This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json) Hash identifier: gLvil55Sctoj5M+XcfQu3o/s54+qQlsmeT2EzwGkowc= Subject key identifier: 98:1C:F1:74:DC:F6:63:C7:B3:EC:B7:B5:01:C7:87:77:42:A2:B2:71 Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06 Certificate serial: 019C41338D73810580BE64636B25592E5943 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft Manifest number: 10B9 Signing time: Mon 09 Feb 2026 07:00:23 +0000 Manifest this update: Mon 09 Feb 2026 07:00:23 +0000 Manifest next update: Tue 10 Feb 2026 07:00:23 +0000 Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: XAibeLYo72zbJjHWEk4ce2Icw4S1c2SjGjutgAPnlZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:33:8d:73:81:05:80:be:64:63:6b:25:59:2e:59:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287b50125517944274a146bbacd64e691a20fa06 Validity Not Before: Feb 9 07:00:23 2026 GMT Not After : Feb 10 07:00:23 2026 GMT Subject: CN=981cf174dcf663c7b3ecb7b501c7877742a2b271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2d:66:8f:b9:83:80:0f:68:d4:80:7b:af:96: 72:8f:3c:7b:03:a0:4c:61:8e:54:fc:7a:7d:11:cb: 43:9c:23:bf:a7:98:4d:4d:52:5b:7d:e7:7d:9c:f6: 44:04:e7:55:04:70:09:11:2d:70:e0:72:a6:5d:31: d6:62:ac:01:44:a3:02:36:2d:de:61:8f:34:be:ff: c8:39:87:6f:58:6f:19:29:01:90:4a:59:ab:d6:21: 8f:cf:c9:f6:8c:73:b6:9e:ff:74:58:48:ea:61:db: cc:98:16:4a:42:2f:ea:df:f1:21:84:e1:2e:d2:30: 89:3c:04:ba:c3:a3:39:b3:4c:d9:33:cd:c4:d5:c3: 3b:59:d8:f8:71:bc:79:c6:70:87:65:45:0b:5b:46: 8e:cb:9d:e3:c8:ff:a9:12:19:31:6a:a1:18:95:e6: e5:63:0f:8b:d1:43:97:be:d8:9e:8f:7b:c7:67:4d: 5e:a5:95:1c:92:c1:ac:a6:85:58:c2:82:9d:d1:e8: c7:11:09:7a:fc:ae:d2:4a:ba:0b:c1:21:cd:61:94: b9:9c:67:a9:c7:e9:94:7a:ba:fe:28:da:a4:68:d3: 87:02:03:03:08:ec:d2:f0:6c:e5:95:a0:1e:ca:25: 20:6a:ab:35:c5:7e:42:eb:ea:fe:88:a4:cf:66:90: 98:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:1C:F1:74:DC:F6:63:C7:B3:EC:B7:B5:01:C7:87:77:42:A2:B2:71 X509v3 Authority Key Identifier: keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:62:c0:90:67:81:28:cf:56:c2:ec:f7:1f:03:9a:a5:9e:77: 87:0b:1d:76:ae:ca:e2:61:66:4d:5f:31:a9:7f:9e:94:92:41: dc:bc:32:c7:31:67:3f:dd:7d:00:21:2c:26:1d:5e:f7:c3:cd: 99:0b:2e:92:8d:4f:ea:b1:38:4f:c9:cd:ab:f2:7d:0f:88:9d: 09:83:84:f6:f3:25:3c:d1:24:06:28:5e:45:a5:3f:f4:94:1c: 74:29:7f:e2:24:e1:dc:fd:ad:a7:ad:f3:b6:7e:57:b4:26:a6: 8e:64:67:56:b6:71:eb:cb:4c:c8:13:4f:82:3f:70:33:84:b3: 17:a4:39:33:b4:85:66:8c:6a:32:07:d3:da:54:2c:1f:4d:3e: e3:f9:a0:7f:16:f8:db:78:65:be:36:0b:7e:2c:96:ed:eb:e6: b1:cd:59:1c:81:4a:da:51:c9:6c:bb:f9:4e:a3:9f:ef:72:d3: b9:60:21:57:54:4b:2f:0e:eb:03:6a:e9:75:91:d5:9c:62:60: 41:dd:57:3e:8c:98:a7:f4:d0:00:51:86:4b:43:e2:90:ae:03: bb:6c:cf:0a:b6:95:f1:60:25:8c:0a:e0:ab:b8:d9:20:2e:ef: 10:76:6d:a8:b8:34:33:6a:7f:f4:48:9f:02:14:a3:45:5f:8b: b0:55:dc:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBM41zgQWAvmRjayVZLllDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy MGZhMDYwHhcNMjYwMjA5MDcwMDIzWhcNMjYwMjEwMDcwMDIzWjAzMTEwLwYDVQQD Eyg5ODFjZjE3NGRjZjY2M2M3YjNlY2I3YjUwMWM3ODc3NzQyYTJiMjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1mj7mDgA9o1IB7r5Zyjzx7A6BM YY5U/Hp9EctDnCO/p5hNTVJbfed9nPZEBOdVBHAJES1w4HKmXTHWYqwBRKMCNi3e YY80vv/IOYdvWG8ZKQGQSlmr1iGPz8n2jHO2nv90WEjqYdvMmBZKQi/q3/EhhOEu 0jCJPAS6w6M5s0zZM83E1cM7Wdj4cbx5xnCHZUULW0aOy53jyP+pEhkxaqEYlebl Yw+L0UOXvtiej3vHZ01epZUcksGspoVYwoKd0ejHEQl6/K7SSroLwSHNYZS5nGep x+mUerr+KNqkaNOHAgMDCOzS8GzllaAeyiUgaqs1xX5C6+r+iKTPZpCYRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJgc8XTc9mPHs+y3tQHHh3dCorJxMB8GA1UdIwQY MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0 LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW2LAkGeB KM9Wwuz3HwOapZ53hwsddq7K4mFmTV8xqX+elJJB3LwyxzFnP919ACEsJh1e98PN mQsuko1P6rE4T8nNq/J9D4idCYOE9vMlPNEkBiheRaU/9JQcdCl/4iTh3P2tp63z tn5XtCamjmRnVrZx68tMyBNPgj9wM4SzF6Q5M7SFZoxqMgfT2lQsH00+4/mgfxb4 23hlvjYLfiyW7evmsc1ZHIFK2lHJbLv5TqOf73LTuWAhV1RLLw7rA2rpdZHVnGJg Qd1XPoyYp/TQAFGGS0PikK4Du2zPCraV8WAljArgq7jZIC7vEHZtqLg0M2p/9Eif AhSjRV+LsFXcEQ== -----END CERTIFICATE-----Generated at Mon Feb 9 16:56:14 2026 by rpki-client