This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft File: NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json) Hash identifier: 0JeFKUfDVNHK794woAoPYpYG6/CXuLXerXWIQrmxje0= Subject key identifier: 13:58:79:D8:A3:85:DC:74:78:07:C9:F3:12:19:A0:89:47:79:23:EC Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74 Certificate issuer: /CN=349c4837d939840d5f6c74aac08366ef4bfe4874 Certificate serial: 019C4133C10591B57CD1FA52511B8A8FF994 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft Manifest number: 03FB Signing time: Mon 09 Feb 2026 07:00:36 +0000 Manifest this update: Mon 09 Feb 2026 07:00:36 +0000 Manifest next update: Tue 10 Feb 2026 07:00:36 +0000 Files and hashes: 1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: vQ6ftfXPLRzrIc/FhLmhKVWKuYUcyqpJpli5QO4r4/s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:33:c1:05:91:b5:7c:d1:fa:52:51:1b:8a:8f:f9:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874 Validity Not Before: Feb 9 07:00:36 2026 GMT Not After : Feb 10 07:00:36 2026 GMT Subject: CN=135879d8a385dc747807c9f31219a089477923ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:a6:62:08:a1:18:05:bf:cd:84:7d:c0:e2:d3: 17:d8:a6:33:47:ad:a5:fd:7d:42:74:ff:7c:30:51: 6f:30:25:57:b3:6b:67:f0:54:ab:cb:58:b4:33:0a: fd:a3:74:19:6e:2f:4d:a1:e4:86:1a:bd:e0:d4:95: 0e:37:01:52:41:48:f5:80:c1:8a:c2:c6:3a:12:c4: 40:8f:26:72:86:01:15:70:9f:77:ef:e2:af:bc:e5: 87:35:e2:4b:e6:3f:16:06:f7:6b:69:6d:ab:9e:40: b0:67:ac:69:76:74:4b:75:4b:af:14:42:a5:6a:2b: d3:29:fa:4a:11:22:42:47:c6:71:2a:9e:e5:71:3e: 4b:4a:7c:fd:c5:8c:cf:22:a8:c4:a5:5c:38:eb:c4: 65:1c:fb:d1:4e:33:f3:d6:56:10:14:33:6b:8b:d9: b4:c9:0f:e9:20:ea:6c:97:74:66:93:43:d2:85:1d: cc:de:72:d8:69:11:b2:32:f1:80:bf:17:1b:e2:9b: 72:12:c4:cd:25:f5:63:31:5d:ed:83:95:08:f8:41: b3:42:57:fe:7d:e9:06:99:da:90:af:a9:4a:57:18: 47:59:e8:64:41:3f:a7:fb:a5:a6:ab:b2:d9:11:e7: 28:f3:99:23:33:cb:50:23:85:46:d7:66:7f:38:a1: 11:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:58:79:D8:A3:85:DC:74:78:07:C9:F3:12:19:A0:89:47:79:23:EC X509v3 Authority Key Identifier: keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:4d:11:7c:3f:f0:f3:c5:47:fc:e4:f0:2c:07:c4:e8:b0:25: c6:68:3e:03:0e:ea:74:5c:e1:6c:5a:3c:62:77:82:da:81:cc: e6:b3:83:86:2e:5c:cc:df:fc:34:bd:bb:1a:0c:f3:b4:58:95: 11:7f:3e:dd:0e:b0:83:fd:90:8e:a0:53:1e:dd:f2:d2:1f:46: 0c:2d:14:4d:3a:dc:71:79:66:ba:e3:88:b9:b9:a9:9c:81:42: 89:b2:29:99:de:8f:0a:21:07:7b:d9:89:60:6e:ce:42:b0:b2: 0d:da:b2:6f:91:76:79:39:59:c8:93:c4:be:64:34:36:0e:5d: 3b:c5:d1:52:75:18:50:28:c8:28:ec:23:02:96:9b:6e:b8:1b: d4:15:ac:67:ee:75:2a:86:e4:d9:7f:39:71:4d:f7:8e:a1:6d: 32:58:20:79:d3:bf:e4:bf:9b:e4:d4:9c:50:b1:31:c0:cb:a8: ee:ab:4f:8f:bb:0b:8b:70:09:bf:34:72:d1:fb:a5:35:d7:41: aa:f6:b9:8b:7a:b1:72:4f:af:83:a7:c6:a8:2b:de:c5:e8:76: ea:12:1a:bd:da:1d:b1:5c:43:ae:1c:88:1a:f1:8d:fe:47:9a: 23:5d:1f:cc:6c:f4:55:5c:39:0e:13:b4:7a:85:da:35:f1:a9: 8a:da:43:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBM8EFkbV80fpSURuKj/mUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm ZTQ4NzQwHhcNMjYwMjA5MDcwMDM2WhcNMjYwMjEwMDcwMDM2WjAzMTEwLwYDVQQD EygxMzU4NzlkOGEzODVkYzc0NzgwN2M5ZjMxMjE5YTA4OTQ3NzkyM2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaZiCKEYBb/NhH3A4tMX2KYzR62l /X1CdP98MFFvMCVXs2tn8FSry1i0Mwr9o3QZbi9NoeSGGr3g1JUONwFSQUj1gMGK wsY6EsRAjyZyhgEVcJ937+KvvOWHNeJL5j8WBvdraW2rnkCwZ6xpdnRLdUuvFEKl aivTKfpKESJCR8ZxKp7lcT5LSnz9xYzPIqjEpVw468RlHPvRTjPz1lYQFDNri9m0 yQ/pIOpsl3Rmk0PShR3M3nLYaRGyMvGAvxcb4ptyEsTNJfVjMV3tg5UI+EGzQlf+ fekGmdqQr6lKVxhHWehkQT+n+6Wmq7LZEeco85kjM8tQI4VG12Z/OKERmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBNYedijhdx0eAfJ8xIZoIlHeSPsMB8GA1UdIwQY MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0 LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhk0RfD/w 88VH/OTwLAfE6LAlxmg+Aw7qdFzhbFo8YneC2oHM5rODhi5czN/8NL27GgzztFiV EX8+3Q6wg/2QjqBTHt3y0h9GDC0UTTrccXlmuuOIubmpnIFCibIpmd6PCiEHe9mJ YG7OQrCyDdqyb5F2eTlZyJPEvmQ0Ng5dO8XRUnUYUCjIKOwjApabbrgb1BWsZ+51 Kobk2X85cU33jqFtMlggedO/5L+b5NScULExwMuo7qtPj7sLi3AJvzRy0fulNddB qva5i3qxck+vg6fGqCvexeh26hIavdodsVxDrhyIGvGN/keaI10fzGz0VVw5DhO0 eoXaNfGpitpDUw== -----END CERTIFICATE-----Generated at Mon Feb 9 16:56:36 2026 by rpki-client