This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft File: TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json) Hash identifier: LK2iQcJF5vxVI59gajpe86yxSAZ0AM0Z6HKlYzY2Qh4= Subject key identifier: 40:93:71:D7:DF:89:92:0E:C5:96:C7:5B:2C:37:4B:3E:5A:03:CA:27 Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 Certificate issuer: /CN=4d8106292a50acafea6817cba1cce677a277e0e1 Certificate serial: 019C424641D98D158446C6FE5407A6F32961 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft Manifest number: 0683 Signing time: Mon 09 Feb 2026 12:00:26 +0000 Manifest this update: Mon 09 Feb 2026 12:00:26 +0000 Manifest next update: Tue 10 Feb 2026 12:00:26 +0000 Files and hashes: 1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: BdsQROzp8III5rde1jgaXazcLJv+qiIOsYobZQvPVI8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:46:41:d9:8d:15:84:46:c6:fe:54:07:a6:f3:29:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1 Validity Not Before: Feb 9 12:00:26 2026 GMT Not After : Feb 10 12:00:26 2026 GMT Subject: CN=409371d7df89920ec596c75b2c374b3e5a03ca27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8b:78:40:4c:d5:c6:37:4f:51:06:d3:e4:d5: 1e:f5:bf:38:14:68:38:c1:02:a1:c9:c0:66:cf:0a: c3:07:79:0a:a6:0a:31:4a:c5:51:54:49:f5:ea:1f: c6:6b:95:70:da:88:60:0a:99:95:83:fb:be:19:11: f5:aa:a5:b1:e0:bb:f8:63:06:d4:cb:93:86:24:32: e9:31:b7:0a:4b:10:69:5a:22:60:7d:87:bd:5f:f7: d9:e2:7d:bd:c4:84:eb:24:48:1d:e9:c5:fa:46:25: a0:1e:81:a2:85:38:7b:14:fe:74:27:e9:42:42:6c: a6:da:8a:20:88:d5:fa:81:f4:b6:34:e1:43:e6:00: 57:8d:0e:99:f4:d2:a4:77:71:f3:b8:24:60:83:09: 86:64:1a:2b:ba:20:a9:52:96:f0:80:62:0e:b6:b9: 0e:d4:94:9d:7b:e6:9d:eb:f8:10:80:86:72:6d:cc: d9:9a:cd:28:3c:5b:f9:3f:4c:ca:45:42:e7:47:8a: 4d:14:86:c6:1d:e9:85:f7:79:61:2d:de:15:34:8a: 77:a9:0c:2f:84:e1:83:6b:8c:b8:92:57:ca:ec:d9: 2b:83:04:75:a1:df:ef:be:15:7a:e5:7b:e9:0c:9f: b9:d3:4c:49:b8:51:96:a1:44:7b:bc:66:a1:f6:05: 97:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:93:71:D7:DF:89:92:0E:C5:96:C7:5B:2C:37:4B:3E:5A:03:CA:27 X509v3 Authority Key Identifier: keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:1e:79:7b:d1:7d:4e:1b:d7:df:af:47:0d:21:71:da:6a:08: 53:f2:6f:ac:1b:a9:63:cb:de:4d:00:52:86:ee:f6:c9:99:35: 4e:72:32:af:f3:98:d6:90:dd:bc:a2:ef:5d:64:87:a9:3b:31: 64:3e:22:bc:56:b2:1e:fb:f3:e6:67:d7:11:1c:e6:36:08:45: 4a:6e:0a:fb:ea:42:1d:73:a1:6e:0c:bd:db:e2:a7:d9:27:82: a5:67:cb:6f:06:86:0b:3e:7e:ed:9e:0c:3d:dc:ac:83:1f:d1: d4:bb:81:30:cb:a6:cf:b8:35:99:ed:4b:69:01:2f:06:82:af: ee:84:62:38:53:91:0d:92:5f:84:64:e2:24:85:54:a5:92:91: f8:5e:ba:ae:7d:38:77:03:43:76:c5:32:83:f1:dc:34:3f:55: a9:62:62:f0:22:78:e5:1b:81:f0:76:03:2b:0f:40:56:c5:22: 14:f9:8d:9b:0c:89:45:ec:a3:f9:ed:06:6e:2f:67:17:84:c2: 68:f9:65:59:87:b4:6d:97:89:fe:b4:1b:10:00:c1:33:70:71: be:d0:62:45:8d:ee:73:ad:fc:d3:9c:89:c0:01:98:00:88:b0: 96:77:73:b2:77:db:c4:29:81:db:c7:13:97:a1:4e:2d:95:84: ba:e3:5f:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCRkHZjRWERsb+VAem8ylhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3 N2UwZTEwHhcNMjYwMjA5MTIwMDI2WhcNMjYwMjEwMTIwMDI2WjAzMTEwLwYDVQQD Eyg0MDkzNzFkN2RmODk5MjBlYzU5NmM3NWIyYzM3NGIzZTVhMDNjYTI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4t4QEzVxjdPUQbT5NUe9b84FGg4 wQKhycBmzwrDB3kKpgoxSsVRVEn16h/Ga5Vw2ohgCpmVg/u+GRH1qqWx4Lv4YwbU y5OGJDLpMbcKSxBpWiJgfYe9X/fZ4n29xITrJEgd6cX6RiWgHoGihTh7FP50J+lC Qmym2oogiNX6gfS2NOFD5gBXjQ6Z9NKkd3HzuCRggwmGZBoruiCpUpbwgGIOtrkO 1JSde+ad6/gQgIZybczZms0oPFv5P0zKRULnR4pNFIbGHemF93lhLd4VNIp3qQwv hOGDa4y4klfK7NkrgwR1od/vvhV65XvpDJ+500xJuFGWoUR7vGah9gWXiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECTcdffiZIOxZbHWyw3Sz5aA8onMB8GA1UdIwQY MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbB55e9F9 ThvX369HDSFx2moIU/JvrBupY8veTQBShu72yZk1TnIyr/OY1pDdvKLvXWSHqTsx ZD4ivFayHvvz5mfXERzmNghFSm4K++pCHXOhbgy92+Kn2SeCpWfLbwaGCz5+7Z4M Pdysgx/R1LuBMMumz7g1me1LaQEvBoKv7oRiOFORDZJfhGTiJIVUpZKR+F66rn04 dwNDdsUyg/HcND9VqWJi8CJ45RuB8HYDKw9AVsUiFPmNmwyJReyj+e0Gbi9nF4TC aPllWYe0bZeJ/rQbEADBM3BxvtBiRY3uc63805yJwAGYAIiwlndzsnfbxCmB28cT l6FOLZWEuuNfEg== -----END CERTIFICATE-----Generated at Mon Feb 9 22:42:28 2026 by rpki-client