This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json) Hash identifier: GV4RFHULznv2u38upKJyMRDfrTnJQ0uTUfHIyMoXuQ4= Subject key identifier: 6E:2B:3D:AE:BE:CD:90:25:37:80:49:6E:19:B8:5A:FC:AD:B1:06:40 Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Certificate serial: 019C42B40B8350A7A56E8EC5CC1452A76723 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft Manifest number: 1811 Signing time: Mon 09 Feb 2026 14:00:21 +0000 Manifest this update: Mon 09 Feb 2026 14:00:21 +0000 Manifest next update: Tue 10 Feb 2026 14:00:21 +0000 Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: kJkS3sZqyuor2BcFmBCVfImNmg1zTmDyOvKqJcOMJvc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:0b:83:50:a7:a5:6e:8e:c5:cc:14:52:a7:67:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Validity Not Before: Feb 9 14:00:21 2026 GMT Not After : Feb 10 14:00:21 2026 GMT Subject: CN=6e2b3daebecd90253780496e19b85afcadb10640 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:98:b1:3e:3c:0c:eb:8b:30:48:ac:f6:9d:ff: 47:42:1e:58:dd:e0:c7:28:97:8b:4b:88:7c:d4:b0: 78:71:82:56:0e:a6:a1:58:cf:b7:d2:c7:ca:18:0e: 73:17:48:4a:e6:da:ca:55:3b:66:4f:90:85:64:80: 48:07:6f:39:ad:35:52:18:ba:0b:2f:c9:92:45:0c: 1b:ce:09:82:7d:ce:87:ce:77:d4:03:bb:77:c6:17: 8a:53:d6:16:07:54:95:c9:56:41:a8:c1:37:a5:be: ec:25:af:3c:c0:8c:8b:23:b0:78:9b:a5:26:49:09: 4d:93:4a:f7:54:76:ac:17:83:46:c0:41:7c:f4:bc: b9:33:b9:2a:39:b5:5c:c0:f9:21:a9:9b:65:13:22: 03:4e:2b:be:85:62:dd:d1:2d:cf:7e:8e:1f:c4:3d: 1e:9b:6a:d6:34:1b:1d:d7:2e:00:a8:e9:9d:5f:44: d6:d3:db:44:aa:42:2d:02:0a:6f:1a:b5:c5:07:c4: 49:31:cb:81:ac:25:f4:17:41:e3:3f:bd:47:30:0d: 78:b1:cf:dc:66:c8:bb:6d:ad:9b:f4:a0:44:02:59: 77:28:52:88:0d:06:cd:e6:40:3b:77:4d:49:2b:61: 47:be:19:95:6d:b0:d0:e0:82:d1:1a:c3:1c:c1:f1: 64:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:2B:3D:AE:BE:CD:90:25:37:80:49:6E:19:B8:5A:FC:AD:B1:06:40 X509v3 Authority Key Identifier: keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:45:af:42:1d:2a:0f:bd:6d:a0:bf:12:84:dd:6d:aa:b7:f2: 5a:d8:e2:85:de:36:5f:55:af:8b:4c:ad:76:cf:91:e5:83:26: 77:ce:68:11:f3:78:4f:93:95:50:78:9d:cc:79:33:47:3d:3f: b1:fb:82:d9:82:22:c5:aa:1e:2f:41:ff:17:ee:d2:7f:d5:6f: 11:d6:d6:8f:73:50:8e:fb:2b:71:05:3e:20:6d:3c:74:34:f0: ec:d5:07:e6:61:d2:2c:d1:bf:e9:cb:b4:75:8b:73:65:87:eb: 4c:6d:ab:e6:cb:4f:9c:ee:15:7c:0d:8c:30:00:c6:ab:53:c9: c4:6d:5a:cb:a8:56:26:fd:8a:6a:76:b8:86:17:df:72:75:5a: fd:e9:72:9e:82:48:3e:8d:28:b1:e0:91:b1:99:84:cf:b3:62: 37:c6:fc:2a:4e:85:47:51:2c:0e:a5:7f:cf:1c:fc:24:04:0a: 4b:e7:ac:b0:ee:06:4e:77:69:fb:d2:b5:5c:49:8d:4e:73:90: 37:5f:77:b3:9d:97:1c:a4:01:28:82:d1:dc:99:50:a9:16:8e: 11:66:41:e7:21:27:e7:e1:e3:b9:91:8e:9f:cd:41:6e:9b:a0: d9:d6:78:6a:25:bf:fa:c8:a4:0b:a0:50:a7:b2:e6:e7:ee:2b: 8b:c3:a7:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtAuDUKelbo7FzBRSp2cjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj ZTMyZGYwHhcNMjYwMjA5MTQwMDIxWhcNMjYwMjEwMTQwMDIxWjAzMTEwLwYDVQQD Eyg2ZTJiM2RhZWJlY2Q5MDI1Mzc4MDQ5NmUxOWI4NWFmY2FkYjEwNjQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pixPjwM64swSKz2nf9HQh5Y3eDH KJeLS4h81LB4cYJWDqahWM+30sfKGA5zF0hK5trKVTtmT5CFZIBIB285rTVSGLoL L8mSRQwbzgmCfc6HznfUA7t3xheKU9YWB1SVyVZBqME3pb7sJa88wIyLI7B4m6Um SQlNk0r3VHasF4NGwEF89Ly5M7kqObVcwPkhqZtlEyIDTiu+hWLd0S3Pfo4fxD0e m2rWNBsd1y4AqOmdX0TW09tEqkItAgpvGrXFB8RJMcuBrCX0F0HjP71HMA14sc/c Zsi7ba2b9KBEAll3KFKIDQbN5kA7d01JK2FHvhmVbbDQ4ILRGsMcwfFkdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG4rPa6+zZAlN4BJbhm4WvytsQZAMB8GA1UdIwQY MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1EWvQh0q D71toL8ShN1tqrfyWtjihd42X1Wvi0ytds+R5YMmd85oEfN4T5OVUHidzHkzRz0/ sfuC2YIixaoeL0H/F+7Sf9VvEdbWj3NQjvsrcQU+IG08dDTw7NUH5mHSLNG/6cu0 dYtzZYfrTG2r5stPnO4VfA2MMADGq1PJxG1ay6hWJv2Kana4hhffcnVa/elynoJI Po0oseCRsZmEz7NiN8b8Kk6FR1EsDqV/zxz8JAQKS+essO4GTndp+9K1XEmNTnOQ N193s52XHKQBKILR3JlQqRaOEWZB5yEn5+HjuZGOn81Bbpug2dZ4aiW/+sikC6BQ p7Lm5+4ri8On4w== -----END CERTIFICATE-----Generated at Mon Feb 9 17:02:03 2026 by rpki-client