This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft File: zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json) Hash identifier: FCcrPw6L/pJlozCrrJQHR1QPZknDl7zixcDezNOfB4Y= Subject key identifier: 1A:4C:71:3E:29:B4:CF:65:BD:D2:04:F3:00:3E:2A:96:6F:E5:A2:4A Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A Certificate issuer: /CN=ce42b4385e5772f51d588e2bb7219a122399587a Certificate serial: 019C41A1E9A200D251EAFCE3D9F5627546E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft Manifest number: 0C33 Signing time: Mon 09 Feb 2026 09:00:56 +0000 Manifest this update: Mon 09 Feb 2026 09:00:56 +0000 Manifest next update: Tue 10 Feb 2026 09:00:56 +0000 Files and hashes: 1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: zyf67vH76Mb0qRu9SdV59q+9DLSgu8W4Mxn3Qc8VfME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a1:e9:a2:00:d2:51:ea:fc:e3:d9:f5:62:75:46:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a Validity Not Before: Feb 9 09:00:56 2026 GMT Not After : Feb 10 09:00:56 2026 GMT Subject: CN=1a4c713e29b4cf65bdd204f3003e2a966fe5a24a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:16:22:36:1b:43:32:5f:c7:2c:c8:33:d7:88: b4:08:28:f8:39:6f:45:2f:ed:ae:ea:87:92:99:cc: 7a:81:c9:48:b1:f0:3f:f6:8d:a0:6c:b6:96:9e:25: da:30:56:0e:56:01:67:4c:65:dd:2f:6c:0f:01:8a: c7:76:59:1b:f0:00:23:54:ee:d4:dd:d9:28:be:03: 56:53:5b:ae:50:f6:8b:77:00:5c:47:c0:94:2c:b5: 85:90:b7:64:19:13:b7:36:97:11:6a:1c:57:68:56: 0f:0a:ed:fd:64:04:37:73:40:3e:5a:ed:86:8a:54: 89:df:59:bf:52:94:6e:d6:b5:f6:38:8c:be:1f:1b: 65:75:c3:ff:49:23:aa:16:4c:72:03:41:61:8b:cb: de:24:0e:44:e4:f0:3a:42:46:1c:6a:7f:75:d5:37: 79:87:1b:bc:fd:97:d2:e8:97:a9:4b:8f:56:a2:16: 14:da:00:b7:0e:0e:09:38:22:c0:b8:cd:3c:75:d0: f5:5a:09:16:c9:b7:28:e2:de:d6:ba:c9:ed:5e:b0: af:8d:fd:e6:c3:e4:9e:b1:42:9e:1a:92:57:4d:15: dd:3f:a7:1a:1b:25:4a:76:9b:ee:01:18:9e:35:70: 5e:55:94:91:6f:7a:98:4c:fe:c9:9c:74:da:93:34: 7b:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:4C:71:3E:29:B4:CF:65:BD:D2:04:F3:00:3E:2A:96:6F:E5:A2:4A X509v3 Authority Key Identifier: keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:a5:c1:8c:f9:d0:ef:b1:3f:e6:d4:8b:33:b4:d9:95:b8:f2: 57:8a:1b:e1:1b:d1:92:b8:66:0b:9f:af:7a:fc:47:35:f4:7a: 01:f9:30:51:70:f0:6f:87:62:4d:5c:bf:88:14:ac:d4:60:68: 75:10:eb:74:12:c0:56:be:f9:75:b6:26:e6:fa:90:28:f8:f7: aa:36:e6:90:9c:92:b2:76:76:72:38:5c:33:01:1f:1b:9e:94: f5:f9:4a:3d:ca:2a:74:4e:28:f4:3d:e5:8f:22:b9:e0:ea:c2: 76:ee:a1:18:c1:df:a3:aa:41:9c:99:42:7a:3e:0f:c6:79:c6: 18:4b:0a:af:4b:cc:84:f7:10:33:9d:8d:e3:db:a5:23:c4:c3: ad:3c:da:8f:99:16:86:f3:68:6a:23:ac:0d:19:87:53:01:85: d6:5f:04:dc:79:cf:43:3a:95:dd:a3:63:ec:df:b7:d8:5f:25: 4e:fc:49:be:fd:8e:19:71:85:8b:18:c7:2d:ff:01:97:16:ed: 92:c9:29:9a:23:86:a9:37:aa:40:8d:89:f6:05:d5:03:9d:75: fa:9e:e1:fb:f6:df:28:09:7d:61:47:04:62:a3:82:64:37:af: 9a:6b:df:b1:be:1a:68:dd:81:ed:e5:0c:23:31:db:3c:c2:9b: 91:55:94:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBoemiANJR6vzj2fVidUbhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5 OTU4N2EwHhcNMjYwMjA5MDkwMDU2WhcNMjYwMjEwMDkwMDU2WjAzMTEwLwYDVQQD EygxYTRjNzEzZTI5YjRjZjY1YmRkMjA0ZjMwMDNlMmE5NjZmZTVhMjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xYiNhtDMl/HLMgz14i0CCj4OW9F L+2u6oeSmcx6gclIsfA/9o2gbLaWniXaMFYOVgFnTGXdL2wPAYrHdlkb8AAjVO7U 3dkovgNWU1uuUPaLdwBcR8CULLWFkLdkGRO3NpcRahxXaFYPCu39ZAQ3c0A+Wu2G ilSJ31m/UpRu1rX2OIy+HxtldcP/SSOqFkxyA0Fhi8veJA5E5PA6QkYcan911Td5 hxu8/ZfS6JepS49WohYU2gC3Dg4JOCLAuM08ddD1WgkWybco4t7WusntXrCvjf3m w+SesUKeGpJXTRXdP6caGyVKdpvuARieNXBeVZSRb3qYTP7JnHTakzR7tQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBpMcT4ptM9lvdIE8wA+KpZv5aJKMB8GA1UdIwQY MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3 LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfaXBjPnQ 77E/5tSLM7TZlbjyV4ob4RvRkrhmC5+vevxHNfR6AfkwUXDwb4diTVy/iBSs1GBo dRDrdBLAVr75dbYm5vqQKPj3qjbmkJySsnZ2cjhcMwEfG56U9flKPcoqdE4o9D3l jyK54OrCdu6hGMHfo6pBnJlCej4PxnnGGEsKr0vMhPcQM52N49ulI8TDrTzaj5kW hvNoaiOsDRmHUwGF1l8E3HnPQzqV3aNj7N+32F8lTvxJvv2OGXGFixjHLf8Blxbt kskpmiOGqTeqQI2J9gXVA511+p7h+/bfKAl9YUcEYqOCZDevmmvfsb4aaN2B7eUM IzHbPMKbkVWU0A== -----END CERTIFICATE-----Generated at Mon Feb 9 16:54:00 2026 by rpki-client