This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft File: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json) Hash identifier: nIuiGYaIv9IkgUnbRlS3W9D7EMDVXdsQ448XxohuI64= Subject key identifier: 42:97:29:F9:C4:3E:60:EF:CA:D6:84:74:93:B9:E8:5C:D1:7F:B2:8D Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 Certificate issuer: /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Certificate serial: 019C4321ED9E8A928A5ABE93A6627A91583E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft Manifest number: 17E0 Signing time: Mon 09 Feb 2026 16:00:22 +0000 Manifest this update: Mon 09 Feb 2026 16:00:22 +0000 Manifest next update: Tue 10 Feb 2026 16:00:22 +0000 Files and hashes: 1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: f8OM6qj5oEsQWbAGzfs2ockuVeSsfyEXbTYRwNA2EXw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:ed:9e:8a:92:8a:5a:be:93:a6:62:7a:91:58:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Validity Not Before: Feb 9 16:00:22 2026 GMT Not After : Feb 10 16:00:22 2026 GMT Subject: CN=429729f9c43e60efcad6847493b9e85cd17fb28d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:96:e6:e1:ba:4e:ee:1f:15:f0:63:79:94:cc: 45:78:71:74:92:58:a9:9d:3a:fa:f9:85:33:93:7d: 4c:5e:80:67:f8:df:52:a3:64:1e:2c:c4:90:7e:50: 97:67:80:4d:a1:35:2b:8d:2e:8e:34:b1:0a:65:02: 89:1e:db:e6:2f:03:75:87:e3:bb:16:49:31:76:23: d0:85:73:36:2b:dd:67:c3:2a:5b:d6:d5:4b:56:5d: b6:51:7b:50:7d:2f:d4:01:a5:8a:5e:ae:82:7c:dd: 36:ab:88:5c:74:95:16:38:d6:c8:7a:57:0e:28:81: d6:97:b1:a4:84:6c:27:3a:1c:4e:53:2e:86:63:12: 43:7f:09:d8:ad:58:95:46:f5:68:67:ab:ba:78:fa: b9:25:cf:b9:53:59:be:13:d3:c5:d2:ad:64:75:fa: 8c:07:a5:7b:c6:1d:ae:5e:4f:2e:b9:07:c0:88:50: 67:3f:04:00:8c:67:08:0d:01:c8:0c:a1:db:1e:6f: d3:c1:fc:15:b5:20:78:db:54:23:96:de:8f:5a:8c: 1c:21:ea:96:1b:13:65:a9:ba:dc:44:2f:36:04:69: 0d:22:05:bc:de:27:11:73:6b:60:c2:54:b7:f9:ae: d5:c1:dd:72:13:41:73:93:a5:6a:b0:90:f4:17:de: ad:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:97:29:F9:C4:3E:60:EF:CA:D6:84:74:93:B9:E8:5C:D1:7F:B2:8D X509v3 Authority Key Identifier: keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:7b:a1:51:92:77:e5:2b:35:a4:fa:33:4c:5a:a8:ee:95:6b: eb:c1:65:41:c7:08:c7:77:0e:c4:d0:55:9c:28:b4:0d:f9:06: ca:36:15:72:8c:42:06:8c:c0:e9:6b:91:be:0e:71:23:fa:e9: bb:be:ef:d6:8a:5b:99:9d:12:e4:3f:2d:1c:72:bf:91:b8:d3: 0f:01:e8:39:10:f8:38:85:19:e3:7a:df:6c:c3:de:8c:98:49: c7:f4:d3:45:81:65:af:de:c8:f1:cf:96:70:95:95:9f:8a:e5: d0:3b:fe:fc:3e:70:b7:a7:98:1e:f8:54:ff:05:e2:d6:b9:f7: 0b:e8:a8:24:8e:91:72:a3:2e:92:02:33:33:c4:e7:4a:40:4c: f3:47:7b:fb:7d:31:f8:21:ff:2b:f7:d8:19:21:63:fb:41:f8: 8d:b1:f5:12:25:a7:ce:e5:14:c7:3f:a5:88:2b:5d:3c:23:db: 03:56:9a:af:ee:7b:1b:cf:35:2c:29:07:63:6c:74:fe:7a:a5: 05:94:f5:1e:87:80:aa:b7:fb:f5:dc:da:91:80:20:5d:5f:3f: 67:43:16:6e:1d:5a:89:8c:ff:34:25:60:c9:35:e2:de:db:a8: cb:c3:80:00:f1:f9:2f:f2:19:41:33:5d:f8:75:b0:f4:29:c7: ae:8d:15:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIe2eipKKWr6TpmJ6kVg+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm MTI4MzQwHhcNMjYwMjA5MTYwMDIyWhcNMjYwMjEwMTYwMDIyWjAzMTEwLwYDVQQD Eyg0Mjk3MjlmOWM0M2U2MGVmY2FkNjg0NzQ5M2I5ZTg1Y2QxN2ZiMjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZbm4bpO7h8V8GN5lMxFeHF0klip nTr6+YUzk31MXoBn+N9So2QeLMSQflCXZ4BNoTUrjS6ONLEKZQKJHtvmLwN1h+O7 FkkxdiPQhXM2K91nwypb1tVLVl22UXtQfS/UAaWKXq6CfN02q4hcdJUWONbIelcO KIHWl7GkhGwnOhxOUy6GYxJDfwnYrViVRvVoZ6u6ePq5Jc+5U1m+E9PF0q1kdfqM B6V7xh2uXk8uuQfAiFBnPwQAjGcIDQHIDKHbHm/TwfwVtSB421Qjlt6PWowcIeqW GxNlqbrcRC82BGkNIgW83icRc2tgwlS3+a7Vwd1yE0Fzk6VqsJD0F96tnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEKXKfnEPmDvytaEdJO56FzRf7KNMB8GA1UdIwQY MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOnuhUZJ3 5Ss1pPozTFqo7pVr68FlQccIx3cOxNBVnCi0DfkGyjYVcoxCBozA6WuRvg5xI/rp u77v1opbmZ0S5D8tHHK/kbjTDwHoORD4OIUZ43rfbMPejJhJx/TTRYFlr97I8c+W cJWVn4rl0Dv+/D5wt6eYHvhU/wXi1rn3C+ioJI6RcqMukgIzM8TnSkBM80d7+30x +CH/K/fYGSFj+0H4jbH1EiWnzuUUxz+liCtdPCPbA1aar+57G881LCkHY2x0/nql BZT1HoeAqrf79dzakYAgXV8/Z0MWbh1aiYz/NCVgyTXi3tuoy8OAAPH5L/IZQTNd +HWw9CnHro0V3Q== -----END CERTIFICATE-----Generated at Mon Feb 9 20:00:26 2026 by rpki-client