This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft File: 8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json) Hash identifier: 7jMwGzcEk7NnbZCQZmgOKlwRLkk+N5W9FC17mtxiDsY= Subject key identifier: A1:83:53:6E:A5:8E:FA:55:12:40:24:B5:D6:58:29:00:DB:73:59:22 Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32 Certificate issuer: /CN=f29e69eb99fec125637311d43052f7931d8fdd32 Certificate serial: 019C4390032A8D611F78F0E4437A5DA0E263 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft Manifest number: 07AA Signing time: Mon 09 Feb 2026 18:00:37 +0000 Manifest this update: Mon 09 Feb 2026 18:00:37 +0000 Manifest next update: Tue 10 Feb 2026 18:00:37 +0000 Files and hashes: 1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: C9o757y0DoMLMLaD+PmntsR+OWOcHotL1Q6pBBEX8JI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:03:2a:8d:61:1f:78:f0:e4:43:7a:5d:a0:e2:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32 Validity Not Before: Feb 9 18:00:37 2026 GMT Not After : Feb 10 18:00:37 2026 GMT Subject: CN=a183536ea58efa55124024b5d6582900db735922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0d:46:a8:c8:a2:17:b5:b1:49:e1:e9:36:7e: 85:2b:51:04:00:1d:3e:df:bb:98:24:db:7e:14:cc: 24:d4:b7:68:d2:d7:b2:bf:ba:7c:cd:7d:93:03:2c: 43:be:d7:38:3f:b8:13:50:0d:e4:92:d6:e8:84:ab: ee:17:84:a8:d0:7f:6f:79:66:9c:78:a9:26:92:d8: 59:7f:e1:a3:6a:b9:c5:f9:ea:4e:97:58:fe:e1:13: a8:ac:45:4d:c2:f2:d6:00:37:72:17:da:50:18:23: 6d:b7:25:82:44:6d:81:b2:5f:e4:b8:18:f6:58:01: 51:1d:88:0e:44:9d:24:fe:7a:30:30:06:60:33:51: 8e:69:b4:61:7c:81:51:05:d7:b6:7b:b7:76:d9:ce: 92:7e:97:6b:98:8c:ab:59:c0:4e:cf:50:ac:52:a4: b9:f5:03:a9:fe:a7:74:62:98:89:16:65:89:30:17: 8d:d1:9d:54:0e:90:8b:73:dd:09:dd:35:e9:7e:e5: 10:cc:5a:d9:78:be:06:55:67:e7:a3:1a:fa:df:e0: 6e:dc:80:4c:47:4c:d0:41:c3:bf:db:b5:e7:8c:13: 42:06:62:a1:6e:ba:63:b2:f4:9e:90:55:59:ed:af: 43:51:63:d3:f2:18:ce:44:3c:48:bd:91:7f:44:b6: da:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:83:53:6E:A5:8E:FA:55:12:40:24:B5:D6:58:29:00:DB:73:59:22 X509v3 Authority Key Identifier: keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:03:1a:c3:99:fc:8d:d0:42:ff:25:1b:53:cc:a2:4c:a1:0a: e6:4e:10:ee:c3:8b:67:5d:60:36:d1:e4:60:31:3f:c5:3f:5d: 32:b0:ec:d4:39:09:a3:e8:8b:ff:5a:a9:43:0d:69:0b:bb:83: f5:2c:df:3b:0e:5b:14:1c:a8:88:01:cd:38:18:0c:23:6b:7c: ae:b3:5f:7c:0c:5d:18:00:47:f5:51:05:85:65:b8:ea:f9:6d: 8d:35:84:43:07:eb:b1:49:f0:ed:3b:d3:bb:d8:d7:60:47:69: 3b:d5:ed:c0:99:41:f0:61:73:1c:65:d4:f3:35:a4:f0:10:7f: b6:f7:85:ee:6f:87:dc:7b:e3:a4:3a:cf:19:3f:29:27:82:02: 88:b7:f1:11:92:df:d4:ac:8a:3e:eb:c8:85:87:b1:96:a6:20: 8e:60:cc:03:95:aa:b3:a7:b8:2a:37:13:3c:76:7c:53:c9:42: 85:f6:b1:35:b3:fb:98:d3:40:9f:2b:39:e2:3d:df:86:a4:a5: ca:1c:8c:49:a4:9a:81:cb:3e:39:6a:a6:4d:d7:bd:35:fc:3f: 00:47:08:29:3b:52:22:01:14:8a:0f:b1:f6:34:3e:68:d6:71: 73:10:2d:2c:38:25:8a:53:c7:ad:23:2e:04:6c:4c:44:c2:ff: 96:35:ff:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkAMqjWEfePDkQ3pdoOJjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4 ZmRkMzIwHhcNMjYwMjA5MTgwMDM3WhcNMjYwMjEwMTgwMDM3WjAzMTEwLwYDVQQD EyhhMTgzNTM2ZWE1OGVmYTU1MTI0MDI0YjVkNjU4MjkwMGRiNzM1OTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw1GqMiiF7WxSeHpNn6FK1EEAB0+ 37uYJNt+FMwk1Ldo0teyv7p8zX2TAyxDvtc4P7gTUA3kktbohKvuF4So0H9veWac eKkmkthZf+GjarnF+epOl1j+4ROorEVNwvLWADdyF9pQGCNttyWCRG2Bsl/kuBj2 WAFRHYgORJ0k/nowMAZgM1GOabRhfIFRBde2e7d22c6SfpdrmIyrWcBOz1CsUqS5 9QOp/qd0YpiJFmWJMBeN0Z1UDpCLc90J3TXpfuUQzFrZeL4GVWfnoxr63+Bu3IBM R0zQQcO/27XnjBNCBmKhbrpjsvSekFVZ7a9DUWPT8hjORDxIvZF/RLbaEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKGDU26ljvpVEkAktdZYKQDbc1kiMB8GA1UdIwQY MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgMaw5n8 jdBC/yUbU8yiTKEK5k4Q7sOLZ11gNtHkYDE/xT9dMrDs1DkJo+iL/1qpQw1pC7uD 9SzfOw5bFByoiAHNOBgMI2t8rrNffAxdGABH9VEFhWW46vltjTWEQwfrsUnw7TvT u9jXYEdpO9XtwJlB8GFzHGXU8zWk8BB/tveF7m+H3HvjpDrPGT8pJ4ICiLfxEZLf 1KyKPuvIhYexlqYgjmDMA5Wqs6e4KjcTPHZ8U8lChfaxNbP7mNNAnys54j3fhqSl yhyMSaSagcs+OWqmTde9Nfw/AEcIKTtSIgEUig+x9jQ+aNZxcxAtLDglilPHrSMu BGxMRML/ljX/3w== -----END CERTIFICATE-----Generated at Tue Feb 10 00:16:22 2026 by rpki-client