This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft File: aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json) Hash identifier: uI0R3p+PY0d2W2NQVQclt5Sj2CHPi1DKlLekToSOrIY= Subject key identifier: 94:2C:8C:8A:4E:98:1F:66:35:A0:D1:5E:F9:6C:90:FB:9A:16:DF:B1 Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52 Certificate issuer: /CN=680928a91f8f7e6397e6c65d0e0b66291796d352 Certificate serial: 019C427E250EE2F90DBF045BBB27C177D977 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft Manifest number: 13D3 Signing time: Mon 09 Feb 2026 13:01:26 +0000 Manifest this update: Mon 09 Feb 2026 13:01:26 +0000 Manifest next update: Tue 10 Feb 2026 13:01:26 +0000 Files and hashes: 1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: ayD7yjpVcswpdUwNZBxDc5246oVfTILZWnJs98BALtM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:7e:25:0e:e2:f9:0d:bf:04:5b:bb:27:c1:77:d9:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352 Validity Not Before: Feb 9 13:01:26 2026 GMT Not After : Feb 10 13:01:26 2026 GMT Subject: CN=942c8c8a4e981f6635a0d15ef96c90fb9a16dfb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5a:fc:30:36:87:08:b3:2c:1f:ed:c2:ec:12: 56:37:c1:05:ce:dd:eb:ac:e2:11:81:ad:f5:0d:f4: 0b:5c:00:35:42:0b:0a:e0:eb:34:ee:b7:de:db:33: 01:af:c8:4c:43:9b:56:49:05:a9:47:bd:a2:7c:27: dc:30:ba:83:68:de:4a:14:fa:bb:35:37:b7:3d:71: 9c:9e:08:ae:a1:bf:4f:90:16:6f:71:63:2c:62:a0: 33:a8:50:5c:de:b3:f7:97:31:0c:b5:ea:91:8c:95: f1:d2:04:64:da:a0:d9:39:2e:d3:ba:ea:8d:69:9f: 0b:14:97:fd:d7:33:84:cf:d9:ed:56:88:04:dd:84: 3b:73:ac:29:02:13:ef:98:06:09:6c:31:ba:7f:c5: 40:71:36:6a:dc:66:7b:9f:85:d7:bc:e9:03:35:4e: 4a:6b:d6:36:c7:f6:f6:2f:53:14:fe:2f:78:ae:65: a3:73:ff:1a:e3:fe:81:e0:98:3e:73:df:5e:24:36: 74:96:d2:7d:c4:c0:e4:4f:87:28:b8:10:e1:8f:2a: 76:33:1d:89:56:1f:87:72:2c:6a:cc:9b:c5:21:02: f5:32:8c:f7:77:29:3c:93:40:94:5c:06:e8:ce:4e: 5d:ef:f2:a1:e3:df:a7:07:72:09:21:26:2a:03:51: e9:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:2C:8C:8A:4E:98:1F:66:35:A0:D1:5E:F9:6C:90:FB:9A:16:DF:B1 X509v3 Authority Key Identifier: keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:5d:1e:e1:5c:3e:32:94:cc:9f:4a:70:a1:49:fe:8e:d3:01: 89:32:cc:21:3f:97:10:d2:4c:12:6c:d3:22:1d:0a:e1:87:32: f1:a8:38:4d:a4:a6:94:4c:22:fe:2b:6d:23:aa:54:42:f0:0a: 44:ab:d6:d8:8b:4b:9c:6d:72:3e:7f:c1:6f:81:b4:eb:76:41: 32:8d:42:38:a2:48:71:de:da:98:85:63:7c:b6:e1:4b:57:cc: 61:8e:c9:78:5f:6b:1f:aa:0f:d6:43:71:38:22:42:a9:39:98: 18:88:4b:69:49:79:c1:67:75:02:d2:c6:25:fe:65:f8:d1:d0: f1:94:4c:7c:5e:9e:76:f1:76:b2:c4:0f:37:d0:c9:7d:a6:8b: e1:af:5b:f8:e0:74:a0:2e:b2:12:47:87:70:f7:a1:b3:aa:82: fe:18:2d:41:bd:ea:89:b5:44:d2:e2:94:4e:b0:2d:25:98:e3: 55:21:a1:b6:e8:d3:1e:92:c4:e7:8b:cc:8a:d3:25:84:82:da: bd:53:5f:3b:03:cc:67:18:3b:54:41:7c:02:57:ce:25:f6:7b: 6d:2c:29:b0:15:cd:25:db:ee:0f:e4:96:f4:c3:2b:67:5e:e6: ea:1c:40:0f:24:fb:e0:c8:78:83:38:88:e7:5c:35:8a:9f:93: 16:13:e8:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCfiUO4vkNvwRbuyfBd9l3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5 NmQzNTIwHhcNMjYwMjA5MTMwMTI2WhcNMjYwMjEwMTMwMTI2WjAzMTEwLwYDVQQD Eyg5NDJjOGM4YTRlOTgxZjY2MzVhMGQxNWVmOTZjOTBmYjlhMTZkZmIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVr8MDaHCLMsH+3C7BJWN8EFzt3r rOIRga31DfQLXAA1QgsK4Os07rfe2zMBr8hMQ5tWSQWpR72ifCfcMLqDaN5KFPq7 NTe3PXGcngiuob9PkBZvcWMsYqAzqFBc3rP3lzEMteqRjJXx0gRk2qDZOS7TuuqN aZ8LFJf91zOEz9ntVogE3YQ7c6wpAhPvmAYJbDG6f8VAcTZq3GZ7n4XXvOkDNU5K a9Y2x/b2L1MU/i94rmWjc/8a4/6B4Jg+c99eJDZ0ltJ9xMDkT4couBDhjyp2Mx2J Vh+HcixqzJvFIQL1Moz3dyk8k0CUXAbozk5d7/Kh49+nB3IJISYqA1HpFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJQsjIpOmB9mNaDRXvlskPuaFt+xMB8GA1UdIwQY MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5 LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATV0e4Vw+ MpTMn0pwoUn+jtMBiTLMIT+XENJMEmzTIh0K4Ycy8ag4TaSmlEwi/ittI6pUQvAK RKvW2ItLnG1yPn/Bb4G063ZBMo1COKJIcd7amIVjfLbhS1fMYY7JeF9rH6oP1kNx OCJCqTmYGIhLaUl5wWd1AtLGJf5l+NHQ8ZRMfF6edvF2ssQPN9DJfaaL4a9b+OB0 oC6yEkeHcPehs6qC/hgtQb3qibVE0uKUTrAtJZjjVSGhtujTHpLE54vMitMlhILa vVNfOwPMZxg7VEF8AlfOJfZ7bSwpsBXNJdvuD+SW9MMrZ17m6hxADyT74Mh4gziI 51w1ip+TFhPovg== -----END CERTIFICATE-----Generated at Mon Feb 9 16:54:52 2026 by rpki-client