This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft File: kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json) Hash identifier: 3fNS8qLbCOMnC1s39ZI3/zNS2ZLGZ/Uf3k3r/spSvLU= Subject key identifier: 41:D9:2F:C9:D0:D3:47:E1:D7:77:1C:0C:1A:7A:AF:DE:32:00:4D:EE Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58 Certificate issuer: /CN=907a4d12924b5357e30267afe3c5cc7364241158 Certificate serial: 019C4321FBCDFBC419C6DC5C60627A7645FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft Manifest number: 1225 Signing time: Mon 09 Feb 2026 16:00:26 +0000 Manifest this update: Mon 09 Feb 2026 16:00:26 +0000 Manifest next update: Tue 10 Feb 2026 16:00:26 +0000 Files and hashes: 1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: oPmfjBiAdQ/RDPXXs3RBzB9B9+Xi6nt+QpRWS/mwdJg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:21:fb:cd:fb:c4:19:c6:dc:5c:60:62:7a:76:45:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158 Validity Not Before: Feb 9 16:00:26 2026 GMT Not After : Feb 10 16:00:26 2026 GMT Subject: CN=41d92fc9d0d347e1d7771c0c1a7aafde32004dee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:c1:4b:62:3a:8c:08:18:bc:7f:81:c8:b3:1c: 86:31:db:15:ae:b6:85:66:ce:24:14:2a:bc:12:52: ed:5e:32:f7:2f:8f:ae:3d:45:f3:32:d5:e8:51:e6: a9:c4:a8:93:60:06:56:64:0d:b9:6b:ba:64:f7:65: 0c:5f:e6:1b:a1:07:43:f4:82:c9:76:17:7b:57:19: 1d:aa:f3:dd:dd:7d:4a:55:6a:d8:dc:b4:c6:80:14: 39:6f:34:f6:a3:d2:f1:65:e7:9a:f1:b4:1a:75:03: 07:86:c4:2f:14:05:41:58:6f:02:37:a2:30:fe:f1: ce:6d:a5:a3:27:05:dd:60:be:c5:15:78:2a:eb:00: 2e:2d:5e:98:d4:a2:b2:47:4f:70:f1:c6:cb:aa:48: 69:cc:ba:74:01:69:de:27:0d:86:a3:b0:cc:4d:54: f6:de:e8:e8:b1:fe:e5:30:2f:9a:b5:e2:e1:10:f6: 20:d7:91:bd:48:56:8d:f5:5c:82:ba:ec:78:e4:b6: 60:89:68:90:18:f4:10:32:23:dd:de:7f:9a:88:26: 63:52:13:fc:c2:48:97:33:8e:02:14:d7:e4:90:59: b9:a5:07:4d:f7:93:0d:80:23:e2:c1:0c:27:2b:bd: d6:e7:2c:0d:13:e6:82:4c:b6:dc:e8:06:f9:54:9f: 42:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D9:2F:C9:D0:D3:47:E1:D7:77:1C:0C:1A:7A:AF:DE:32:00:4D:EE X509v3 Authority Key Identifier: keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:2b:f5:e4:e2:04:ca:06:db:42:70:a2:51:c2:2a:2d:3d:9a: 0d:d0:cd:ac:2c:06:da:5e:e2:dc:a5:d0:b9:6f:e8:9c:87:c4: 63:79:dc:82:ff:ce:b5:be:b2:22:b8:9f:99:d7:80:36:a4:47: f6:2c:7d:a9:33:dc:20:cd:57:27:ae:b5:48:4a:40:25:24:63: 9b:64:65:c8:e1:47:43:74:8a:3d:02:be:e5:13:5a:2f:1b:0b: 7a:00:42:2d:ac:be:c0:c7:4f:16:72:76:e5:f9:96:08:0f:c9: 72:b7:c2:ae:b8:70:49:35:45:1f:f6:7a:3a:c4:4a:a9:a5:4d: 4f:26:5b:eb:fb:dc:5e:7e:36:15:78:57:35:41:d6:21:a6:9f: a2:e8:a0:d1:e5:6d:5f:80:69:28:de:65:b1:9f:31:fc:1b:b0: 2e:d7:04:ba:11:60:ce:a0:a3:97:6c:1d:76:99:b3:4a:2f:dc: f2:d8:39:e6:d3:e1:a7:07:93:a8:e3:49:15:62:aa:24:99:49: 0a:89:39:5f:ba:f3:71:5b:80:d2:48:9f:bf:bb:d0:3f:96:a4: 8c:09:9b:83:f1:4f:c3:a0:c1:23:fd:61:86:37:63:b5:d8:bf: 12:7d:4e:a6:f1:e7:a8:36:33:2c:d4:12:24:53:ed:59:bb:14: 20:fd:73:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIfvN+8QZxtxcYGJ6dkX9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy NDExNTgwHhcNMjYwMjA5MTYwMDI2WhcNMjYwMjEwMTYwMDI2WjAzMTEwLwYDVQQD Eyg0MWQ5MmZjOWQwZDM0N2UxZDc3NzFjMGMxYTdhYWZkZTMyMDA0ZGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMFLYjqMCBi8f4HIsxyGMdsVrraF Zs4kFCq8ElLtXjL3L4+uPUXzMtXoUeapxKiTYAZWZA25a7pk92UMX+YboQdD9ILJ dhd7VxkdqvPd3X1KVWrY3LTGgBQ5bzT2o9LxZeea8bQadQMHhsQvFAVBWG8CN6Iw /vHObaWjJwXdYL7FFXgq6wAuLV6Y1KKyR09w8cbLqkhpzLp0AWneJw2Go7DMTVT2 3ujosf7lMC+ateLhEPYg15G9SFaN9VyCuux45LZgiWiQGPQQMiPd3n+aiCZjUhP8 wkiXM44CFNfkkFm5pQdN95MNgCPiwQwnK73W5ywNE+aCTLbc6Ab5VJ9C+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEHZL8nQ00fh13ccDBp6r94yAE3uMB8GA1UdIwQY MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2 LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXiv15OIE ygbbQnCiUcIqLT2aDdDNrCwG2l7i3KXQuW/onIfEY3ncgv/Otb6yIrifmdeANqRH 9ix9qTPcIM1XJ661SEpAJSRjm2RlyOFHQ3SKPQK+5RNaLxsLegBCLay+wMdPFnJ2 5fmWCA/JcrfCrrhwSTVFH/Z6OsRKqaVNTyZb6/vcXn42FXhXNUHWIaafouig0eVt X4BpKN5lsZ8x/BuwLtcEuhFgzqCjl2wddpmzSi/c8tg55tPhpweTqONJFWKqJJlJ Cok5X7rzcVuA0kifv7vQP5akjAmbg/FPw6DBI/1hhjdjtdi/En1OpvHnqDYzLNQS JFPtWbsUIP1zGw== -----END CERTIFICATE-----Generated at Tue Feb 10 00:15:21 2026 by rpki-client