2:76:fc:e9:1a:44:2d:21:01:8b:24:92:7b: 01:c0:52:3b:13:3b:ae:4a:64:29:90:5c:d3:dd:94:5c:60:0b: 18:cb:58:bc:22:a3:31:35:d5:44:d3:42:7c:2e:b0:16:91:e4: 2f:db:e3:1c:1e:29:40:52:00:43:df:4c:42:a4:d8:b7:a0:df: 52:ed:33:1b:a7:ef:b7:f5:53:6b:3c:88:67:9c:3e:ae:f9:92: 45:f0:59:6b:98:9a:ce:78:01:a0:c8:58:15:80:85:6f:a2:12: 68:97:97:8a:c2:7b:37:6f:c6:72:06:bc:3b:87:37:de:e6:95: 87:f1:42:fc:c8:ea:2c:e3:9d:13:f7:02:f4:95:ae:a8:47:c5: 7b:7b:0f:93:31:60:16:cc:9e:2a:e4:74:7a:b9:f2:59:b1:96: 71:44:a4:4a:3f:2b:4a:69:51:b8:58:63:d4:c6:12:6b:84:1f: 22:6f:a0:ee:ab:bc:51:9d:16:27:46:70:91:e5:29:e6:ab:be: 3e:2f:75:4c:d8:af:95:3a:a9:5d:05:d0:f5:4b:9b:3c:f4:32: 67:00:df:80:01:4d:48:5c:33:92:df:fa:c5:72:70:21:09:a8: 3e:0f:8d:18:21:69:24:3c:b0:18:1b:ae:01:dd:53:7d:87:78: 34:f6:9e:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxC6tkSJemw7ZWqcKXBKfYcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm NGU5YzMwHhcNMjYwMjA5MTUwMDEzWhcNMjYwMjEwMTUwMDEzWjAzMTEwLwYDVQQD Eyg4OTljM2I2OTViNmFjNTg4ZjFjODk3YjRjMTFlMTg4MzdkOWE5OTU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbsW1RT1C+p2W0E/r3j78encjcnp gtGMgCyNpjCVrVWmTDMhiTmvpUYjQ+mi8eXSBiN+sgEJ7A+6JJKb8QkfCEF9oAyU 6b17ONGbW0FtqibbZsIcIt+xPe3u8IjAA1eMmK6OP4RNiwkasHYWg9bB0UwpodHm UWmAqo30YnNRW2SzbHegXhryG5+8X+IxvGYKQ1xsgAyptBNbcc5pE2lB89+ZXHaL BwkZZsre5isMfP7XEyWKnJ2+zktvZkCi484SgSki/vvR+XLqSd08IOKctEG+PkBY b74JlhKYrwI68ySqnCr7IM1LjWP0luxtHTQXdl6mp0pnYfCAcm5xfL0rfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFImcO2lbasWI8ciXtMEeGIN9mplVMB8GA1UdIwQY MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5 LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZlhtiei dvzpGkQtIQGLJJJ7AcBSOxM7rkpkKZBc092UXGALGMtYvCKjMTXVRNNCfC6wFpHk L9vjHB4pQFIAQ99MQqTYt6DfUu0zG6fvt/VTazyIZ5w+rvmSRfBZa5iazngBoMhY FYCFb6ISaJeXisJ7N2/Gcga8O4c33uaVh/FC/MjqLOOdE/cC9JWuqEfFe3sPkzFg FsyeKuR0ernyWbGWcUSkSj8rSmlRuFhj1MYSa4QfIm+g7qu8UZ0WJ0ZwkeUp5qu+ Pi91TNivlTqpXQXQ9UubPPQyZwDfgAFNSFwzkt/6xXJwIQmoPg+NGCFpJDywGBuu Ad1TfYd4NPaeNA== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:34 2026 by rpki-client