This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft File: MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json) Hash identifier: GpeQx35v+fI27ApZjaLGWKN8d6ykRaXcqnN+dQadeTc= Subject key identifier: B0:22:6C:1C:A1:FD:0A:4E:4A:78:76:4A:0B:61:1A:51:12:C7:66:F0 Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9 Certificate issuer: /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9 Certificate serial: 019C43C701C466E11F68C171822E25DB4B89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft Manifest number: 03DE Signing time: Mon 09 Feb 2026 19:00:41 +0000 Manifest this update: Mon 09 Feb 2026 19:00:41 +0000 Manifest next update: Tue 10 Feb 2026 19:00:41 +0000 Files and hashes: 1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: AvR8Xbpisj4cnLmMAt1QYawuGkSG09TlqBph+B5SoJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c7:01:c4:66:e1:1f:68:c1:71:82:2e:25:db:4b:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9 Validity Not Before: Feb 9 19:00:41 2026 GMT Not After : Feb 10 19:00:41 2026 GMT Subject: CN=b0226c1ca1fd0a4e4a78764a0b611a5112c766f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ff:c8:8e:eb:45:bc:ee:aa:d9:6d:05:11:2a: f8:10:84:2b:e5:ce:8b:33:fd:0d:c5:2b:3a:c0:43: e8:3a:ff:1f:17:ab:7e:96:15:d5:9f:4d:84:b0:10: 24:27:1a:1f:ed:a3:b2:fd:b9:a8:82:56:2e:7d:5c: 41:f2:0d:23:c1:9b:5e:f0:c6:06:53:f6:71:0c:5c: 5a:79:9a:3a:3b:a8:06:15:ee:fd:13:c9:36:6f:2b: 23:f7:9a:ae:51:5a:26:52:0b:3a:f4:20:17:7b:03: 1a:f8:73:e3:08:0d:77:ac:bf:82:c4:09:53:ff:aa: 57:17:3c:e3:b5:e0:e5:bb:55:a5:87:89:bb:37:04: ad:38:09:6b:89:0d:3f:a2:53:8b:41:e6:c4:04:0c: 3e:27:83:2b:ef:f8:45:d9:d9:bb:ea:b6:bf:0c:b8: 39:ca:71:be:3e:8c:7c:da:19:37:42:0a:18:2a:fb: 88:25:8b:54:d0:3d:00:00:56:d5:3d:af:e4:20:f4: 2d:8c:f1:1e:25:36:c9:69:dc:dc:ff:61:e6:ce:7c: 6e:99:43:71:60:82:0f:ab:a0:9c:70:6e:da:fd:8f: 0a:67:0f:8b:9d:57:23:f8:6e:32:e6:b1:5f:7e:2d: 40:77:ee:99:5b:8d:07:47:30:6d:1e:c4:db:d7:c2: 1d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:22:6C:1C:A1:FD:0A:4E:4A:78:76:4A:0B:61:1A:51:12:C7:66:F0 X509v3 Authority Key Identifier: keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:ad:f4:14:a9:79:87:d1:6e:6d:70:57:98:a7:0e:18:44:5c: a1:40:f6:63:d4:60:55:cc:37:67:ef:44:1d:6b:52:83:7a:f8: 90:15:7e:2c:ec:7d:38:2d:10:b8:06:33:c1:1d:e2:3e:2a:03: 61:fa:f6:a5:11:c8:44:28:b7:fd:cb:0b:19:85:bc:58:d5:03: cb:4c:4d:0f:d8:d7:5e:b9:60:3c:e5:62:f2:04:93:36:51:48: 0a:46:98:3f:cc:41:ec:71:2e:a5:59:de:6a:ef:88:f5:c0:7b: 82:57:65:52:d1:79:40:39:d7:0f:f1:64:25:01:7c:17:13:57: eb:d3:07:d7:90:04:96:2f:d2:ba:4c:89:00:24:52:57:20:4b: 89:c2:42:c9:03:ed:bd:83:ac:b4:80:5d:85:5e:15:2d:67:71: e0:48:0b:c0:bb:06:74:c9:7e:b6:65:db:9f:38:ad:84:f3:42: b1:0a:b3:46:02:5b:61:c5:75:47:9e:2d:d3:8a:44:7c:3d:40: 7a:0e:f7:7f:55:07:37:0a:df:6c:2d:c9:99:93:9b:4b:77:be: 96:92:6a:b4:5b:6a:13:80:59:96:70:ff:aa:e8:f2:13:76:ab: bb:99:2b:c2:0c:cb:8b:3f:27:13:c1:58:89:86:bd:41:4c:b3: 97:f3:1a:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxwHEZuEfaMFxgi4l20uJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh YmJmZTkwHhcNMjYwMjA5MTkwMDQxWhcNMjYwMjEwMTkwMDQxWjAzMTEwLwYDVQQD EyhiMDIyNmMxY2ExZmQwYTRlNGE3ODc2NGEwYjYxMWE1MTEyYzc2NmYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt//IjutFvO6q2W0FESr4EIQr5c6L M/0NxSs6wEPoOv8fF6t+lhXVn02EsBAkJxof7aOy/bmoglYufVxB8g0jwZte8MYG U/ZxDFxaeZo6O6gGFe79E8k2bysj95quUVomUgs69CAXewMa+HPjCA13rL+CxAlT /6pXFzzjteDlu1Wlh4m7NwStOAlriQ0/olOLQebEBAw+J4Mr7/hF2dm76ra/DLg5 ynG+Pox82hk3QgoYKvuIJYtU0D0AAFbVPa/kIPQtjPEeJTbJadzc/2HmznxumUNx YIIPq6CccG7a/Y8KZw+LnVcj+G4y5rFffi1Ad+6ZW40HRzBtHsTb18IdKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLAibByh/QpOSnh2SgthGlESx2bwMB8GA1UdIwQY MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABq30FKl5 h9FubXBXmKcOGERcoUD2Y9RgVcw3Z+9EHWtSg3r4kBV+LOx9OC0QuAYzwR3iPioD Yfr2pRHIRCi3/csLGYW8WNUDy0xND9jXXrlgPOVi8gSTNlFICkaYP8xB7HEupVne au+I9cB7gldlUtF5QDnXD/FkJQF8FxNX69MH15AEli/SukyJACRSVyBLicJCyQPt vYOstIBdhV4VLWdx4EgLwLsGdMl+tmXbnzithPNCsQqzRgJbYcV1R54t04pEfD1A eg73f1UHNwrfbC3JmZObS3e+lpJqtFtqE4BZlnD/qujyE3aru5krwgzLiz8nE8FY iYa9QUyzl/MarQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:07:03 2026 by rpki-client