This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft File: JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json) Hash identifier: 51HEQ2d4/bfJj2gQ9v5pg9fVA5UOs0ImBeiDZtn1q9M= Subject key identifier: 24:B4:E0:02:17:F5:7B:A8:D4:BF:12:0B:2C:26:6C:44:80:93:F0:2B Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27 Certificate issuer: /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27 Certificate serial: 019C41D851E5BCFFEC389A84ECC6669911DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft Manifest number: 09AF Signing time: Mon 09 Feb 2026 10:00:21 +0000 Manifest this update: Mon 09 Feb 2026 10:00:21 +0000 Manifest next update: Tue 10 Feb 2026 10:00:21 +0000 Files and hashes: 1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: 8hETT4fT0xQWXiin06+eV+y6QXv6ZDCg0rw4E60/h3k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:d8:51:e5:bc:ff:ec:38:9a:84:ec:c6:66:99:11:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27 Validity Not Before: Feb 9 10:00:21 2026 GMT Not After : Feb 10 10:00:21 2026 GMT Subject: CN=24b4e00217f57ba8d4bf120b2c266c448093f02b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b3:6e:05:9f:31:bc:5f:d3:fa:58:20:7b:cf: 69:4e:32:c5:17:e3:2b:c4:06:37:e3:e7:b1:47:34: b6:11:2b:05:f1:03:f6:a7:02:16:8c:a2:42:f5:7b: 78:3c:dc:12:bf:51:9c:bf:8d:54:c9:9e:f9:d2:13: f9:25:79:cd:6b:d1:06:89:6a:12:27:d1:e1:c4:23: bd:66:28:27:fb:06:33:db:38:53:6d:bc:31:c9:f8: b4:2c:de:c0:b9:f1:4e:98:ec:30:a5:fb:42:84:39: c6:5a:e9:84:19:ca:3b:24:bb:3e:22:b9:4c:88:fd: 77:d5:02:a8:f0:de:30:1b:87:21:11:2c:56:a5:d0: f0:f1:6e:4f:38:d9:06:d6:b1:78:4d:43:87:64:6e: 07:c4:f2:86:fb:b2:ae:b6:62:7c:42:2a:1a:d1:cb: f3:40:8d:29:ec:c0:97:21:e3:40:4e:30:78:1a:60: 61:bc:ab:7d:84:46:88:5f:ed:27:33:d2:34:30:f2: bb:fb:51:25:f9:b1:7a:90:bb:a5:2f:6e:81:eb:7a: 10:52:06:07:3e:78:bc:7d:9d:c4:26:1b:00:0a:39: 9d:0b:ff:c7:b4:0b:41:85:7b:ca:47:e6:5f:86:2a: 94:e7:92:7f:b6:27:0d:85:20:d7:7d:bd:4b:22:eb: 60:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:B4:E0:02:17:F5:7B:A8:D4:BF:12:0B:2C:26:6C:44:80:93:F0:2B X509v3 Authority Key Identifier: keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:91:5b:84:c7:c3:90:b8:82:78:9b:9a:27:75:ed:1f:f9:78: 91:b7:b4:57:34:59:25:0c:e9:7b:3b:a7:9e:5d:6b:50:29:0e: 67:16:33:ee:0c:8d:0a:38:95:62:bc:0b:83:ec:25:5c:92:71: 0d:37:47:51:87:77:7b:d1:f2:de:2b:85:77:e6:7f:d3:b7:ba: 07:d7:f6:48:71:1c:35:6a:0b:ca:89:da:6d:47:b6:f4:79:d6: 05:0e:8c:68:a7:2c:f3:33:c5:e3:f6:87:59:06:60:16:83:fa: 56:21:54:79:31:8a:52:65:92:3c:99:e5:7f:6e:ec:8b:a3:be: d6:82:ab:b4:fa:58:62:57:3e:53:48:cd:b5:28:a1:c9:ae:48: 6e:b1:f4:ad:f8:f5:cd:c8:ef:47:8c:58:76:59:75:28:ae:cd: c0:6f:56:11:70:78:8b:3b:85:0f:9d:b2:ae:50:20:89:76:b9: 65:27:e4:42:6e:cc:c6:08:d4:8d:13:19:34:e9:f3:11:e0:ea: 6e:5b:d6:3d:a3:b3:73:db:2d:7d:8c:b6:b1:dd:20:fe:ec:ec: a5:cd:70:5c:ea:e4:bc:33:8c:1a:d8:fc:67:39:ad:e3:d1:de: 93:c9:32:9c:4d:bf:40:b8:ce:17:71:4b:79:a4:a5:28:d1:96: 73:ad:e9:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxB2FHlvP/sOJqE7MZmmRHeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh N2JkMjcwHhcNMjYwMjA5MTAwMDIxWhcNMjYwMjEwMTAwMDIxWjAzMTEwLwYDVQQD EygyNGI0ZTAwMjE3ZjU3YmE4ZDRiZjEyMGIyYzI2NmM0NDgwOTNmMDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbNuBZ8xvF/T+lgge89pTjLFF+Mr xAY34+exRzS2ESsF8QP2pwIWjKJC9Xt4PNwSv1Gcv41UyZ750hP5JXnNa9EGiWoS J9HhxCO9Zign+wYz2zhTbbwxyfi0LN7AufFOmOwwpftChDnGWumEGco7JLs+IrlM iP131QKo8N4wG4chESxWpdDw8W5PONkG1rF4TUOHZG4HxPKG+7KutmJ8Qioa0cvz QI0p7MCXIeNATjB4GmBhvKt9hEaIX+0nM9I0MPK7+1El+bF6kLulL26B63oQUgYH Pni8fZ3EJhsACjmdC//HtAtBhXvKR+ZfhiqU55J/ticNhSDXfb1LIutguwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCS04AIX9Xuo1L8SCywmbESAk/ArMB8GA1UdIwQY MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5FbhMfD kLiCeJuaJ3XtH/l4kbe0VzRZJQzpezunnl1rUCkOZxYz7gyNCjiVYrwLg+wlXJJx DTdHUYd3e9Hy3iuFd+Z/07e6B9f2SHEcNWoLyonabUe29HnWBQ6MaKcs8zPF4/aH WQZgFoP6ViFUeTGKUmWSPJnlf27si6O+1oKrtPpYYlc+U0jNtSihya5IbrH0rfj1 zcjvR4xYdll1KK7NwG9WEXB4izuFD52yrlAgiXa5ZSfkQm7MxgjUjRMZNOnzEeDq blvWPaOzc9stfYy2sd0g/uzspc1wXOrkvDOMGtj8Zzmt49Hek8kynE2/QLjOF3FL eaSlKNGWc63p9Q== -----END CERTIFICATE-----Generated at Mon Feb 9 19:48:24 2026 by rpki-client