This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft File: bfHIcky70DS6t6Da3wq0uZ_2b_8.mft (raw, json) Hash identifier: mx1zp3CqjsljzN/eDvIoB06MTrABR5WYa9JVSn5l450= Subject key identifier: 14:9F:F9:9A:F3:AE:08:E6:17:2D:A0:74:7F:10:62:5D:D2:60:6E:1B Authority key identifier: 6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF Certificate issuer: /CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff Certificate serial: 019C1F83EEA2675EE66B4A6608A25C347AB4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft Manifest number: 17FF Signing time: Mon 02 Feb 2026 18:01:05 +0000 Manifest this update: Mon 02 Feb 2026 18:01:05 +0000 Manifest next update: Tue 03 Feb 2026 18:01:05 +0000 Files and hashes: 1: QfIo87XsCuJzTUYuuoqKD3WaLb0.roa (hash: 3OJrGr0r+PmdJst/a4vFJ2BEBu96S/fI6q0nYYtF9LQ=) 2: bfHIcky70DS6t6Da3wq0uZ_2b_8.crl (hash: b75NWB7LkGT8pctmGDTs3A09rF6mXgY6WUvijWjWLnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 15:35:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1f:83:ee:a2:67:5e:e6:6b:4a:66:08:a2:5c:34:7a:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6df1c8724cbbd034bab7a0dadf0ab4b99ff66fff Validity Not Before: Feb 2 18:01:05 2026 GMT Not After : Feb 3 18:01:05 2026 GMT Subject: CN=149ff99af3ae08e6172da0747f10625dd2606e1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:85:1d:e8:42:d8:3f:ff:e9:4d:bc:f4:cc:8b: 58:cb:7f:ee:0f:cd:0b:08:1f:9a:e5:2d:b4:0f:55: 10:22:0d:7f:a1:1a:78:0a:8f:91:ea:5f:cc:85:5b: be:69:4e:d7:a2:5b:08:d8:21:44:6b:5f:91:e6:5a: 6e:62:94:7c:aa:16:b8:34:e6:68:8e:bc:ec:59:fd: 48:26:fa:7a:e7:67:09:29:5b:12:59:94:ec:fd:51: ce:d9:95:06:ce:de:c8:5e:29:05:b6:4e:a4:04:c5: ca:ac:68:cb:84:5d:d8:c2:02:07:52:0c:b4:48:18: c6:ac:49:e3:39:ab:84:64:fa:0d:9d:92:f7:dc:0e: e3:49:aa:de:c5:18:8b:9a:80:ff:2a:f4:f6:e5:e5: 1e:73:f8:49:4f:a6:d6:71:f0:40:9f:e2:05:69:e5: 7a:ac:f5:69:dd:ca:0a:20:a3:5d:a8:c4:66:2e:6f: f4:d8:b5:f9:67:be:29:08:54:cd:4e:df:a8:d8:44: 0e:64:46:04:6a:72:b3:5e:e0:b7:c1:3f:d3:2e:81: 1f:2e:ef:c1:5f:c7:df:d5:71:66:7b:f0:79:16:b7: 6a:98:cf:38:54:e1:b3:5e:51:f5:9e:8b:36:15:77: 2b:fc:ef:c5:66:5c:4c:12:24:5a:fc:d5:62:c3:00: 8a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:9F:F9:9A:F3:AE:08:E6:17:2D:A0:74:7F:10:62:5D:D2:60:6E:1B X509v3 Authority Key Identifier: