This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft File: tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json) Hash identifier: W3mNDidPn2WMo+N1irO4tV5qcGvQbKk+0io2PGJVH10= Subject key identifier: 64:4E:79:EC:F0:A0:20:04:B0:0E:45:90:16:12:0C:62:2C:F0:26:9E Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 Certificate issuer: /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Certificate serial: 019C4358DB50220CE21123AF694701A83055 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft Manifest number: 0A97 Signing time: Mon 09 Feb 2026 17:00:22 +0000 Manifest this update: Mon 09 Feb 2026 17:00:22 +0000 Manifest next update: Tue 10 Feb 2026 17:00:22 +0000 Files and hashes: 1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: GewV35YLzZAJirVdYRKlJOQNGK3jDLb0+xRUFitK8aE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:58:db:50:22:0c:e2:11:23:af:69:47:01:a8:30:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Validity Not Before: Feb 9 17:00:22 2026 GMT Not After : Feb 10 17:00:22 2026 GMT Subject: CN=644e79ecf0a02004b00e459016120c622cf0269e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1d:44:31:06:72:0a:f2:b9:63:c8:75:0f:2d: c5:c0:62:11:56:72:06:c1:c2:47:89:11:70:06:39: ae:9b:4b:af:66:df:33:3d:46:95:a4:54:1d:53:44: c9:0c:3c:60:21:a1:cf:c4:7d:da:22:26:a7:60:db: c7:3f:bc:75:dc:1a:c7:71:28:49:ac:01:18:b7:3e: 15:cb:7c:2b:4a:67:2a:de:3d:ef:e2:0a:c1:0d:7c: 1c:ef:2f:00:99:cc:40:f2:70:b1:da:d2:17:8e:17: 87:cb:85:7b:11:28:78:76:e1:33:7a:49:1e:23:a5: 77:d6:a5:8b:05:57:c3:c4:bb:6f:58:7d:57:e7:5a: 3d:a4:86:60:77:e0:cd:68:73:31:e8:9a:f5:b6:8f: 1c:12:9d:53:c1:ea:26:01:1e:4c:4b:0b:9c:f0:2a: 42:2b:87:56:95:9f:b1:84:89:11:7c:f1:6f:f4:7c: 1e:1d:6c:34:67:58:83:08:94:90:75:22:90:7d:e4: 4e:f0:67:b4:84:74:68:f8:86:c1:25:47:50:c2:f2: 10:9f:b6:c2:b3:25:eb:82:5e:04:3b:f4:d4:8f:e3: f0:8f:27:e2:09:22:da:ae:5a:c3:7e:a0:61:06:68: e4:09:f7:cb:b3:42:98:d3:33:4e:cd:e3:98:ba:28: 4e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:4E:79:EC:F0:A0:20:04:B0:0E:45:90:16:12:0C:62:2C:F0:26:9E X509v3 Authority Key Identifier: keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:b6:e6:7f:6c:9e:d2:e6:bf:74:eb:6b:cb:13:2b:44:e1:0f: 69:f0:ff:9f:d8:80:84:a4:36:95:34:ea:00:df:44:bc:39:0e: ef:ad:df:ac:1f:32:d0:d4:d2:60:29:55:9c:52:7c:1f:70:d6: 7e:ea:c5:ab:60:85:44:02:b1:53:2f:ee:51:f1:00:86:0a:50: 68:7a:d4:67:98:f8:b1:f7:4e:bd:4e:15:2e:59:35:09:89:4d: e1:b1:a2:90:81:af:df:9d:b9:cb:54:55:89:51:71:88:00:2f: 79:c8:ae:c8:0b:fb:4a:39:93:b5:4e:a4:a2:3b:7c:27:d8:a5: f2:31:14:24:0b:eb:92:d0:5a:22:cb:72:c0:f0:b4:47:b0:eb: 27:d0:a5:f1:2d:8d:58:19:58:c0:1c:1a:e6:dd:98:78:02:6e: f0:7b:d5:2f:2b:57:83:c5:17:8f:0f:79:bd:b9:dd:f2:b6:9f: 7e:04:ef:fa:03:33:f4:f3:14:42:72:3e:47:b1:e1:66:3a:fd: fa:91:e9:80:be:a0:76:9f:71:f9:a3:05:59:23:9a:88:98:9a: 0f:13:4f:0c:68:16:55:ce:d3:77:7d:71:fe:ae:71:08:72:5c: b8:21:1c:50:0d:a3:1e:54:0a:0a:ab:f1:ba:ce:31:f7:bb:33: 7f:06:ca:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDWNtQIgziESOvaUcBqDBVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh YzU3OTEwHhcNMjYwMjA5MTcwMDIyWhcNMjYwMjEwMTcwMDIyWjAzMTEwLwYDVQQD Eyg2NDRlNzllY2YwYTAyMDA0YjAwZTQ1OTAxNjEyMGM2MjJjZjAyNjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB1EMQZyCvK5Y8h1Dy3FwGIRVnIG wcJHiRFwBjmum0uvZt8zPUaVpFQdU0TJDDxgIaHPxH3aIianYNvHP7x13BrHcShJ rAEYtz4Vy3wrSmcq3j3v4grBDXwc7y8AmcxA8nCx2tIXjheHy4V7ESh4duEzekke I6V31qWLBVfDxLtvWH1X51o9pIZgd+DNaHMx6Jr1to8cEp1TweomAR5MSwuc8CpC K4dWlZ+xhIkRfPFv9HweHWw0Z1iDCJSQdSKQfeRO8Ge0hHRo+IbBJUdQwvIQn7bC syXrgl4EO/TUj+PwjyfiCSLarlrDfqBhBmjkCffLs0KY0zNOzeOYuihOBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGROeezwoCAEsA5FkBYSDGIs8CaeMB8GA1UdIwQY MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5 LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdbbmf2ye 0ua/dOtryxMrROEPafD/n9iAhKQ2lTTqAN9EvDkO763frB8y0NTSYClVnFJ8H3DW furFq2CFRAKxUy/uUfEAhgpQaHrUZ5j4sfdOvU4VLlk1CYlN4bGikIGv3525y1RV iVFxiAAveciuyAv7SjmTtU6kojt8J9il8jEUJAvrktBaIstywPC0R7DrJ9Cl8S2N WBlYwBwa5t2YeAJu8HvVLytXg8UXjw95vbnd8raffgTv+gMz9PMUQnI+R7HhZjr9 +pHpgL6gdp9x+aMFWSOaiJiaDxNPDGgWVc7Td31x/q5xCHJcuCEcUA2jHlQKCqvx us4x97szfwbKgQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:48:22 2026 by rpki-client