This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft File: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json) Hash identifier: 8ld6wNXr7cMrf/DQwZH5Hc5jxVkFxrP0VN+npFGhPJc= Subject key identifier: F3:96:EF:92:47:B5:30:CA:A6:73:88:52:A0:F4:A1:23:FD:8D:2B:05 Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 Certificate issuer: /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Certificate serial: 019C4322F13893B323BD8F69D9D0DCCB86F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft Manifest number: 0936 Signing time: Mon 09 Feb 2026 16:01:29 +0000 Manifest this update: Mon 09 Feb 2026 16:01:29 +0000 Manifest next update: Tue 10 Feb 2026 16:01:29 +0000 Files and hashes: 1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: n4paAreLi1feo2ZBt5PkTDOWprtLQYTmAsrQVV16bUU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 16:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:f1:38:93:b3:23:bd:8f:69:d9:d0:dc:cb:86:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Validity Not Before: Feb 9 16:01:29 2026 GMT Not After : Feb 10 16:01:29 2026 GMT Subject: CN=f396ef9247b530caa6738852a0f4a123fd8d2b05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:79:02:73:0a:f1:5e:3e:50:e0:9e:56:3c:58: 5e:e8:e6:81:0d:fe:ef:d4:1b:ed:ba:bd:8d:ce:e5: 22:25:87:e1:bd:8e:e1:af:f3:03:49:a2:c6:ca:76: 42:d4:09:3f:91:b7:b9:fe:a9:89:42:e3:a3:a8:ab: fb:8c:6c:de:d5:80:fa:04:a1:5e:3f:9e:55:e6:02: dd:9b:95:27:6e:f5:15:a0:e4:44:a0:9f:40:6e:77: c4:9f:0e:72:be:4d:f2:e1:ac:52:d6:67:d5:39:a3: 15:39:8a:09:61:ee:9c:61:b0:cd:5e:f3:68:51:c6: 67:ef:f7:5b:54:a5:b7:2f:91:cd:48:6c:bd:ed:3f: 2f:15:72:f4:89:10:72:1a:1b:5c:72:84:c3:4a:cf: b6:19:4e:56:1a:b6:2f:52:05:2c:23:14:82:e9:fa: 17:f2:9f:e8:c3:e5:af:61:51:90:47:23:51:d8:89: 5b:ca:55:ee:5f:bc:f4:d6:ca:ce:eb:17:f5:b2:e5: a3:e6:1d:7f:ed:a5:2b:5e:76:68:eb:ba:7d:3d:96: c3:16:1c:3e:a9:b8:f9:82:ba:b0:fa:99:62:6b:fe: 90:da:22:65:28:03:61:57:d5:e3:27:9b:6d:92:31: a0:65:58:5d:00:c8:7e:98:fb:d5:45:b5:6c:ea:a1: 47:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:96:EF:92:47:B5:30:CA:A6:73:88:52:A0:F4:A1:23:FD:8D:2B:05 X509v3 Authority Key Identifier: keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:07:8b:15:96:1e:ed:99:a6:68:c3:69:d1:5f:4c:ee:5b:76: ec:4c:64:95:c9:f9:67:b0:51:92:96:38:42:11:64:02:85:72: 57:27:ba:ba:f2:97:20:b7:88:ce:a6:35:8b:58:7a:b0:de:86: a7:55:f5:5c:ed:02:63:04:dc:b9:c2:85:47:79:73:e4:34:bb: b7:1d:6a:5a:90:41:25:2a:dc:3e:38:c8:3f:f5:51:92:b0:b9: 50:e9:4c:7f:c3:63:40:49:93:79:10:42:cd:a1:52:61:ed:bc: 3c:74:98:76:d5:15:b0:6c:cb:e6:b2:14:db:e3:a5:4c:04:c3: 0d:e4:68:14:b4:1e:9e:34:25:0d:f4:3d:ef:74:bb:08:44:bd: 32:ae:86:1a:bc:74:52:15:83:40:59:4a:d8:05:8a:1a:8e:03: a3:63:0f:85:e8:1e:95:ac:21:04:ac:e8:a5:9e:8d:45:66:de: 45:8b:0a:9c:07:f4:b0:bc:ea:3e:32:d6:5b:e9:ed:eb:65:b2: 77:78:1a:58:0f:1d:88:d1:58:83:ad:97:d7:64:5a:2c:9d:8f: 2f:e4:52:4a:40:13:a4:49:f0:7f:25:98:9b:37:b7:57:d3:59: 91:69:23:f7:86:01:27:de:4b:06:84:28:f2:2c:1d:84:7a:f7: b4:6b:05:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIvE4k7MjvY9p2dDcy4b3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0 OTA3YjMwHhcNMjYwMjA5MTYwMTI5WhcNMjYwMjEwMTYwMTI5WjAzMTEwLwYDVQQD EyhmMzk2ZWY5MjQ3YjUzMGNhYTY3Mzg4NTJhMGY0YTEyM2ZkOGQyYjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43kCcwrxXj5Q4J5WPFhe6OaBDf7v 1Bvtur2NzuUiJYfhvY7hr/MDSaLGynZC1Ak/kbe5/qmJQuOjqKv7jGze1YD6BKFe P55V5gLdm5UnbvUVoOREoJ9AbnfEnw5yvk3y4axS1mfVOaMVOYoJYe6cYbDNXvNo UcZn7/dbVKW3L5HNSGy97T8vFXL0iRByGhtccoTDSs+2GU5WGrYvUgUsIxSC6foX 8p/ow+WvYVGQRyNR2IlbylXuX7z01srO6xf1suWj5h1/7aUrXnZo67p9PZbDFhw+ qbj5grqw+plia/6Q2iJlKANhV9XjJ5ttkjGgZVhdAMh+mPvVRbVs6qFHzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPOW75JHtTDKpnOIUqD0oSP9jSsFMB8GA1UdIwQY MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAeLFZYe 7ZmmaMNp0V9M7lt27Exklcn5Z7BRkpY4QhFkAoVyVye6uvKXILeIzqY1i1h6sN6G p1X1XO0CYwTcucKFR3lz5DS7tx1qWpBBJSrcPjjIP/VRkrC5UOlMf8NjQEmTeRBC zaFSYe28PHSYdtUVsGzL5rIU2+OlTATDDeRoFLQenjQlDfQ973S7CES9Mq6GGrx0 UhWDQFlK2AWKGo4Do2MPhegelawhBKzopZ6NRWbeRYsKnAf0sLzqPjLWW+nt62Wy d3gaWA8diNFYg62X12RaLJ2PL+RSSkATpEnwfyWYmze3V9NZkWkj94YBJ95LBoQo 8iwdhHr3tGsFKA== -----END CERTIFICATE-----Generated at Tue Feb 10 01:41:36 2026 by rpki-client