This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft File: zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json) Hash identifier: bEI/q1TKZ3EcA3wfyNKnKB7JUnDWeUKrIbyZ0Q5Hj3w= Subject key identifier: D2:86:1C:21:E2:FB:0F:CA:9C:50:22:93:BA:3B:42:04:AC:98:9A:A9 Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21 Certificate issuer: /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21 Certificate serial: 019C41A24CAE769577480D95400611FC791E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft Manifest number: 180F Signing time: Mon 09 Feb 2026 09:01:21 +0000 Manifest this update: Mon 09 Feb 2026 09:01:21 +0000 Manifest next update: Tue 10 Feb 2026 09:01:21 +0000 Files and hashes: 1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: oKXLCuYKWSrfhdz61DgqlIQ70ENTktSbhlB/svMZvNQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:41:a2:4c:ae:76:95:77:48:0d:95:40:06:11:fc:79:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21 Validity Not Before: Feb 9 09:01:21 2026 GMT Not After : Feb 10 09:01:21 2026 GMT Subject: CN=d2861c21e2fb0fca9c502293ba3b4204ac989aa9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:27:13:44:34:4d:66:8d:76:17:6f:26:f4:8b: d2:13:e7:b4:15:3a:43:04:c8:00:9a:52:03:76:2e: 1f:73:b2:d7:70:fa:de:5b:2e:09:17:14:cf:5f:bc: 16:18:aa:21:1f:64:10:73:46:45:98:ca:6b:cb:8d: 38:bd:c1:ce:1b:8e:e5:6a:22:fd:1e:fa:c3:25:6f: 10:6f:c5:19:4e:05:e2:25:31:8e:17:f7:75:a7:cc: 87:8a:85:1d:62:d4:18:95:a1:bd:40:1a:86:29:44: 5c:4c:bb:4d:a7:52:09:9a:4b:46:dc:aa:3c:a5:84: f5:96:ff:9c:a9:70:5c:da:11:62:09:52:54:12:98: 76:4e:5e:40:ac:24:3e:20:60:93:84:3c:2d:88:d9: 36:69:35:a7:53:2e:a2:80:d6:20:3b:b9:d3:47:c0: e8:b7:3e:22:35:c9:b3:cc:aa:65:a4:4c:76:a0:55: 2e:a4:c3:51:16:60:b4:02:f7:c3:5a:ca:84:a6:6e: 51:41:7c:2c:93:59:b4:a1:eb:7c:05:5e:d5:5a:2e: 29:4d:ed:88:32:aa:98:82:80:c0:5e:e9:fe:f7:6c: 17:a1:a9:46:2b:46:08:9b:05:43:be:e5:51:9b:37: 2f:5c:54:d3:3b:22:0f:73:e6:2b:b7:74:db:70:01: 4d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:86:1C:21:E2:FB:0F:CA:9C:50:22:93:BA:3B:42:04:AC:98:9A:A9 X509v3 Authority Key Identifier: keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:39:41:6a:10:e4:97:a2:5a:63:cb:64:e6:1b:a1:be:55:28: be:90:c8:d7:a6:f4:9e:22:37:ad:ef:44:db:b5:33:28:36:80: 0a:d8:55:b0:66:7d:f7:b9:70:e8:03:d8:53:84:a2:a6:ad:80: 2f:0b:7b:cb:ea:38:ed:72:a6:e8:f3:8e:60:8f:49:7b:d2:b8: 99:51:3a:e8:01:a5:e2:5e:b4:ec:48:a2:2b:dc:3d:01:d0:f1: 0f:49:f7:e4:29:fc:fb:87:46:8b:88:c1:5e:a2:32:35:4c:d7: 73:87:c7:67:26:4a:3f:af:14:ab:ad:6e:8e:e4:22:89:a6:64: d9:f8:4b:09:15:ec:42:2f:a1:80:9e:ea:80:e2:de:51:25:7e: 9e:b7:d9:26:a5:69:10:c0:15:09:87:d3:45:38:d5:9c:a1:d5: 3b:6d:21:bb:54:e8:09:8e:ca:93:1b:c0:92:78:8e:cd:b2:cd: 9d:7e:61:b6:96:14:dc:5e:27:67:04:1c:09:23:2a:49:ab:4e: c3:1c:d1:33:f8:1f:b3:8c:e4:22:eb:4e:c1:42:69:c0:cc:52: 48:02:d1:ae:9b:96:8b:35:32:eb:57:75:60:e4:ab:91:8e:c5: 33:a5:b1:aa:3f:39:63:49:96:2e:e8:58:a9:0a:8c:56:7c:23: e6:cf:d3:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxBokyudpV3SA2VQAYR/HkeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm MTBlMjEwHhcNMjYwMjA5MDkwMTIxWhcNMjYwMjEwMDkwMTIxWjAzMTEwLwYDVQQD EyhkMjg2MWMyMWUyZmIwZmNhOWM1MDIyOTNiYTNiNDIwNGFjOTg5YWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCcTRDRNZo12F28m9IvSE+e0FTpD BMgAmlIDdi4fc7LXcPreWy4JFxTPX7wWGKohH2QQc0ZFmMpry404vcHOG47laiL9 HvrDJW8Qb8UZTgXiJTGOF/d1p8yHioUdYtQYlaG9QBqGKURcTLtNp1IJmktG3Ko8 pYT1lv+cqXBc2hFiCVJUEph2Tl5ArCQ+IGCThDwtiNk2aTWnUy6igNYgO7nTR8Do tz4iNcmzzKplpEx2oFUupMNRFmC0AvfDWsqEpm5RQXwsk1m0oet8BV7VWi4pTe2I MqqYgoDAXun+92wXoalGK0YImwVDvuVRmzcvXFTTOyIPc+Yrt3TbcAFNLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNKGHCHi+w/KnFAik7o7QgSsmJqpMB8GA1UdIwQY MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwzlBahDk l6JaY8tk5huhvlUovpDI16b0niI3re9E27UzKDaACthVsGZ997lw6APYU4Sipq2A Lwt7y+o47XKm6POOYI9Je9K4mVE66AGl4l607EiiK9w9AdDxD0n35Cn8+4dGi4jB XqIyNUzXc4fHZyZKP68Uq61ujuQiiaZk2fhLCRXsQi+hgJ7qgOLeUSV+nrfZJqVp EMAVCYfTRTjVnKHVO20hu1ToCY7KkxvAkniOzbLNnX5htpYU3F4nZwQcCSMqSatO wxzRM/gfs4zkIutOwUJpwMxSSALRrpuWizUy61d1YOSrkY7FM6Wxqj85Y0mWLuhY qQqMVnwj5s/Tdg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:39 2026 by rpki-client