This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft File: xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json) Hash identifier: F4BLt3l9FD/eK4XFjI5iVuOolCzkpI9iDFnPPPlkHw4= Subject key identifier: FA:60:EB:D8:A2:09:62:9B:9F:2A:B5:CF:35:68:CE:DA:EB:12:B0:06 Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45 Certificate issuer: /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045 Certificate serial: 019C421027126F6A7750BD9852F776A10373 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft Manifest number: 08AA Signing time: Mon 09 Feb 2026 11:01:20 +0000 Manifest this update: Mon 09 Feb 2026 11:01:20 +0000 Manifest next update: Tue 10 Feb 2026 11:01:20 +0000 Files and hashes: 1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: Q2bOX8ZY9xLnoCVCX/lqxhaMGMeBN1TeY7qhLRQgq2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:10:27:12:6f:6a:77:50:bd:98:52:f7:76:a1:03:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045 Validity Not Before: Feb 9 11:01:20 2026 GMT Not After : Feb 10 11:01:20 2026 GMT Subject: CN=fa60ebd8a209629b9f2ab5cf3568cedaeb12b006 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:df:d1:86:35:8d:6c:b6:37:85:43:d7:8b:03: 21:23:91:16:eb:4d:11:38:81:09:76:7b:91:43:82: d8:6d:1b:9a:6e:ed:92:c6:e6:d7:77:3f:d4:07:7a: 03:1a:7e:19:fc:34:83:9d:1a:dc:42:11:8e:36:3e: ee:9d:6e:72:72:d4:e8:e7:75:be:1f:4c:05:49:0f: 9b:64:d4:8f:6b:c4:eb:a8:84:24:59:26:11:c7:42: de:b8:98:93:bc:b3:3d:fb:62:76:10:10:ab:20:6c: 24:81:b4:30:88:13:f6:a8:da:40:81:16:e9:dd:78: 48:b1:37:a1:a2:2c:cc:1c:53:d0:1b:b3:08:db:fe: d8:13:3a:8e:dc:f2:10:63:32:cf:c5:be:84:73:3d: cb:dc:13:84:f1:e5:6c:1b:be:e4:0d:56:8e:c9:10: 13:09:cb:28:90:0c:39:4d:0e:dc:6c:ac:1e:79:a1: 0b:ad:86:37:82:19:8a:71:16:24:d6:6a:96:26:37: 93:33:b6:1e:6c:13:2b:f6:8f:13:fa:9a:50:bd:dc: 93:a3:64:b3:8a:f5:bd:8d:be:4d:2d:b3:36:b1:5d: d3:42:e4:84:09:8d:9e:dd:00:e7:63:68:20:5b:3e: 16:c4:f4:75:50:d4:97:65:31:b7:d3:0c:5c:e9:c0: 9b:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:60:EB:D8:A2:09:62:9B:9F:2A:B5:CF:35:68:CE:DA:EB:12:B0:06 X509v3 Authority Key Identifier: keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:ba:6f:9b:58:95:bf:b1:44:e8:0a:83:7d:8f:7e:bf:a1:5e: 31:d8:ea:01:9a:a0:cb:6b:c2:78:36:55:dc:55:39:68:95:31: c6:92:4b:72:dc:ca:a7:2c:c6:d0:de:5d:a5:aa:dd:dd:c0:50: 62:fc:48:45:21:d7:a3:00:82:e6:b5:9b:89:92:8e:bf:b9:d9: e8:b0:c7:80:db:83:8d:e4:2c:71:1a:55:61:c3:d9:e8:94:16: 2d:58:9d:dd:c8:0a:58:6e:9c:8d:9c:05:ee:a6:ee:8c:07:fc: 50:6c:a1:fe:9e:40:11:dc:16:c7:02:2c:a0:ab:f5:8e:70:a0: 10:4d:a9:fb:94:c6:ef:82:e0:39:a2:1f:02:9e:64:c7:30:00: 2c:8d:4e:5d:bf:11:c8:ac:dc:62:ba:f1:13:c5:3f:e7:ca:76: 93:6d:6d:86:9a:b6:33:d6:56:c5:44:e8:e8:22:6b:5c:c2:14: b2:64:70:6a:57:bb:ef:55:0b:95:82:ed:5c:c1:71:8e:54:3e: dc:9a:db:26:88:54:cc:b8:25:c9:35:d2:02:37:46:73:ff:a7: a5:e6:7e:6e:d5:30:fc:67:0b:d3:47:da:42:c0:3a:6f:9a:29: cd:10:94:c4:fa:5a:6a:7f:81:db:f5:04:d9:77:e1:62:71:dc: 3b:0b:f8:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCECcSb2p3UL2YUvd2oQNzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi Y2IwNDUwHhcNMjYwMjA5MTEwMTIwWhcNMjYwMjEwMTEwMTIwWjAzMTEwLwYDVQQD EyhmYTYwZWJkOGEyMDk2MjliOWYyYWI1Y2YzNTY4Y2VkYWViMTJiMDA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+d/RhjWNbLY3hUPXiwMhI5EW600R OIEJdnuRQ4LYbRuabu2SxubXdz/UB3oDGn4Z/DSDnRrcQhGONj7unW5yctTo53W+ H0wFSQ+bZNSPa8TrqIQkWSYRx0LeuJiTvLM9+2J2EBCrIGwkgbQwiBP2qNpAgRbp 3XhIsTehoizMHFPQG7MI2/7YEzqO3PIQYzLPxb6Ecz3L3BOE8eVsG77kDVaOyRAT CcsokAw5TQ7cbKweeaELrYY3ghmKcRYk1mqWJjeTM7YebBMr9o8T+ppQvdyTo2Sz ivW9jb5NLbM2sV3TQuSECY2e3QDnY2ggWz4WxPR1UNSXZTG30wxc6cCbwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPpg69iiCWKbnyq1zzVoztrrErAGMB8GA1UdIwQY MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzbpvm1iV v7FE6AqDfY9+v6FeMdjqAZqgy2vCeDZV3FU5aJUxxpJLctzKpyzG0N5dpard3cBQ YvxIRSHXowCC5rWbiZKOv7nZ6LDHgNuDjeQscRpVYcPZ6JQWLVid3cgKWG6cjZwF 7qbujAf8UGyh/p5AEdwWxwIsoKv1jnCgEE2p+5TG74LgOaIfAp5kxzAALI1OXb8R yKzcYrrxE8U/58p2k21thpq2M9ZWxUTo6CJrXMIUsmRwale771ULlYLtXMFxjlQ+ 3JrbJohUzLglyTXSAjdGc/+npeZ+btUw/GcL00faQsA6b5opzRCUxPpaan+B2/UE 2XfhYnHcOwv4Lg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:50 2026 by rpki-client