This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft File: NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft (raw, json) Hash identifier: /bIQtm26fuc3JMg9SYDc8kG8Oj/4eXUnuds3dT+cT28= Subject key identifier: 4B:95:18:0D:DA:4A:56:C3:31:C5:35:49:25:74:5A:74:F3:E4:8E:09 Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77 Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877 Certificate serial: 019C41D901C600BD8BD97821CD8A95FF5FFA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft Manifest number: 1312 Signing time: Mon 09 Feb 2026 10:01:06 +0000 Manifest this update: Mon 09 Feb 2026 10:01:06 +0000 Manifest next update: Tue 10 Feb 2026 10:01:06 +0000 Files and hashes: 1: D3wlgMGE5QwdxwsJ-l6YOVrMLsM.roa (hash: 8VoNb/7A+xDcEz+hMFU7CsCAQw+ePCtKqSmXmX3INLs=) 2: NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl (hash: Br1UvmZnX1hh33W8bU96gnjmczJVyZQgiZsbLOP4VPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:d9:01:c6:00:bd:8b:d9:78:21:cd:8a:95:ff:5f:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35f1a573915153de82890eae1303067fa68b2877 Validity Not Before: Feb 9 10:01:06 2026 GMT Not After : Feb 10 10:01:06 2026 GMT Subject: CN=4b95180dda4a56c331c5354925745a74f3e48e09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:43:1f:31:c4:cb:56:15:a1:b8:b7:f8:97:24: 3a:35:89:7b:ea:1d:cd:37:c8:53:ed:c1:63:b4:96: a8:43:80:a4:cd:07:59:e6:9e:d2:55:e1:ef:21:dd: a7:8c:a2:92:89:2e:01:67:42:8b:1a:1b:05:04:69: 13:ea:df:00:4d:21:31:cb:80:d0:8b:77:92:7d:26: 5e:90:08:14:cc:ea:7e:bb:74:a4:29:d6:4e:50:88: 21:74:70:4b:e0:1e:28:44:c2:03:5c:aa:39:8c:30: 99:a9:5a:88:b4:3a:e1:8c:b5:88:c7:e9:a8:60:fc: 82:fe:39:4c:b8:0e:78:f4:ab:4e:0a:14:1e:90:5c: 19:c4:86:31:06:e4:18:94:6c:f4:43:72:65:e9:12: 64:1c:22:ef:0f:f3:4c:d6:8d:67:f8:08:2d:2f:b8: 73:ab:4c:26:57:94:e2:7d:30:77:54:dc:59:13:9c: ff:29:a4:88:df:68:fb:37:19:ea:ed:f7:27:b7:4f: e2:e6:bf:45:ec:86:01:8d:87:23:4f:df:c0:7c:05: dd:d3:41:7f:9e:52:a6:74:2f:aa:6d:14:e5:4f:06: 9c:4f:00:3d:17:29:e7:c5:95:35:01:c2:8a:c3:b6: ed:72:21:5b:a4:0b:7e:7c:4e:a1:be:cd:ad:b1:a8: b4:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:95:18:0D:DA:4A:56:C3:31:C5:35:49:25:74:5A:74:F3:E4:8E:09 X509v3 Authority Key Identifier: keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:a4:01:d3:4d:f2:3c:bb:0a:54:28:81:34:1c:6b:97:67:d3: b7:ff:a4:8e:78:bc:d2:ac:5d:f3:5d:50:a9:82:04:57:46:14: 55:95:5d:81:ef:a9:9a:14:c4:99:71:75:89:ad:7d:34:bb:51: bd:f4:4d:f8:c5:54:58:b7:5e:b1:43:5d:e0:51:fe:c9:f9:03: c5:e8:0e:aa:e2:d9:0b:5f:51:b5:d3:74:50:b6:10:d6:58:00: 12:6c:32:1c:84:96:6d:35:85:d4:cc:39:ef:ed:e3:42:60:da: 7d:24:52:bb:3b:16:05:20:24:d4:39:23:20:e7:f4:75:02:5d: 58:21:ee:42:04:ea:3a:a5:bd:ab:95:20:eb:11:6b:0e:5c:92: 4b:9f:6d:bc:8b:cf:32:0b:6f:54:96:55:13:cc:31:06:06:19: 16:d6:6f:1b:15:8c:fd:85:7a:2a:dc:c9:26:c2:7d:a9:86:57: d9:9c:de:4a:3d:b2:b5:85:27:67:7c:33:c6:99:27:8a:a4:0e: bb:e0:28:a5:55:64:f1:26:88:27:34:21:15:dc:4b:11:8d:10: f7:f2:85:61:7e:8d:18:b0:db:0d:67:dc:ab:b2:5e:2f:09:46: 6c:c1:1a:0f:cc:bb:d3:c8:22:cc:a1:9f:78:7a:44:67:3b:60: 0c:b1:00:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxB2QHGAL2L2XghzYqV/1/6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4 YjI4NzcwHhcNMjYwMjA5MTAwMTA2WhcNMjYwMjEwMTAwMTA2WjAzMTEwLwYDVQQD Eyg0Yjk1MTgwZGRhNGE1NmMzMzFjNTM1NDkyNTc0NWE3NGYzZTQ4ZTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0MfMcTLVhWhuLf4lyQ6NYl76h3N N8hT7cFjtJaoQ4CkzQdZ5p7SVeHvId2njKKSiS4BZ0KLGhsFBGkT6t8ATSExy4DQ i3eSfSZekAgUzOp+u3SkKdZOUIghdHBL4B4oRMIDXKo5jDCZqVqItDrhjLWIx+mo YPyC/jlMuA549KtOChQekFwZxIYxBuQYlGz0Q3Jl6RJkHCLvD/NM1o1n+AgtL7hz q0wmV5TifTB3VNxZE5z/KaSI32j7Nxnq7fcnt0/i5r9F7IYBjYcjT9/AfAXd00F/ nlKmdC+qbRTlTwacTwA9FynnxZU1AcKKw7btciFbpAt+fE6hvs2tsai0xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEuVGA3aSlbDMcU1SSV0WnTz5I4JMB8GA1UdIwQY MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt MzI5MjExMDI5YTFhLzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqQB003y PLsKVCiBNBxrl2fTt/+kjni80qxd811QqYIEV0YUVZVdge+pmhTEmXF1ia19NLtR vfRN+MVUWLdesUNd4FH+yfkDxegOquLZC19RtdN0ULYQ1lgAEmwyHISWbTWF1Mw5 7+3jQmDafSRSuzsWBSAk1DkjIOf0dQJdWCHuQgTqOqW9q5Ug6xFrDlySS59tvIvP MgtvVJZVE8wxBgYZFtZvGxWM/YV6KtzJJsJ9qYZX2ZzeSj2ytYUnZ3wzxpkniqQO u+AopVVk8SaIJzQhFdxLEY0Q9/KFYX6NGLDbDWfcq7JeLwlGbMEaD8y708gizKGf eHpEZztgDLEA1A== -----END CERTIFICATE-----Generated at Mon Feb 9 20:06:28 2026 by rpki-client