This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft File: 2okNBdXIi33m9bqkwdCF_nMB9dU.mft (raw, json) Hash identifier: QkIGYBJGABNKdV+BvUlFY6v7j6sgQ7SmewZPLvGlWOQ= Subject key identifier: B4:55:F5:77:08:F6:FF:D9:41:2A:3F:4A:62:95:09:C9:41:0A:BA:2F Authority key identifier: DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5 Certificate issuer: /CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5 Certificate serial: 019C4390AF2DB995C7F56B8E11CDAE157F00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft Manifest number: 0C68 Signing time: Mon 09 Feb 2026 18:01:21 +0000 Manifest this update: Mon 09 Feb 2026 18:01:21 +0000 Manifest next update: Tue 10 Feb 2026 18:01:21 +0000 Files and hashes: 1: 2okNBdXIi33m9bqkwdCF_nMB9dU.crl (hash: v7JDUDnGPY70Huy3w9sQPLMUnXr59x/8ubVbE6XpFnc=) 2: ZT7cIfopY2icNRG5lkp_GApY3rE.roa (hash: gKGo8E7JgzV3hVuTiWO3MJ9KqBj85ZmcBVlHFpHWLjk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:90:af:2d:b9:95:c7:f5:6b:8e:11:cd:ae:15:7f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5 Validity Not Before: Feb 9 18:01:21 2026 GMT Not After : Feb 10 18:01:21 2026 GMT Subject: CN=b455f57708f6ffd9412a3f4a629509c9410aba2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0e:2c:ae:b4:4a:7b:97:31:51:93:61:9a:8d: e5:57:e7:22:4a:b7:78:0c:25:57:64:3f:4b:82:50: 10:a2:74:2a:ba:52:0e:cc:b4:31:6d:c2:b1:2d:72: 96:38:1e:bf:be:53:aa:6c:bd:9d:09:64:96:07:cc: 85:0f:bb:7e:a9:5b:e5:0d:ed:df:4e:bc:cb:9b:d3: 1e:fb:23:6a:52:9b:0f:4e:d7:4d:ec:e7:25:ae:54: de:13:61:fc:95:0f:1d:64:e5:c8:34:e6:43:06:71: 57:95:1b:28:b8:c5:8c:c3:bf:d4:e7:38:1b:52:67: dc:e8:10:ea:5e:86:1f:5e:77:dd:c9:78:5a:01:58: ef:8a:97:f2:57:98:39:0d:a3:5f:e5:b8:07:4c:91: f2:0e:d1:dd:4e:b9:02:eb:16:88:66:cd:e6:87:88: 92:e3:e8:92:64:63:93:7f:59:1e:41:42:4e:20:8a: a3:12:fa:22:79:f6:e9:12:10:7f:8c:b8:2a:66:e8: 9d:3c:91:2b:9c:42:48:e3:01:98:f8:7a:92:b0:99: 77:67:a1:74:e8:99:21:3b:4d:28:5d:99:ee:7a:32: 51:7a:e5:a0:70:53:65:45:50:f5:d2:f4:03:ba:f7: 40:37:44:f1:3c:84:08:83:a8:4f:06:cf:0b:6d:ea: 29:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:55:F5:77:08:F6:FF:D9:41:2A:3F:4A:62:95:09:C9:41:0A:BA:2F X509v3 Authority Key Identifier: keyid:DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:c7:cb:a7:af:7b:b5:30:6a:d1:71:17:58:8a:78:c4:75:4c: ad:cc:2d:4f:33:dc:82:ff:0c:f2:87:4b:1a:a5:89:0c:a9:ca: 76:cf:c4:9a:97:8b:87:53:04:5e:23:4b:c5:dc:32:7f:d9:d0: 7a:12:e3:87:66:44:59:1e:49:a8:76:c4:98:92:12:b0:bb:2c: 2d:2f:6c:ea:a6:ab:f6:c1:2f:e5:5f:31:90:10:cd:95:06:bd: d1:91:40:ad:4c:8d:63:e1:c0:cd:21:9a:51:f4:a8:84:3d:6f: 9b:36:ca:27:c5:3f:d1:b0:25:ff:4c:2e:cd:22:fe:62:bc:c9: 88:e0:e7:f7:3f:fc:6e:53:56:df:84:29:92:c8:cb:e0:4a:9e: e8:e9:8b:6d:bc:cb:15:8d:62:f7:d6:09:cb:0b:b0:57:e1:60: d4:50:55:68:2b:e9:0f:6a:df:40:3d:b3:25:86:2f:b4:c1:e2: 5a:2c:39:2e:3d:5a:51:92:cf:12:ea:ef:1e:88:b3:66:87:98: 80:13:90:e1:36:a0:26:56:9a:4b:87:69:ed:2e:d1:43:f0:aa: b0:f1:31:85:e9:5c:c4:be:e2:f6:9d:49:a6:c0:44:ac:67:b8: 94:05:f3:ff:07:4f:3f:92:2e:40:3a:e7:7d:62:a8:5f:7a:8f: 12:da:6f:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDkK8tuZXH9WuOEc2uFX8AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhODkwZDA1ZDVjODhiN2RlNmY1YmFhNGMxZDA4NWZlNzMw MWY1ZDUwHhcNMjYwMjA5MTgwMTIxWhcNMjYwMjEwMTgwMTIxWjAzMTEwLwYDVQQD EyhiNDU1ZjU3NzA4ZjZmZmQ5NDEyYTNmNGE2Mjk1MDljOTQxMGFiYTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg4srrRKe5cxUZNhmo3lV+ciSrd4 DCVXZD9LglAQonQqulIOzLQxbcKxLXKWOB6/vlOqbL2dCWSWB8yFD7t+qVvlDe3f TrzLm9Me+yNqUpsPTtdN7OclrlTeE2H8lQ8dZOXINOZDBnFXlRsouMWMw7/U5zgb Umfc6BDqXoYfXnfdyXhaAVjvipfyV5g5DaNf5bgHTJHyDtHdTrkC6xaIZs3mh4iS 4+iSZGOTf1keQUJOIIqjEvoiefbpEhB/jLgqZuidPJErnEJI4wGY+HqSsJl3Z6F0 6JkhO00oXZnuejJReuWgcFNlRVD10vQDuvdAN0TxPIQIg6hPBs8LbeopTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLRV9XcI9v/ZQSo/SmKVCclBCrovMB8GA1UdIwQY MBaAFNqJDQXVyIt95vW6pMHQhf5zAfXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYt YjQ4MzZiYzE2NGExLzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYtYjQ4MzZiYzE2NGEx LzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMfLp697 tTBq0XEXWIp4xHVMrcwtTzPcgv8M8odLGqWJDKnKds/EmpeLh1MEXiNLxdwyf9nQ ehLjh2ZEWR5JqHbEmJISsLssLS9s6qar9sEv5V8xkBDNlQa90ZFArUyNY+HAzSGa UfSohD1vmzbKJ8U/0bAl/0wuzSL+YrzJiODn9z/8blNW34QpksjL4Eqe6OmLbbzL FY1i99YJywuwV+Fg1FBVaCvpD2rfQD2zJYYvtMHiWiw5Lj1aUZLPEurvHoizZoeY gBOQ4TagJlaaS4dp7S7RQ/CqsPExhelcxL7i9p1JpsBErGe4lAXz/wdPP5IuQDrn fWKoX3qPEtpvlg== -----END CERTIFICATE-----Generated at Mon Feb 9 20:55:00 2026 by rpki-client