keyid:6D:F1:C8:72:4C:BB:D0:34:BA:B7:A0:DA:DF:0A:B4:B9:9F:F6:6F:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfHIcky70DS6t6Da3wq0uZ_2b_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e0781f-6e64-46aa-8af0-f924d6f6a595/1/bfHIcky70DS6t6Da3wq0uZ_2b_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:9a:d0:72:c3:70:b1:1a:12:b5:20:46:ca:d4:6c:98:5e:5a: 93:17:b1:0b:21:82:f9:10:c3:6c:b6:a3:3c:80:e7:b8:29:2e: db:33:28:15:0f:78:cb:8c:5a:5c:28:36:33:50:30:11:d8:f8: 5c:cc:96:59:c7:d4:64:ef:19:cf:1c:f4:70:f5:ed:3e:a2:27: 76:f8:40:a0:f7:bb:d5:d9:75:e3:e7:97:35:3c:b3:db:4b:d9: 54:42:98:82:4b:98:c1:6e:30:46:40:e3:45:46:2e:1b:04:01: dc:9e:cc:12:32:ac:47:fa:9a:3f:34:af:34:31:26:9c:cb:9e: ce:1e:1e:b4:40:63:a7:96:cd:66:d4:1a:31:0b:a3:79:7c:64: a1:d4:a8:07:3a:c3:26:47:1d:18:d6:17:63:5d:0a:2a:a0:23: d2:67:b6:4f:f8:28:00:7a:ff:e4:72:44:67:c8:13:52:37:bf: 7a:50:56:1a:c1:e7:d5:0c:fc:62:cf:65:75:7d:d8:59:df:50: c0:ad:50:ce:34:4d:9f:5e:39:a7:aa:bd:16:e0:11:ec:11:0f: e2:88:1b:b1:67:2b:b5:39:4e:1e:ae:88:e1:68:e6:e9:d6:b4: 40:7b:77:48:1d:2a:5e:24:f5:5f:5c:d6:8f:d4:25:32:e0:43: 9a:bc:0c:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZwfg+6iZ17ma0pmCKJcNHq0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZjFjODcyNGNiYmQwMzRiYWI3YTBkYWRmMGFiNGI5OWZm NjZmZmYwHhcNMjYwMjAyMTgwMTA1WhcNMjYwMjAzMTgwMTA1WjAzMTEwLwYDVQQD EygxNDlmZjk5YWYzYWUwOGU2MTcyZGEwNzQ3ZjEwNjI1ZGQyNjA2ZTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoUd6ELYP//pTbz0zItYy3/uD80L CB+a5S20D1UQIg1/oRp4Co+R6l/MhVu+aU7XolsI2CFEa1+R5lpuYpR8qha4NOZo jrzsWf1IJvp652cJKVsSWZTs/VHO2ZUGzt7IXikFtk6kBMXKrGjLhF3YwgIHUgy0 SBjGrEnjOauEZPoNnZL33A7jSarexRiLmoD/KvT25eUec/hJT6bWcfBAn+IFaeV6 rPVp3coKIKNdqMRmLm/02LX5Z74pCFTNTt+o2EQOZEYEanKzXuC3wT/TLoEfLu/B X8ff1XFme/B5FrdqmM84VOGzXlH1nos2FXcr/O/FZlxMEiRa/NViwwCKfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBSf+ZrzrgjmFy2gdH8QYl3SYG4bMB8GA1UdIwQY MBaAFG3xyHJMu9A0ureg2t8KtLmf9m//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAt ZjkyNGQ2ZjZhNTk1LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9lMDc4MWYtNmU2NC00NmFhLThhZjAtZjkyNGQ2ZjZhNTk1 LzEvYmZISWNreTcwRFM2dDZEYTN3cTB1Wl8yYl84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqprQcsNw sRoStSBGytRsmF5akxexCyGC+RDDbLajPIDnuCku2zMoFQ94y4xaXCg2M1AwEdj4 XMyWWcfUZO8Zzxz0cPXtPqIndvhAoPe71dl14+eXNTyz20vZVEKYgkuYwW4wRkDj RUYuGwQB3J7MEjKsR/qaPzSvNDEmnMuezh4etEBjp5bNZtQaMQujeXxkodSoBzrD JkcdGNYXY10KKqAj0me2T/goAHr/5HJEZ8gTUje/elBWGsHn1Qz8Ys9ldX3YWd9Q wK1QzjRNn145p6q9FuAR7BEP4ogbsWcrtTlOHq6I4Wjm6da0QHt3SB0qXiT1X1zW j9QlMuBDmrwMOw== -----END CERTIFICATE-----Generated at Tue Feb 3 01:55:30 2026 by rpki-client