This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft File: 1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft (raw, json) Hash identifier: aY+pQk/azatIU1pH6WwISxnH63VOwhmUrF7uPb+opVg= Subject key identifier: 32:53:5F:A5:A4:77:65:13:10:06:AB:52:2A:E7:C5:18:38:3B:05:EC Authority key identifier: D4:69:86:7D:1D:69:3E:79:A6:A5:EE:90:14:E4:13:F0:39:EB:50:D8 Certificate issuer: /CN=d469867d1d693e79a6a5ee9014e413f039eb50d8 Certificate serial: 019C427D364AAFEFCABFD0E90E6DD97682B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft Manifest number: 1240 Signing time: Mon 09 Feb 2026 13:00:27 +0000 Manifest this update: Mon 09 Feb 2026 13:00:27 +0000 Manifest next update: Tue 10 Feb 2026 13:00:27 +0000 Files and hashes: 1: 1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl (hash: ig54uiOu+dVN1oim+UZOBrT9Hfb6lNzXambsQ9cB6ZU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7d:36:4a:af:ef:ca:bf:d0:e9:0e:6d:d9:76:82:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d469867d1d693e79a6a5ee9014e413f039eb50d8 Validity Not Before: Feb 9 13:00:27 2026 GMT Not After : Feb 10 13:00:27 2026 GMT Subject: CN=32535fa5a47765131006ab522ae7c518383b05ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:17:4a:81:e2:f1:64:e2:43:7f:f6:9d:55:8b: bc:0f:bf:b6:41:88:e2:60:84:36:c0:0a:d5:43:2c: 93:9b:e8:05:2d:03:19:5e:2c:f8:a5:ca:d8:fc:97: 5e:3a:26:39:5b:35:15:89:53:a1:cf:73:c4:bb:6f: 4f:00:7c:7b:04:04:35:c2:b1:81:90:8d:49:94:a7: 69:30:f3:9d:04:41:2f:e6:79:d5:17:da:8f:13:f5: aa:fb:83:a2:3b:01:f0:cf:b3:45:f0:b2:2b:4d:78: 57:32:6e:e5:6f:a7:81:ed:2e:85:74:85:cf:d0:bf: d3:f0:4c:40:12:0c:b9:47:1e:6a:47:4b:23:8a:ea: 51:3d:3c:d6:1d:24:1a:43:3d:ec:6d:05:80:de:90: 15:b4:d5:98:e9:6e:ea:e5:07:0c:6a:8b:d5:61:21: f5:e2:47:74:f5:8a:73:e0:5e:11:e2:c1:cf:10:19: 7f:0b:fd:1e:fe:de:78:37:bc:66:e9:8c:09:ed:16: 72:86:df:83:4b:57:d4:ad:ba:cc:63:6e:cc:eb:26: f2:6e:a1:5a:7c:b4:63:bb:dd:35:c7:b2:bc:2b:42: a5:d9:12:a4:dc:52:8e:2c:1d:67:9b:da:85:94:ba: 9d:33:30:3d:e6:07:57:94:24:79:7f:57:99:b8:b6: 3a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:53:5F:A5:A4:77:65:13:10:06:AB:52:2A:E7:C5:18:38:3B:05:EC X509v3 Authority Key Identifier: keyid:D4:69:86:7D:1D:69:3E:79:A6:A5:EE:90:14:E4:13:F0:39:EB:50:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:19:e9:58:65:c2:de:29:c8:fa:c6:e2:16:60:75:38:fb:ec: a0:90:93:60:3d:43:69:e5:15:38:84:17:f2:4e:41:67:f1:86: 68:22:22:da:30:a2:4f:84:47:17:82:e7:6a:a9:2a:e9:1f:0c: 55:1e:ef:5f:26:a3:a9:07:ee:0c:58:1c:e7:4d:d6:ea:d7:72: a3:d2:80:af:9a:b3:02:9a:08:f6:46:da:d6:01:90:2d:29:0e: 88:d2:d8:8e:20:b0:22:bd:89:e6:47:4d:29:af:45:37:6d:97: 9f:6c:18:56:c2:02:54:0f:a1:ae:a4:b4:c2:8c:9b:0b:6e:04: 2a:04:45:67:cc:8d:fb:ec:92:c9:c0:19:18:56:29:70:44:a8: a7:10:4f:3d:dd:96:1b:e8:38:2f:e0:0a:a3:64:d0:82:c8:7c: 41:3c:e6:47:ee:4b:cc:de:34:90:ef:7d:ee:cf:e0:e5:83:bc: 64:75:fe:6f:9b:4f:50:60:6c:c2:a5:61:3d:f4:90:df:3a:11: 50:fc:1a:19:29:e7:f9:ad:f9:bc:98:b8:1b:6a:b2:b3:f3:62: 9c:26:4a:57:4e:57:07:31:95:1f:46:63:99:b9:5e:ed:68:fb: a2:ce:05:cb:21:42:67:27:fb:d0:6a:c7:04:9a:82:87:ba:f9: 8a:5d:54:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfTZKr+/Kv9DpDm3ZdoK4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0Njk4NjdkMWQ2OTNlNzlhNmE1ZWU5MDE0ZTQxM2YwMzll YjUwZDgwHhcNMjYwMjA5MTMwMDI3WhcNMjYwMjEwMTMwMDI3WjAzMTEwLwYDVQQD EygzMjUzNWZhNWE0Nzc2NTEzMTAwNmFiNTIyYWU3YzUxODM4M2IwNWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBdKgeLxZOJDf/adVYu8D7+2QYji YIQ2wArVQyyTm+gFLQMZXiz4pcrY/JdeOiY5WzUViVOhz3PEu29PAHx7BAQ1wrGB kI1JlKdpMPOdBEEv5nnVF9qPE/Wq+4OiOwHwz7NF8LIrTXhXMm7lb6eB7S6FdIXP 0L/T8ExAEgy5Rx5qR0sjiupRPTzWHSQaQz3sbQWA3pAVtNWY6W7q5QcMaovVYSH1 4kd09Ypz4F4R4sHPEBl/C/0e/t54N7xm6YwJ7RZyht+DS1fUrbrMY27M6ybybqFa fLRju901x7K8K0Kl2RKk3FKOLB1nm9qFlLqdMzA95gdXlCR5f1eZuLY6LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDJTX6Wkd2UTEAarUirnxRg4OwXsMB8GA1UdIwQY MBaAFNRphn0daT55pqXukBTkE/A561DYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iNDg1ZDktZWVkYy00NzA2LWE5ZTYt NDFkZTk3ZGM5YjZjLzEvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9iNDg1ZDktZWVkYy00NzA2LWE5ZTYtNDFkZTk3ZGM5YjZj LzEvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBnpWGXC 3inI+sbiFmB1OPvsoJCTYD1DaeUVOIQX8k5BZ/GGaCIi2jCiT4RHF4Lnaqkq6R8M VR7vXyajqQfuDFgc503W6tdyo9KAr5qzApoI9kba1gGQLSkOiNLYjiCwIr2J5kdN Ka9FN22Xn2wYVsICVA+hrqS0woybC24EKgRFZ8yN++ySycAZGFYpcESopxBPPd2W G+g4L+AKo2TQgsh8QTzmR+5LzN40kO997s/g5YO8ZHX+b5tPUGBswqVhPfSQ3zoR UPwaGSnn+a35vJi4G2qys/NinCZKV05XBzGVH0Zjmble7Wj7os4FyyFCZyf70GrH BJqCh7r5il1UyA== -----END CERTIFICATE-----Generated at Mon Feb 9 19:57:55 2026 by rpki-client